[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

pgp3 (was Re: MD5?)




Black Unicorn <[email protected]> writes:
> So...
> 
> Is MD5 essentially history?

Unclear.  The collision Dobertin demonstrated does not provide a
practical attack on PGP signatures.  However, people worry that
Dobertin or others will be able to generalise the attack, so caution,
and moving away from MD5 is probably a good idea.

> Aside from MacPGP 2.6.3, is there a pgp version which will support
> anything else?

Zbig (MacPGP author for those who haven't looked at the fatmac pgp
docs - http://128.146.111.31/~fiedorow/PGP/) also distributes an
unofficial SHA1 patch for PGP, which he says has been tested on
various archictectures.  (This is a patch to MIT pgp262 or MIT
pgp263).  However AFAIK fatmac is the only distributed version with
SHA1 sig capability included.

Ordinarily you'd think that there would be a rush to put out a new
version of PGP (Say PGP versions 2.6.4 and 2.6.4i respectively for MIT
and Stale Schaumaker's interational version).

However, I'm not sure of the status of further pgp2.6.x versions.
PGPlib (aka pgp3) is supposed to be being released RSN.  PGP Inc was
formed earlier this year.  Initially PGP Inc made noises about
litigation over ViaCrypts incorporation of commercial key escrow in
some viacrypt versions.  Then PGP Inc bought ViaCrypt and it's parent
company, to regain the distribution rights sold to ViaCrypt.

The people working on pgp3 are doing so as employees of companies, I'm
not sure at what point development switched from freeware to
commercial, but at this point my understanding is that Derek Atkins is
employed by SGI, and Colin Plumb by PGP Inc.  Some time ago when there
was a question about which companies were crypto friendly on the list,
SGI was listed because they were paying Derek to work on pgp3.  One
presumes this arrangement started before PGP Inc incorporated.

Other people at PGP are also working on pgp3 (Hal Finney, who recently
started work at PGP Inc, said that he was in a recent list post).

I believe Phil Zimmermann made an announcement earlier this year
(probably on this list, but perhaps in a USENET group, I forget), that
his lawyers were advising him to discourage other people from using
the `PGP' name.

MIT is distributing pgp2.6.2, and PGPfone also.  MIT seems to be
involved as a distribution site at least.

Also I understand, though there appears to be no available
documentation saying as much, that pgp3.0 will not use RSA, nor IDEA,
nor MD5, using instead El Gamal for public key encryption and
signatures, 3DES (unsure?), and SHA1.

Several people have made pointed comments about the delivery time of
pgp3, about the danger of S/MIME getting ahead before pgp3 is
released.  Several people have opined that there would surely be many
people willing to help.  I suspect however that the offers of help may
be complicated by the commercial nature of pgp3.

Also in conversation I hear rumors that there are companies at the
moment who have access to beta versions of pgp3.  Is this so?  And if
so, might cypherpunks also be considered?

As I understand it pgp3 will be available in source form, and will be
available without charge for academic and personal use.  People who
pay for PGP will get shrink wrap, manuals and use of PGPs tech support
lines.

However, I am not sure what pgp3 includes...  Derek's most recent post
to the list indicated that it had a command line UI, similar to
pgp2.6.x?

Now I agree code takes time to write, specs take time to tidy up, etc.

But we like to know what's going on... approximately.  What will be in
pgp3?  What's it use for encryption El Gamal, SHA1, what about
symmetric cipher, is it 3DES?

Even mentioning that pgp3 will include source code, and be freely
available is something that is not being advertised?  No mention of
pgp3 on www.pgp.com, mit; a web search reveals nothing.

Cypherpunks crave information about pgp3, any information...

Adam
--
print pack"C*",split/\D+/,`echo "16iII*o\U@{$/=$z;[(pop,pop,unpack"H*",<>
)]}\EsMsKsN0[lN*1lK[d2%Sa2/d0<X+d*lMLa^*lN%0]dsXx++lMlN/dsM0<J]dsJxp"|dc`