Xref: math.fu-berlin.de sci.crypt:19666 alt.privacy:12119 alt.security.pgp:9051
Newsgroups: sci.crypt,alt.privacy,alt.security.pgp
Path: math.fu-berlin.de!zib-berlin.de!netmbx.de!Germany.EU.net!EU.net!howland.reston.ans.net!pipex!uknet!comlab.ox.ac.uk!pcl
From: pcl@foo.oucs.ox.ac.uk (Paul C Leyland)
Subject: Announcing pgptalk
Message-ID: <PCL.94Feb12140955@foo.oucs.ox.ac.uk>
Date: 12 Feb 1994 14:09:55 GMT
Lines: 30


Ok, time to let this out, now that it's been discovered 8-)

Last year, Miron Cuperman, Stefan Neuhaus and myself did some work on
a version of ytalk with encrypted traffic between the talkers.  Miron
did most of the hard work; Stefan and I tested and debugged.  We were
just about to release it when ytalk 3.0 came out.  Since then, no-one
has found the week or so to update the version we had built on the
previous version.

Anyway, if you use anon-ftp to download the file

	black.ox.ac.uk: /src/security/pgptalk.2.0.tar.Z

you might find something of interest.

The program will work in cleartext mode (i.e. native ytalk),
shared-secret mode (all parties must type the same password) or
public-key mode (all parties must be running pgp with accessible key
rings), in which case a random IDEA session key is generated and
swapped by Diffie-Hellman.


Paul
--
Paul Leyland <pcl@black.ox.ac.uk>        | Hanging on in quiet desperation is
Oxford University Computing Services     |     the English way.
13 Banbury Road, Oxford, OX2 6NN, UK     | The time is gone, the song is over.
Tel: +44-865-273200  Fax: +44-865-273275 | Thought I'd something more to say.
Finger pcl@black.ox.ac.uk for PGP key    |

Newsgroups: sci.crypt
Path: math.fu-berlin.de!MathWorks.Com!europa.eng.gtefsd.com!howland.reston.ans.net!pipex!uunet!world!Eaco
From: Eaco@world.std.com (Eaco + Associates)
Subject: PGP Legal?
Message-ID: <CL4CyE.7MB@world.std.com>
Summary: What is the legal status of pgp?  Is it legal to own, use?
Keywords: pgp pretty good privacy cypt nsa
Organization: Eaco & Associates, Accord, Mass.
Date: Sat, 12 Feb 1994 16:11:01 GMT
Lines: 10

	I'm new to this newsgroup, and would like to know what the legal 
status of PGP is.  Is it legal to use?... own?

	I saw the writeup in CompuServe's magazine this summer, but they 
pulled their copy off the system... what's the story?

	Thanks,
--
				Regards,
				>>Dick<<

Newsgroups: sci.crypt
Path: math.fu-berlin.de!MathWorks.Com!europa.eng.gtefsd.com!library.ucla.edu!csulb.edu!csus.edu!netcom.com!strnlght
From: strnlght@netcom.com (David Sternlight)
Subject: Re: PGP Legal?
Message-ID: <strnlghtCL4v5E.I55@netcom.com>
Keywords: pgp pretty good privacy cypt nsa
Reply-To: david@sternlight.com (David Sternlight)
Organization: DSI/USCRPAC
References: <CL4CyE.7MB@world.std.com>
Date: Sat, 12 Feb 1994 22:44:02 GMT
Lines: 26

In article <CL4CyE.7MB@world.std.com>,
Eaco + Associates <Eaco@world.std.com> wrote:
>	I'm new to this newsgroup, and would like to know what the legal 
>status of PGP is.  Is it legal to use?... own?

In the U.S., there is a commercial version called ViaCrypt PGP, which so far
is only available in a DOS version. As far as anyone knows that's legal for
ownership and use in the U.S. but not for export without a Government export
license (not to be confused with a patent license from the patent holders).

Other versions of PGP are asserted to be an infringement of the patents of
MIT and Stanford held by Public Key Partners, in the U.S. They are also
illegal to export without an export license. The company making ViaCrypt PGP
has got a license from the patent holders but not an export license from the
government.

Outside the U.S. the PKP patents aren't valid (unless the new GATT agreement
changes this), and thus they are legal where national law permits them.
However, there is apparently a federal Grand Jury investigation about just
how they got outside the U.S. and whether there were any violations of U.S.
law here as part of that. This might affect some inside the U.S.

-- 
David Sternlight       If you want to get somewhere, it's easier to move
	                your sail than to try to change the wind.


Newsgroups: sci.crypt
Path: math.fu-berlin.de!MathWorks.Com!europa.eng.gtefsd.com!library.ucla.edu!csulb.edu!csus.edu!netcom.com!grady
From: grady@netcom.com (Grady Ward)
Subject: Re: PGP Legal?
Message-ID: <gradyCL539E.7DK@netcom.com>
Organization: Moby lexical databases
X-Newsreader: TIN [version 1.2 PL1]
References: <CL4CyE.7MB@world.std.com> <strnlghtCL4v5E.I55@netcom.com>
Date: Sun, 13 Feb 1994 01:39:14 GMT
Lines: 14

I have been advised by two patent attorneys that it is perfectly
valid and legal to obtain, give away, and study the PGP source code.

