[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Wrap Up: Conference on Law Enforcement and Intelligence



On Sun, 20 Oct 1996, Bill Frantz wrote:

> >"... PGP may not survive as a viable option for private security."
> >
> >For the full quote, see:
> > http://www.nla.gov.au/gii/sess3.html
> 
> (1) If I were faced with an opponent who had a crypto system I couldn't
> break, I would attempt to make him think I could break it so he would stop
> using it.  AKA FUD.
> 
> (2) If I could break his system, I would want him to continue using it.  I
> would have to be very careful about how I used the material so he didn't
> catch on to the break.  There are some wonderful examples of this logic in
> "The Code Breakers".
> 
> (3) The devil is in the details.  I still am not convinced that MacPGP has
> enough sources of entropy for its IDEA key generation.  (But I am not
> convinced that it doesn't either.)  I put integrating Jon Callas's entropy
> manager into MacPGP as a high priority.

Tell me more... I use macpgp.  I just built some new keys tonight, a 2048
bit monster.  PGP wanted 1496 bits of rand info... where is it's entropy
"Hole"

And what is the "Entropy Manager"?

--
Chris Kuethe <[email protected]> LPGV Electronics and Controls

RSA in 3 lines of PERL:
#!/bin/perl -sp0777i<X+d*lMLa^*lN%0]dsXx++lMlN/dsM0<j]dsj
$/=unpack('H*',$_);$_=`echo 16dio\U$k"SK$/SM$n\EsN0p[lN*1
lK[d2%Sa2/d0$^Ixp"|dc`;s/\W//g;$_=pack('H*',/((..)*)$/)