[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Source Code NOT available for ViaCrypt PGP
-----BEGIN PRIVACY-ENHANCED MESSAGE-----
Originator-Name: [email protected]
On Aug 25, 5:05pm, Timothy Newsham wrote:
> > But look on the bright side...
> > This will blow David Sternlight out of the water!
> will it?
> the NSA seems to be pretty happy with the way PKP handles things.
> PKP has an arangement with viacrypt not to release source.
> It might be safe, but I wouldnt trust it given the way that
> the NSA pushes commerce to install backdoors in strong encryption.
As long as there is an approved version (ie., non-commercial, made by
the PGP cabal) -- interoperability will prevent any sneaking of back doors
into the message stream. The only place to worry is with key generation,
both IDEA and RSA.
I wouldn't be surprised if they're using the BSAFE object code or something
equivalent. In that case, key generation (random number routines, actually)
might be outside the package. Does anyone here know?
> btw, how did they get around PKP's rule about using the
> interface provided which uses DES ?
If they're using a general purpose, purchased library from RSA (not RSAREF)
then there's no built-in DES limitation.
Meanwhile, I'm looking forward to the commercial version, for my machine
here at work. Until then, I'm limited to RIPEM -- which few others on this
- <<Disclaimer: All opinions expressed are my own, of course.>>
- Carl Ellison [email protected]
- Stratus Computer Inc. M3-2-BKW TEL: (508)460-2783
- 55 Fairbanks Boulevard ; Marlborough MA 01752-1298 FAX: (508)624-7488
-----BEGIN RIPEM PUBLIC KEY-----
User: [email protected]
-----END RIPEM PUBLIC KEY-----
>-- End of excerpt from Timothy Newsham
-----END PRIVACY-ENHANCED MESSAGE-----