Fetch it from nic.funet.fi and a host of other sites.

Crypto political issues ought to go to talk.politics.crypto,
crypto technical and application issues go here; flames about
Sternlight disinformation go to alt.fan.david-sternlight.

-- 
Grady Ward       | compiler of Moby lexicons:        | finger grady@netcom.com
+1 707 826 7715  | Words, Hyphenator, Part-of-Speech |    for more information
(voice/24hr FAX) | Pronunciator, Thesaurus           | 15 E2 AD D3 D1 C6 F3 FC
grady@netcom.com | and Language; all royalty-free    | 58 AC F7 3D 4F 01 1E 2F

Path: math.fu-berlin.de!news.th-darmstadt.de!fauern!xlink.net!howland.reston.ans.net!cs.utexas.edu!swrinde!dptspd!ephsa!jburrell
From: jburrell@ephsa.sat.tx.us (Jason Burrell)
Newsgroups: sci.crypt
Subject: Re: PGP Legal?
Keywords: pgp pretty good privacy cypt nsa
Message-ID: <FiZNHc2w165w@ephsa.sat.tx.us>
Date: 13 Feb 94 02:31:02 GMT
References: <CL4CyE.7MB@world.std.com>
Sender: news@ephsa.sat.tx.us
Distribution: na
Organization: Rivercity Matrix  --  San Antonio, Texas
Lines: 32

Eaco@world.std.com (Eaco + Associates) writes:

> 
> 	I'm new to this newsgroup, and would like to know what the legal 
> status of PGP is.  Is it legal to use?... own?
> 
> 	I saw the writeup in CompuServe's magazine this summer, but they 
> pulled their copy off the system... what's the story?
> 
> 	Thanks,

Its legal to use and own. Its NOT legal to transport it from the United 
States of America to a country outside the US border. In other words, do 
not export it from the U.S. 

RSA and PKP have a patent on the RSA algorithm, which is the public key 
cryptosystem used in PGP. IDEA is patented by an organization in Europe, 
I believe. RSA and PKP has virtually scared most US sites from carrying 
the cryptography software that uses their "patented algorithm." 

Another reason most US sites do not carry PGP/Secure Drive/et cetera 
is because of the export restrictions. When Phil originally wrote PGP, he 
placed it on a New Mexico site. Not long after, it was FTP'ed from a site 
out of the US. Result: It spread worldwide and the government tried to 
get Phil. 

Moral: You'll be better off *NOT* exporting it from the US (I know you 
didn't bring that up), and you'll be better off grabbing it from 
nic.funet.fi or equivelent.


 

Newsgroups: sci.crypt
Path: math.fu-berlin.de!MathWorks.Com!europa.eng.gtefsd.com!howland.reston.ans.net!pipex!uknet!comlab.ox.ac.uk!pcl
From: pcl@foo.oucs.ox.ac.uk (Paul C Leyland)
Subject: Re: PGP Legal?
Message-ID: <PCL.94Feb14110832@foo.oucs.ox.ac.uk>
In-reply-to: grady@netcom.com's message of Sun, 13 Feb 1994 01:39:14 GMT
References: <CL4CyE.7MB@world.std.com> <strnlghtCL4v5E.I55@netcom.com>
	<gradyCL539E.7DK@netcom.com>
Date: 14 Feb 1994 11:08:32 GMT
Lines: 32

In article <gradyCL539E.7DK@netcom.com> grady@netcom.com (Grady Ward) writes:

   Crypto political issues ought to go to talk.politics.crypto,
   crypto technical and application issues go here; flames about
   Sternlight disinformation go to alt.fan.david-sternlight.

The post by David Sternlight to which you are responding is a model of
an informative article and dispassionate description of a subject
which raises fervent discussion.

While your comments about flames is, IMO, accurate and helpful, it might be
regarded as provocative in this particular thread.


With regard to the situation in the UK, so far as I am aware there are
no problems with posessing or using PGP.  The PKP patents are not
valid in this country, and a valid licence has been obtained for the
use of IDEA.  I believe that PRZ's restrictions he places on
commercial re-distribution are upholdable under British copyright
legislation.


Disclaimer:  I am not an expert in British law.

Paul

--
Paul Leyland <pcl@black.ox.ac.uk>        | Hanging on in quiet desperation is
Oxford University Computing Services     |     the English way.
13 Banbury Road, Oxford, OX2 6NN, UK     | The time is gone, the song is over.
Tel: +44-865-273200  Fax: +44-865-273275 | Thought I'd something more to say.
Finger pcl@black.ox.ac.uk for PGP key    |

Newsgroups: sci.crypt
Path: math.fu-berlin.de!MathWorks.Com!europa.eng.gtefsd.com!howland.reston.ans.net!vixen.cso.uiuc.edu!usenet.ucs.indiana.edu!venus.iucf.indiana.edu!graham
From: graham@venus.iucf.indiana.edu (JIM GRAHAM)
Subject: PGP backdoor?
Message-ID: <CLAsC5.Myq@usenet.ucs.indiana.edu>
News-Software: VAX/VMS VNEWS 1.3-4   
Sender: news@usenet.ucs.indiana.edu (USENET News System)
Nntp-Posting-Host: venus.iucf.indiana.edu
Reply-To: graham@venus.iucf.indiana.edu
Organization: Indiana University Cyclotron Facility, Bloomington, Indiana
Distribution:  world
Date: Wed, 16 Feb 1994 03:27:34 GMT
Lines: 20

I apologize for what I'm sure has already been a thread, but I missed it.

