[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: PGP bastardization (fwd)



Tom Rollins expresses his astonishment:

 > I was shocked to receive an E-mail from Phill Zimmermann.

 > I have pieced together a multiple cipher that consists of the
 > chain IDEA-TRAN-IDEA-TRAN-IDEA. Where IDEA is the same IDEA (128
 > bit key + 64 bit IV) algorithm that pgp uses and TRAN is a byte
 > transposition across the 4K buffer block (each tran uses 32 bit
 > key). Thus giving this multiple cipher a keyspace of 640 bits.

Can you spell O-V-E-R-K-I-L-L?  This might be an interesting
homework exercise but even 128 bits of keyspace is nowhere near
being exhausted by the set of passphrases contemplatable by the
average human.  Bigger is not always better or more useful.

Phil comments as follows:

 > PGP's reputation, and my repuitation (which is tied to
 > PGP), depends of people trusting the quality of encryption
 > algorithms and protocols that I have carefully selected for
 > PGP, using all of my knowledge and experience.  If someone
 > were to put a new encryption algorithm into PGP without my
 > permission, it could serve to tarnish the reputation that
 > PGP has earned over the years.

I have to agree with Phil here.  While the guts of PGP are
extremely useful for building other crypto applications, we
should avoid using the name PGP for anything other than the
products given that name by Phil and his assignees.

Otherwise, PGP's reputation will almost certainly be diluted by
association with large numbers of derivative applications, which
although useful, have not already proven themselves over time in
the same way that PGP has.

A good example of this is the popular disk encryption utility
which uses an MD5 passphrase hash and IDEA/CFB encryption similar
to PGP's conventional encryption mode.  As "Secure Drive", it is
a valuable addition to our privacy arsenal.  Calling it
"PGPDrive", on the other hand, would not have been a good idea.

We do not need a zillion other products with names like PGPPhone,
PGPTerm, PGPmail, and numerous hacked versions of PGP itself
floating around if we are to keep PGP synonymous in the public
mind with a single unambiguous gold standard for privacy and strong 
crypto.  

What Tom has done may or may not be a good idea, but he should call
it something that doesn't have PGP in the name.

TomCrypt perhaps? :)

-- 
     Mike Duvos         $    PGP 2.6 Public Key available     $
     [email protected]     $    via Finger.                      $