[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Validating a program




>Adam Shostack <[email protected]> wrote (regarding PGP's security):
>>	In short, if you're paranoid, feel free to look over the
>>source.  But the fact that most people have never peeked under the
>>hood is not a strike against pgp at all.

Ed replies:
>Maybe you missed my point, or I miss-communicated.  My question is as
>follows:  If PGP and DES are as secure as thought to be, then why is it
>not ruled illegal software, just as they do with silencers, narcotics,
>certain type weapons, etc.....    My opinion is "NOT  A PARANOID VIEW, BUT
>RATHER A REALITY".   I find it impossible that software that could be a
>National Security Threat, being shared by the masses!    I believe
>either people are nieve, or ignorant of the capability of the NSA.    If
>there are "back-doors to the algorithms, you can bet your life you and no
>one else will find out.     The conceivability that encryption on the Net
>is safe, is ludicrous!
>
>Just my thoughts, and not paranoia.
>
>
>Ed

Why does it follow that these must be crackable, or the government would
have outlawed them? Despite recent moves to limit encryption, there are
currently NO domestic (U.S.) restrictions on crypto.  Nothing prohibits
you from using a true One Time Pad, which is mathematically proven to be
unbreakable, now and forever, even against infinite resources.  If this
is not prohibited (and it isn't), doesn't that refute your argument?
You may find it impossible that the masses are allowed to use truly
unbreakable crypto, but it's true -- for the time being, anyway.

Tunny
======================================================================
 James A. Tunnicliffe   | WWWeb: http://www.inference.com/~tunny
 Inference Corporation  | PGP Fingerprint:   CA 23 E2 F3 AC 2D 0C 77
 [email protected]    |                    36 07 D9 33 3D 32 53 9C
======================================================================