[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: a hole in PGP
> Your assertion that I could find the backdoor by inspecting the
> program is the wrong tactic for secure programs. If you want people to
> believe that a program is secure, you had better come up with good
> reasons that it is secure, and not hide behind "if you can't find any
> holes, it must be secure".
This is where you are very wrong. I am not saying that "if you can't
find any holes it must be secure". What I am saying is that the
source is available, and thousands of people have looked at the
source, and none of them have found any holes in it.
> - to wit: What makes you think PGPs method
> of getting seeds does not lead to a limited key space that is within the
> realm of modern computers to search?
How do you propose that a user's keystrokes can be analyzed? If you
assume that the PC's internal clock speed >> typing speed (which is a
good assumption -- how many keystrokes/second can you type?) then you
have a large amount of randomness that can be gained from timing
keystrokes. Even a good typist will not have an even typestroke!
Have you read RFC 1750? If not, I would recommend you read it before
you consider continuing this thread!
> Why (specifically) do you think the MIT version of PGP has no
> backdoors and is not subject to attacks such as the one outlined in my
> previous posting?
I think it has no backdoors because Jeff Schiller and I (among others)
have looked closely at the random number generator code (he has taken
a much closer look than I) and believe it to be secure. I also know
that I did not put any backdoors into the code (but why would you
believe me, I must be paid by the government to say this, right?)
As to why I believe it is not subject to attack, I ask you again to go
read RFC 1750. PGP follows its recommendations fairly closely. There
is only one place where PGP fails to follow, and that is that PGP does
expose the bucket of random bits, rather than mixing them before
exporting them. However I do not believe that this would affect the
generation of PGP Public Keys.
-derek
PS: In what field is your Doctorate?