My simple question is: Is there any truth to the rumor that later versions
of PGP were corrupted with a "backdoor"?

Thanks,
Jim Graham 

--

"No free man shall ever be de-barred the use of arms.  The strongest
reason for the people to retain their right to keep and bear arms is
as a last resort to protect themselves against tyranny in government."
-Thomas Jefferson

Note to the signature-impaired:  This is not an NRA endorsement.

Jim Graham
graham@venus.iucf.indiana.edu


Path: math.fu-berlin.de!zrz.TU-Berlin.DE!netmbx.de!Germany.EU.net!EU.net!uknet!pipex!mantis!mantis!not-for-mail
From: mathew@mantis.co.uk (Snakes of Medusa)
Newsgroups: sci.crypt
Subject: Re: PGP backdoor?
Date: 16 Feb 1994 12:56:07 -0000
Organization: Mantis Consultants Ltd, Cambridge. UK.
Lines: 14
Message-ID: <2jt557$d8b@news.mantis.co.uk>
References: <CLAsC5.Myq@usenet.ucs.indiana.edu>
NNTP-Posting-Host: sunforest.mantis.co.uk
Mime-Version: 1.0
Content-Type: text/plain; charset=iso-8859-1
Content-Transfer-Encoding: 8bit

In article <CLAsC5.Myq@usenet.ucs.indiana.edu>,
JIM GRAHAM <graham@venus.iucf.indiana.edu> wrote:
>My simple question is: Is there any truth to the rumor that later versions
>of PGP were corrupted with a "backdoor"?

My simple answer is: No.


mathew
-- 
I have a flawless philosophical and scientific model of reality.
Unfortunately, it's actual size.  We must never be dogmatic.  Anyone
who says otherwise is wrong.  Will betray country for food.  Annoy the 
censors -- mention Paul Bernardo and Karla Homolka in your .signature.

Path: math.fu-berlin.de!MathWorks.Com!europa.eng.gtefsd.com!howland.reston.ans.net!cs.utexas.edu!rutgers!utcsri!newsflash.concordia.ca!canopus.cc.umanitoba.ca!russelg
From: russelg@cc.umanitoba.ca (Gareth Russell)
Newsgroups: sci.crypt
Subject: Re: PGP backdoor?
Message-ID: <2juc79$aj2@canopus.cc.umanitoba.ca>
Date: 17 Feb 94 00:02:49 GMT
References: <CLAsC5.Myq@usenet.ucs.indiana.edu> <2jt557$d8b@news.mantis.co.uk>
Organization: University of Manitoba, Winnipeg, Manitoba, Canada
Lines: 26
NNTP-Posting-Host: antares.cc.umanitoba.ca

In article <2jt557$d8b@news.mantis.co.uk> mathew@mantis.co.uk (Snakes of Medusa) writes:
>In article <CLAsC5.Myq@usenet.ucs.indiana.edu>,
>JIM GRAHAM <graham@venus.iucf.indiana.edu> wrote:
>>My simple question is: Is there any truth to the rumor that later versions
>>of PGP were corrupted with a "backdoor"?
>
>My simple answer is: No.

The longer answer is, if you're not convinced, get the source code
and compile it yourself.  Then you can see for yourself, if you know
how to read source code.

Another answer is, get a version that is accompanied by a PGP
signature of a reliable organization.  For example, ftp.funet.fi
distributes a signature file along with the software.  That means
they stand behind it.

In the end, consider this.  Do you really think Zimmermann would
write in a trap door, no matter who may have threatened him,  when
everyone gets to see the source code?

Gary
-- 
Gary Russell
University of Winnipeg Faculty Association:    russelg@uwpg02.uwinnipeg.ca
University of Manitoba Graduate Studies:       russelg@cc.umanitoba.ca

Newsgroups: sci.crypt
Path: math.fu-berlin.de!MathWorks.Com!europa.eng.gtefsd.com!library.ucla.edu!csulb.edu!csus.edu!netcom.com!grady
From: grady@netcom.com (Grady Ward)
Subject: Re: PGP backdoor?
Message-ID: <gradyCLDLvM.2DH@netcom.com>
Organization: Moby lexical databases
X-Newsreader: TIN [version 1.2 PL1]
References: <CLAsC5.Myq@usenet.ucs.indiana.edu>
Date: Thu, 17 Feb 1994 16:02:10 GMT
Lines: 19

JIM GRAHAM (graham@venus.iucf.indiana.edu) wrote:
: I apologize for what I'm sure has already been a thread, but I missed it.

