[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: PGP questions

>It's probably good to discuss how PGP works here, for educational
>purposes, but I would expect people to get the source code if they
>really are interested.  I can give some pointers here to answers to
>some of the questions people have asked.

Thanks for the answers, Hal.  I have been digging into the original
RSA paper and the PGP 2.0 sources.  By the way, sorry if my response
time is long; I've been traveling for work lately.

I suggested leaving the minimum set of compute-intensive routines
in C and implementing the higher-level stuff in some higher-level language 
("HLL"), possibly interpreted.  Hal pointed out some of the crunching 
jobs other than modmult.  Using an HLL has cons as well as pros to it.

The main advantage (for my purpose here) is that C code has a lot of noise 
that gets in the way of understanding.  This could also be improved by some 
coding style changes--for instance, using some object-oriented stuff (data 
structures that handle more of their own details) and, ahem, fewer #ifdefs...
Another advantage of an HLL is ease of trying out different, er, schemes.

If I used an HLL, I think it would be one that had very C-like syntax.

The main drawback of an HLL is that it's another program that you
have to trust.  Sometimes inner parts of interpreters and compilers are 
hard to write so that they are correct *and seem* correct when you look 
at them.  A couple of things they can do are automatic space allocation, 
garbage collection and "burning" data that's no longer in use ("garbage 

quote me
[email protected] (FutureNerd Steve Witham)