[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Scientology tries to break PGP - and



On Wed, 13 Sep 1995, Andy Brown wrote:

> On Wed, 13 Sep 1995, Henry W. Farkas wrote:
>  
> > If decrypted with the "alternate" or "fake" secret key, the encrypted file
> > is wiped until it reaches a marker; the remainder of the file is
> > displayed.  If you use your "primary" or "real key", the extraneous text
> > is simply stripped.
> 
> Useless I'm afraid.  They have the source code and have disabled your
> "feature" and attached loud alarm bells to it.
> 

I don't see whats wrong with removing any checking done by PGP.
(ie don't keep a checksum or whatever) After all, they can't prove
that you didn't just encrypt a pgp +makerandom file.

Obviously, I would not want to use this "feature" in some cases,
so make adding a checksum be an extra command line option.

The new feature would of course not be backwards compatible, but
there is no way to disable the "feature" and no way to attach
loud alarm bells.

Of course, you are then faced with giving them a key which you know
will decrypt the file to gibberish. Ideally, you would steno the 
encrypted file.

+---- Yih-Chun Hu (finger:[email protected]) ----------------------+
| http://www.cs.washington.edu/homes/yihchun     [email protected] |
| http://weber.u.washington.edu/~yihchun         [email protected]  |
+---- PGP Key Fingerprints (Keys by FINGER or on WWW) ---------------------+
| 1024/E50EC641        B2 A0 DE 9E 36 C0 EB A6  F9 3E D2 DD 2F 27 74 79    |
| 2047/DF0403F9        18 EB 62 C8 7F 06 04 67  42 76 24 E2 99 D1 07 DC    |
+---- Random Thought ------------------------------------------------------+
|I conducted an experiment to test Murphy's Law, but everything went wrong.|
+--------------------------------------------------------------------------+