: My simple question is: Is there any truth to the rumor that later versions
: of PGP were corrupted with a "backdoor"?


No. PGP up to version 2.3a is available in source, so you can
look at it and compile it yourself if you desire.

Answers to specific PGP questions are freely available at the
alt.security.pgp newsgroup. A general and platform specific PGP
faqs are fetchable.

-- 
Grady Ward       | compiler of Moby lexicons:        | finger grady@netcom.com
+1 707 826 7715  | Words, Hyphenator, Part-of-Speech |    for more information
(voice/24hr FAX) | Pronunciator, Thesaurus           | 15 E2 AD D3 D1 C6 F3 FC
grady@netcom.com | and Language; all royalty-free    | 58 AC F7 3D 4F 01 1E 2F

Newsgroups: sci.crypt
Path: math.fu-berlin.de!MathWorks.Com!europa.eng.gtefsd.com!howland.reston.ans.net!vixen.cso.uiuc.edu!uchinews!ncar!csn!teal!mpj
From: mpj@teal.csn.org (Michael Johnson)
Subject: Re: PGP backdoor?
Message-ID: <mpj.761769708@teal>
Sender: news@csn.org (The Daily Planet)
Nntp-Posting-Host: teal.csn.org
Organization: Colorado SuperNet, Inc.
References: <CLAsC5.Myq@usenet.ucs.indiana.edu> <2jt557$d8b@news.mantis.co.uk> <2juc79$aj2@canopus.cc.umanitoba.ca>
Date: Sun, 20 Feb 1994 18:41:48 GMT
Lines: 25

russelg@cc.umanitoba.ca (Gareth Russell) writes:

>>>My simple question is: Is there any truth to the rumor that later versions
>>>of PGP were corrupted with a "backdoor"?

>In the end, consider this.  Do you really think Zimmermann would
>write in a trap door, no matter who may have threatened him,  when
>everyone gets to see the source code?

I know Philip Zimmermann personally, and can vouch for the fact that he
believes that putting back doors in encryption systems is immoral.  It
would also weaken the system against attacks by criminals, enemy spys,
etc.  No way could you convince him to put a back door in.  Besides, I've
examined the source code and believe that I understand it.  There are no
back doors in either the freeware or Viacrypt PGP.  That is why the NSA
and Department of State are upset...

                  ___________________________________________________________
 |\  /| |        |                                                           |
 | \/ |o|        | Michael Paul Johnson  Colorado Catacombs BBS 303-938-9654 |
 |    | | /  _   | mpj@csn.org   ftp csn.org \mpj\README.MPJ for access info.|
 |    |||/  /_\  | aka mpjohnso@nyx.cs.du.edu mikej@exabyte.com              |
 |    |||\  (    | m.p.johnson@ieee.org CIS 71331,2332    VPGP key by finger |
 |    ||| \ \_/  |___________________________________________________________|


Path: math.fu-berlin.de!zrz.TU-Berlin.DE!netmbx.de!Germany.EU.net!EU.net!news.forth.gr!calliope.csi.forth.gr!kermit
From: kermit@calliope.csi.forth.gr (Aggelos D. Keromitis)
Newsgroups: sci.crypt
Subject: Stealth-PGP (Q)
Date: 17 Feb 1994 13:47:44 GMT
Organization: Institute of Computer Science, FORTH Hellas
Lines: 23
Message-ID: <2jvsi0INNr77@pythia.csi.forth.gr>
NNTP-Posting-Host: calliope.csi.forth.gr
Summary: Question about development on Stealth-PGP
Keywords: stealth PGP cryptography ftp fsp docs
X-Newsreader: TIN [version 1.1 PL8]

I noticed in the cypherpunks list that someone there said that he'd get
 his hands on Stealth-PGP in a few days. Anyone knows anything about it?
-Aggelos

PS. For those who dont know what Stealth-PGP is, it's supposed to encrypt
 messages into noise...thats all i know too :)

PS2. There has been quite some use of the FSP site i set up, so i finally took
 the time to make thm available via ftp. The site is:
 ftp.csd.uch.gr:/pub/incoming/kermit/crypt/
 Please do not upload any docs there (email them to me instead) and keep in mind
 that there is a low limit on ftp users, so use FSP whenever possible.

--
-----------------------------------------------------------------------------
 Aggelos Keromitis  					 kermit@csd.uch.gr
 Network Operations Center/FORTHnet (noc@ics.forth.gr)   kermit@ics.forth.gr
 Heraclion, Greece                                       kermit@grearn.bitnet
 	Finger kermit@calliope.ics.forth.gr for public PGP key
-----------------------------------------------------------------------------
 	THERE ARE VERY FEW PROBLEMS THAT CAN'T BE SOLVED...
                       ...WITH AN APPLICATION OF HIGH EXPLOSIVES!
-----------------------------------------------------------------------------

Path: math.fu-berlin.de!zrz.TU-Berlin.DE!netmbx.de!Germany.EU.net!EU.net!sun4nl!hacktic!consolat.hacktic.nl!consgate.hacktic.nl!somedude
From: somedude@consgate.hacktic.nl (somedude)
Newsgroups: sci.crypt
Subject: Stealth-PGP (Q)
Message-ID: <000_9402182014@consgate.hacktic.nl>
Date: 18 Feb 94 13:01:02 +0000
Organization: I hate originz.. (65:66/2)
X-Mail-Agent: GIGO unreg at consgate vsn 0.98w32
X-FTN-To: kermit@calliope.csi.forth.gr
Lines: 9

 > PS. For those who dont know what Stealth-PGP is, it's
 > supposed to encrypt
 >  messages into noise...thats all i know too :)
Hmmm, just as a sidenote. The CryPt Newsletter, a few issues back, featured a
program to 'hide' information within a graphics format. Of course, if you know
where to look you can find it. Is this any different with Stealth-PGP?

