[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: PGP 2.confusion (fwd)

This was sent to just me by mistake, and I'm forwarding with permission 
of Jay.

---------- Forwarded message ----------
Date: Fri, 27 May 94 21:26 PDT
From: Jay Prime Positive <[email protected]>
To: [email protected]
Subject: Re: PGP 2.confusion

   Date: Fri, 27 May 1994 23:49:55 -0500 (CDT)
   From: "Robert A. Hayden" <[email protected]>

   Do we (the cypherpunk community) perhaps need to come up with EBP 1.0 
   (Even Better Privacy) that abandons the RSAREF patent problem with some 
   other public-key system that is functionally equial and just as safe?

  EBP would have to provide the two critical functions of PGP --
digital signatures, and key distribution.

  There exist signature standards other than RSA.  Perhaps the USA's
DSS can be exported.  If not, there may well be other systems out
there.  Feel free to implement DSS, or others.

  But the critical problem seems to be encryption.  Or more exactly the
key distribution problem.  How do I and my secret corespondant share a
secret key?  I only know of four kinds of solutions.

  Send the key via a secure channel.  Secure chanels are hard to find,
and as history teaches us, not fully secure.  (Read Kahn for

  Use a trusted key distributer.  Trusted.  Ha.  This is cypherpunks

  Public key cryptography.  The problem is that PKP (or is it RSADSI?)
claims pattent rights to the whole PK ball of wax.  The Diffe Helman
key exchange (oblivious transfer?) pattent will expire the soonest,
and it can be used in the future.

  The really exciting result, IMHO, is from crypto 92 that I mentioned
a while back.  If A and B can hear a source of bits S with some
errors, then they can generate a shared secret which even an eves
dropper with much greater (listening) resources can't discover.  This
is exciting.  Is it pattented?  Does it work on the internet?  I don't

  Unfortunately all of these suffer from various active tapper
attacks.  More unfortuneately, on the internet active tapping isn't
very hard to arrange.  If you can come up with aditional solutions, or
ones more resistant to active tappers, please publish.