[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: (fwd) ViaCrypt PGP ships today

To: [email protected]
Subject: Re: (fwd) ViaCrypt PGP ships today
From: Matthew J Ghio <[email protected]>
Date: Sat, 6 Nov 1993 22:15:42 -0500 (EST)
In-Reply-To: <[email protected]>
References: <[email protected]>

> For some reason it occured to me that were CiaCrypt (oops, slip... sorry)
> to want to provide an unsecure product to the general cryptography
> public, the best way to do it would be to attack the security of the
> secret key password.
> To me, the fact that Phil Z. has vouched for the program is enough
> for the moment.
> If the key password were attacked, output would not be affected.

I don't see how this would be of much help tho.  Putting a weakness in
the secret key password wouldn't help them much since they don't have
your secret key.  Furthermore, they couldn't easily change it without
making it incompatible with previous keys.  If I wanted to subtly weaken
PGP, I'd do it by weakening the randomness of the IDEA cipher key,
making it significantly easier to guess, by choosing a "random" key
based on something known, such as the legnth of the message or the date
it was encrypted, which would provide seemingly random encryption, but
actually make it easy to break if you knew the pattern.  I'm not saying
that anyone did that, but that's where I would start if I wanted to
sabotage it...

References:
- Re: (fwd) ViaCrypt PGP ships today
  - From: Dark <[email protected]>

Prev by Date: Blacknet in WIRED
Next by Date: Re: some newbie DC-net questions
Prev by thread: Re: (fwd) ViaCrypt PGP ships today
Next by thread: Re: (fwd) ViaCrypt PGP ships today
Index(es):
- Date
- Thread