I'm afraid I missed the original posting.
Or is the trick that they can't prove it's anything other than noise? ;)

Xref: math.fu-berlin.de alt.security.pgp:8897 sci.crypt:19527
Path: math.fu-berlin.de!MathWorks.Com!yeshua.marcam.com!usc!howland.reston.ans.net!vixen.cso.uiuc.edu!moe.ksu.ksu.edu!engr.uark.edu!news.ualr.edu!news.ualr.edu!nntp
Newsgroups: alt.security.pgp,sci.crypt
Subject: PGP broken? 
Message-ID: <1994Feb17.214747.2936@news>
From: CDWALKER@acs.harding.edu (Chris Walker)
Date: 17 Feb 94 21:47:47 -0600
Distribution: world
Organization: Harding University
Nntp-Posting-Host: acs.harding.edu
X-News-Reader: VMS NEWS 1.24
Lines: 21

  About 2 weeks ago, on alt.security.pgp, an article was posted that didnt seem
to generate much discussion. It included a paper written by Bill Payne on how
easy it was to crack RSA cryptography (which is what PGP is based on). Is there
any valididty to any of that article? Im a math major, but the math discussed
in the article is still way beyond what I;ve had yet. 
     Is this guy an target? or is he a kook?


__

PGP public key for:
Chris Walker <cdwalker@acs.harding.edu>
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.3a

mQCNAi1VPFAAAAEEAMwOf3I72xSTuy1oDyZ2sxN9nlY0zp46H8KpsJvWKCLAAxf6
+fiS5YKbIylp1Nd+Y9Ru60WHwiu32QpwI0sEcd7Jv5Z6+cbeiHVW8gbG6+JQb6BV
kgl7WGDCrnsi6P7W0XhncDGo4ZBlwWbYHWyt6642OoRJsuA+MRoyreq2ir7pAAUR
tCdDaHJpcyBXYWxrZXIgPGNkd2Fsa2VyQGFjcy5oYXJkaW5nLmVkdT4=
=g83f
-----END PGP PUBLIC KEY BLOCK-----

Xref: math.fu-berlin.de sci.crypt:19537 alt.security.pgp:8908
Path: math.fu-berlin.de!MathWorks.Com!yeshua.marcam.com!usc!howland.reston.ans.net!pipex!uunet!utcsri!csri.toronto.edu!blaak
Newsgroups: sci.crypt,alt.security.pgp
From: blaak@csri.toronto.edu (Raymond Blaak)
Subject: Re: PGP broken? 
Message-ID: <1994Feb18.091147.15008@jarvis.csri.toronto.edu>
References: <1994Feb17.214747.2936@news>
Date: 18 Feb 94 14:11:47 GMT
Lines: 22

CDWALKER@acs.harding.edu (Chris Walker) writes:

>  About 2 weeks ago, on alt.security.pgp, an article was posted that didnt seem
>to generate much discussion. It included a paper written by Bill Payne on how
>easy it was to crack RSA cryptography (which is what PGP is based on). Is there
>any valididty to any of that article? Im a math major, but the math discussed
>in the article is still way beyond what I;ve had yet. 
>     Is this guy an target? or is he a kook?


Bill Payne claimed to have an efficient way of calculating phi(n), which if
true, allows one to calculate the private key of the RSA algorithm.

It turns out that his algorithm is O(phi(n)), and since phi(n) is almost as
big as n, and n in the RSA setting is at least hundreds of digits, the
algorithm would take a long, long time. (i.e. Consider how long it would
take for the fastest computer you can think of to count to 10^200.)

Cheers,
Ray Blaak
blaak@csri.toronto.edu


Xref: math.fu-berlin.de alt.security.pgp:8949 sci.crypt:19592
Newsgroups: alt.security.pgp,sci.crypt
Path: math.fu-berlin.de!MathWorks.Com!europa.eng.gtefsd.com!howland.reston.ans.net!wupost!csus.edu!netcom.com!mpd
From: mpd@netcom.com (Mike Duvos)
Subject: Re: PGP broken? 
Message-ID: <mpdCLHt08.Ju6@netcom.com>
Organization: NETCOM On-line Communication Services (408 241-9760 guest)
References: <1994Feb17.214747.2936@news>
Date: Sat, 19 Feb 1994 22:26:32 GMT
Lines: 27

CDWALKER@acs.harding.edu (Chris Walker) writes:

>  About 2 weeks ago, on alt.security.pgp, an article was posted that didnt seem
>to generate much discussion. It included a paper written by Bill Payne on how
>easy it was to crack RSA cryptography (which is what PGP is based on). Is there
>any valididty to any of that article? Im a math major, but the math discussed
>in the article is still way beyond what I;ve had yet. 
>     Is this guy an target? or is he a kook?

