[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: a hole in PGP
Hello [email protected] (Dr. Frederick B. Cohen)
and [email protected] (Matt Blaze)
and [email protected]
I'm afraid I missed the start of this thread, sorry if I'm repeating...
> The fact is, you seem to support the idea that PGP is secure without a
> reasonable basis, and when pushed a bit harder, agree that it probably
> is not secure.
The problem is that "secure" is not really something that can be proved.
(I'm not sure if that's a theoretical or a practical fact, but it remains.)
For one thing, I'm not even sure the RSA algorithm itself is secure.
(At least I've never heard of a proof; have you?)
As long as I'm using PGP to send letters to grandma, the cost (to me) of
a successful attack is small. I therefore expend little effort to verify
that it is secure.
If/when I start to use it for more serious applications, I will read
the source code. I might even modify it (eg. accord less entropy per
keystroke) if I'm not happy with it.
If circumstances warranted, I could re-implement it from the appropriate
RFC (is it out yet or still draft?). However, in such circumstances,
I very much suspect a one-time-pad would be used.
> This is how professionals deal with these sorts of questions:
> If you do not believe it is secure, you should say why not.
I do not believe that it can be proven secure.
> In my case, I question its security and have given at least one
> example of how it could be insecure.
If you doubt the key-gen routine:
* you are certainly free to make up your own keys any way you like,
* write your own and argue that it's better, and/or
* find a way to break the key-gen routine.
> If you do believe it is secure, you should be able to support
> your contention with more than reference to RFCs, vague
> comments, and claiming that you have read the code and didn't
> catch anything.
Adding to the list:
* I've never heard of anyone catching anything (except the headers on
clearsigned messages problem).
> If you cannot specifically address my question, say so, tell us
> all that the security of PGP is an open question, and either
> leave it open or go after closing it.
The security of anything is an open question.
You shouldn't spend more on proving security than a breach would cost.
Hope I'm making sense...
If you want an answer, please mail to <[email protected]>.
On sweeney, I may delete without reading!
PGP 463A14D5 (but it's at home so it'll take a day or two)