[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Security of PGP if Secret Key Available?

To: [email protected]
Subject: Re: Security of PGP if Secret Key Available?
From: Gary Howland <[email protected]>
Date: Wed, 5 Jun 1996 12:33:21 +0200
Sender: [email protected]

On Jun 3,  2:36, "Robert A. Hayden" wrote:
> However, I got to wondering about the security of PGP assuming somebody
> trying to read my PGPed stuff has my 1024-bit secret key.  ie, if I have
> it on my personal computer, and somebody gets my secret key, how much
> less robust has PGP just become, and what are appropriate and reasonable
> steps to take to protect this weakness?

If the secret key is available then an attacker knows the length
of p & q.  Admittedly this will not usually help matters much,
but I still feel that the lengths of p and q should be encrypted
with the passphrase - perhaps in PGP3.0? (Derek?)

Gary
--
pub  1024/C001D00D 1996/01/22  Gary Howland <[email protected]>
Key fingerprint =  0C FB 60 61 4D 3B 24 7D  1C 89 1D BE 1F EE 09 06

Follow-Ups:
- Re: Security of PGP if Secret Key Available?
  - From: "Mark M." <[email protected]>

Prev by Date: Re: Richard Stallman on RSA, Zimmermann, crypto
Next by Date: URL for NRC Report
Prev by thread: Re: Security of PGP if Secret Key Available?
Next by thread: Re: Security of PGP if Secret Key Available?
Index(es):
- Date
- Thread