[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Attacks on PGP



At 2:51 AM 8/1/95, Matt Blaze wrote:

>Tim,
>
>My impression (based on reviewing papers for the last few CRYPTOs and
>EUROCRYPTs) is that the reason for the lack of "practical" papers is
>primarily that not very many of them get submitted.  In fact, I think

Right, but it's a kind of vicious circle. What I meant about cryptanalysis
not really be "academic" is that not much status attaches to having broken
a specific message.

>there actually are a fair number of cryptanalysis papers at CRYPTO,
>at least compared with the even smaller number of papers there that
>describe new ciphers.  Anyway, cryptanalysis IS part of the mainstream
>of the academic crypto world these days (consider differential
>cryptanalysis, linear cryptanalysis, etc.)

I guess this is my bias, as I think of the "differential cryptanalysis" as
not really being cryptanalysis :-}. In the sense that it's basic research
unto itself, not the grungy cracking of an actual cipher.

But you're right that the stuff on Wiener's estimates for a DES-cracking
machine, on the differential cryptanalysis work, etc., _does_ make it into
Crypto. Ditto for breaking ciphers (showing them to be flawed). I just
never see papers describing actual attacks on specific systems...maybe
those who do such things are talking?

I guess the bottom line of what I'm saying is that if some person or group
wants to be a "tiger team" to try to find flaws in PGP, to try to break it,
this would be a nifty thing. I doubt anyone on this list disagrees.

--Tim May

..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,
[email protected]   | anonymous networks, digital pseudonyms, zero
408-728-0152           | knowledge, reputations, information markets,
Corralitos, CA         | black markets, collapse of governments.
Higher Power: 2^756839 | Public Key: PGP and MailSafe available.
"National borders are just speed bumps on the information superhighway."