Kook may be an unkind word.  His algorithm is kind of cute but 
unfortunately requires a number of steps roughly proportional to 
PHI(N) in order to work.  This is much worse than the leading
factorization algorithms available today, which still cannot
break RSA for any reasonable key size.

Thus, PGP is definitely not broken.

--
     Mike Duvos         $    PGP 2.3a Public Key available    $
     mpd@netcom.com     $    via Finger.                      $


-- 
---
     Mike Duvos         $    PGP 2.3a Public Key available    $
     mpd@netcom.com     $    via Finger.                      $


Xref: math.fu-berlin.de alt.security.pgp:9024 sci.crypt:19650
Newsgroups: alt.security.pgp,sci.crypt
From: nicho@olympus.demon.co.uk (Gregory Stewart-Nicholls)
Path: math.fu-berlin.de!MathWorks.Com!yeshua.marcam.com!news.kei.com!sol.ctr.columbia.edu!howland.reston.ans.net!pipex!bnr.co.uk!uknet!demon!olympus.demon.co.uk!nicho
Subject: Re: PGP broken? 
References: <1994Feb17.214747.2936@news> <mpdCLHt08.Ju6@netcom.com>
Organization: TeknoLogika ltd
Reply-To: nicho@olympus.demon.co.uk
X-Newsreader: Demon Internet Simple News v1.27
Lines: 27
Date: Mon, 21 Feb 1994 19:51:11 +0000
Message-ID: <761860271snz@olympus.demon.co.uk>
Sender: usenet@demon.co.uk

In article <mpdCLHt08.Ju6@netcom.com> mpd@netcom.com "Mike Duvos" writes:

> CDWALKER@acs.harding.edu (Chris Walker) writes:
> 
> >  About 2 weeks ago, on alt.security.pgp, an article was posted that didnt
>  seem
> >to generate much discussion. It included a paper written by Bill Payne on how
> >easy it was to crack RSA cryptography (which is what PGP is based on). Is
>  there
> >any valididty to any of that article? Im a math major, but the math discussed
> >in the article is still way beyond what I;ve had yet. 
> >     Is this guy an target? or is he a kook?
> 
> Kook may be an unkind word.  His algorithm is kind of cute but 
> unfortunately requires a number of steps roughly proportional to 
> PHI(N) in order to work.  This is much worse than the leading
> factorization algorithms available today, which still cannot
> break RSA for any reasonable key size.
> 
> Thus, PGP is definitely not broken.
  Ummm pardon me, but I understood that PGP uses IDEA encryption for the
plaintext, and only uses RSA to exchange IDEA keys. Can someone explain
what I've misunderstood.
-- 
Vidi                        | Gregory Stewart-Nicholls
Vici                        | nicho@olympus.demon.co.uk
Veni                        | TeknoLogika ltd

Xref: math.fu-berlin.de alt.security.pgp:9040 sci.crypt:19658
Newsgroups: alt.security.pgp,sci.crypt
Path: math.fu-berlin.de!MathWorks.Com!europa.eng.gtefsd.com!library.ucla.edu!csulb.edu!csus.edu!netcom.com!mpd
From: mpd@netcom.com (Mike Duvos)
Subject: Re: PGP broken? 
Message-ID: <mpdCLLtoq.AC1@netcom.com>
Organization: NETCOM On-line Communication Services (408 241-9760 guest)
References: <1994Feb17.214747.2936@news> <mpdCLHt08.Ju6@netcom.com> <761860271snz@olympus.demon.co.uk>
Date: Tue, 22 Feb 1994 02:31:36 GMT
Lines: 26

nicho@olympus.demon.co.uk (Gregory Stewart-Nicholls) writes:

>> Kook may be an unkind word.  His algorithm is kind of cute but 
>> unfortunately requires a number of steps roughly proportional to 
>> PHI(N) in order to work.  This is much worse than the leading
>> factorization algorithms available today, which still cannot
>> break RSA for any reasonable key size.
>> 
>> Thus, PGP is definitely not broken.

>  Ummm pardon me, but I understood that PGP uses IDEA encryption for the
>plaintext, and only uses RSA to exchange IDEA keys. Can someone explain
>what I've misunderstood.

The question was about a paper written by someone who claimed 
that RSA was "easy to break".  This turns out not to be the case.  
If you could break RSA, you could get the random IDEA key which
PGP encrypts with RSA, and decipher the message.  

A direct attack on IDEA would produce the same result, but that 
wasn't the question being asked.

-- 
     Mike Duvos         $    PGP 2.3a Public Key available    $
     mpd@netcom.com     $    via Finger.                      $


Newsgroups: sci.crypt
Path: math.fu-berlin.de!zrz.TU-Berlin.DE!netmbx.de!Germany.EU.net!EU.net!howland.reston.ans.net!wupost!decwrl!pa.dec.com!cuug.ab.ca!pringler
From: pringler@cuug.ab.ca (Randy Pringle)
Message-ID: <9402180935.AA05244@sun>
Subject: Scripts Nested PGP remailing
Date: Fri, 18 Feb 1994 02:35:48 -0700 (MST)
X-Received: by usenet.pa.dec.com; id AA16055; Fri, 18 Feb 94 01:35:42 -0800
X-Received: from cuugnet.cuug.ab.ca by inet-gw-1.pa.dec.com (5.65/13Jan94)
	id AA13099; Fri, 18 Feb 94 01:32:06 -0800
X-Received: from sun.cuug.ab.ca by cuugnet.cuug.ab.ca (AIX 3.2/UCB 5.64/4.05)
          id AA18610; Fri, 18 Feb 1994 02:28:15 -0700
X-Received: by sun 
        (4.1//ident-1.0) id AA05244; Fri, 18 Feb 94 02:35:49 MST 
X-To: sci.crypt.usenet
X-Mailer: ELM [version 2.4 PL23]
X-Content-Type: text
X-Content-Length: 598       
Lines: 14

Hi. I'm looking for a few scripts that will allow to easily use  nested
encrypted and multiple remailers. I had a copy of something
called pop.send and pop.mail that I got off of the soda ftp site.

The problem was it would just lock up if I picked anything other
remailers that didn't support encryption. Tried looking for any problems
with script, but didn't see anything that would cause problems. Tried
copying pgp directly into my Mail dir, still no dice. 

So..to make a long story short, anyone have any useful scripts? Doing this
stuff manually is pretty slow.

Thanks,
Pringler@cuug.ab.ca

Path: math.fu-berlin.de!zrz.TU-Berlin.DE!netmbx.de!Germany.EU.net!EU.net!howland.reston.ans.net!math.ohio-state.edu!news.acns.nwu.edu!uicvm.uic.edu!earlham.edu!earlham.edu!nntp
Newsgroups: sci.crypt
Subject: DES and PGP
Message-ID: <1994Feb20.143237.1076@earlham.edu>
From: evansbe@bufo.math.earlham.edu (Ben Evans)
Date: 20 Feb 94 14:32:35 EST
Nntp-Posting-Host: hyla.math.earlham.edu
Lines: 5

Could someone please mail me the algorithms or tell me where I could find
them for DES and PGP encryption I would really appreciate it
-Thanx
-Elric
Evansbe@math.earlham.edu

Xref: math.fu-berlin.de alt.security.pgp:9180 sci.crypt:19778
Newsgroups: alt.security.pgp,sci.crypt
Path: math.fu-berlin.de!zib-berlin.de!netmbx.de!Germany.EU.net!EU.net!howland.reston.ans.net!agate!library.ucla.edu!csulb.edu!csus.edu!netcom.com!qwerty
From: qwerty@netcom.com (-=Xenon=-)
Subject: Stealth for PGP Available.
Message-ID: <qwertyCLpztC.4n8@netcom.com>
Organization: PGP Info Clearinghouse.
Date: Thu, 24 Feb 1994 08:34:24 GMT
Lines: 188

-----BEGIN PGP SIGNED MESSAGE-----

I have placed Stealth1.0 up for anonymous ftp at netcom.com in
/pub/qwerty as stealth.tar.Z. I am not the author of Stealth. "Henry
Hastur" is the author. I will gladly forward mail to him if you tell me to
do so. My address is qwerty@netcom.com. So far it is only written for
Unix, so don't e-mail me asking for a DOS version or whatever. I'm just a
cheerleader and propagandist, who finally got some very kind soul to
"write me a real encryptor".

Why Stealth? Wired magazine just gave a plug for the Mac program "Stego"
(ftp to sumex-aim.stanford.edu in /info-mac/cmp) by Romana Machado, which
will, like any steganograph, hide a message in a carrier message. Problem
is, anybody can reverse it, and if you are using PGP, immediately tell
you are one of those drug dealing, child molesting, cryptography users ;-).
Once Stealth is incorporated into such steganographs, then people can't
easily tell that what they've extracted out of that picture of Madonna is
even a message at all. If they don't have the right secret key to decrypt
it, then all they get is garbage. "What message?!"

Questions:

1) What does Stealth have to do with farming?
2) How do stealth encryptors make the Clipper chip look like a stupid
   waste of YOUR tax money?

[Answers: 1) Zip, 2) By demonstrating that even if the Clipper keys are
 stolen, without your secret key they can't even tell you are using PGP].

 -=Xenon=-

                Stealth V1.0 by Henry Hastur
                ----------------------------

Stealth is a simple filter for PGP which strips off all identifying header
information to leave only the encrypted data in a format suitable for
steganographic use. That is, the data can be hidden in images, audio
files, text files, CAD files, and/or any other file type that may contain
random data, then sent to another person who can retrieve the data from
the file, attach headers, and PGP decrypt it.

Stealth is not intended to replace the standardized methods of using
encryption (e.g. ASCII-armoured PGP email) ; in an ideal world we would
all be able to send openly encrypted mail or files to each other with no
fear of reprisals, however there are often cases when this is not possible,
either because the local government does not approve of encrypted
communication, or perhaps because you are working for a company that
does not allow encrypted email but doesn't care about Mandelbrot
GIFs. This is where Stealth and steganography can come into play.


Compiling
- - ---------

Stealth has currently only been tested on BSD and SVR4 Unix (and as
such should work with most varieties of Unix), with both non-ANSI
compilers and ANSI compilers with 'minimal ANSI' flags. In order to
compile the program, you should just be able to extract the files
from the tar file provided, then type 'make'. If that fails you may
need to change the definition of CC and CFLAGS in the makefile to
get it to compile. On machines with gcc, the GNU C compiler, Stealth
can be compiled by simply changing the 'CC=cc' line in makefile to
'CC=gcc'.

Stealth has not yet been tested on MS-DOS, but the only likely problems
are with 16-bit integers (you may need to change some occurrences of
int to long in order to get stealth to work), and you will need to
remove the -DUNIX flag from compilations. Hopefully, version 1.1
will be released shortly with full DOS compatibility.


Usage
- - -----

Stealth always reads from its standard input and writes to the standard
output, though when adding headers to data the data has to be stored in a
temporary file (see Security Concerns below).

Command line arguments :

        -c      Conventional encryption used rather than public key
        -a      Add headers (defaults to strip headers)
        -v      Verbose output.

Stealth needs to be able to find your pubring.pgp file, which it does
by first checking in the directory pointed to by $PGPPATH, then the
current directory.


Examples
- - --------

To encrypt a file with PGP and store it in the file pgp.stl prior to 
sending :

pgp -ef < secrets.dat | stealth > pgp.stl

To encrypt a file with conventional (IDEA) encryption, and pass to a
steganography program called steg_program :

pgp -fec < secrets.dat | stealth -c | steg_program

To take the output from a steganographic extraction tool, add headers
for key "Your Id", and decrypt :

steg_program | stealth -a "Your Id" | pgp -f > secrets.dat

To take the conventionally encrypted output from a steg program, attach
headers and decrypt :

steg_program | stealth -ac | pgp -f > secrets.dat


Limitations
- - -----------

Files can be signed, but can only be encrypted to one recipient - extra
RSA headers for all but the first recipient will be stripped from the
file. In addition, if you specify conventional encryption but pass an
RSA-encrypted file into the filter the RSA-block will be stripped. In
either case, stealth will print out warnings to inform you of this.

Stealth provides no support for ASCII-armoured PGP messages - it will
only work with the binary output format, and the output will have to
be converted to a useable form after processing, either with a
steganography program or a standard utility such as uuencode.

Finally, for technical reasons there are potential problems with public
keys of size (typically) 2^n + 1 or 2^n + 2 (e.g. 513 or 1026). If you
are encrypting to a key of a peculiar size, it's possible that the algorithm
used to add headers could fail, but fortunately this can be detected while
stripping the headers, and a warning will be printed. If this warning 
appears,
you will probably want to encrypt the data again until a suitably sized
RSA-block is created.

It is NOT neccesary to remove garbage data that the steganography program
may have added to the end of the PGP-encrypted data. PGP output contains
an encrypted end-of-file mark that allows the program to decrypt correctly
and ignore any trailing garbage.


Security Concerns
- - -----------------

After passing through the stealth filter, the PGP-encrypted data is
essentially white noise, with no identifying marks, and whilst it may
well have enough peculiarities for an expert cryptanalyst to recognize
it as encrypted data, the probability is much less than would be the
case with a PGP header identifying the recipient attached.

One other concern is that stealth has to create a temporary file when
reading in data to attach headers, and depending on the build options
chosen the program will store it in either $PGPPATH, the current directory
or /tmp. On Unix machines, the file will be deleted as soon as it is opened,
making it difficult to capture, but on other operating systems the file
will only be deleted when it has been used. (In either case the file will
be zeroed before being closed).

In addition, some operating systems will use temporary files on your disk
to emulate unix pipes (e.g. MS-DOS) - these files will not be zeroed when
finished with !


Export Restrictions
- - -------------------

Stealth is probably not covered by current export restrictions under the
US ITAR regs, but I'm not a lawyer, so if in doubt check it out yourself.
It was written outside the US and imported, so should soon be available
on some European ftp sites as well as US sites.


                                                Henry Hastur




-----BEGIN PGP SIGNATURE-----
Version: 2.3

iQCVAgUBLWwfawSzG6zrQn1RAQEjlQP/d85opZ6aMXfFpDu/KQz0DAzFxXNjiSZy
9l56kIUkmAx0aT5qF3UAg2UTDagiJlFNz6UXFhEKBkDV4JLJPq5C8HtsdpCiSLWr
vVD2IEdASEd9ALCQMLS/YxVv6GG85n+phyoEV5ALsD1f0y4Nbk2Gfb+rexk5rN3a
hFYRUekVuNY=
=pkdK
-----END PGP SIGNATURE-----

