1995-08-01 - Re: a hole in PGP
Header Data
From: “Perry E. Metzger” <perry@panix.com>
To: patl@lcs.mit.edu
Message Hash: 5898c6553a05675dd3ba5ca842c46089c4ba484d9b451591fff42d24784117ae
Message ID: <199508011542.LAA23817@panix4.panix.com>
Reply To: <199508011530.LAA00429@skyclad.lcs.mit.edu>
UTC Datetime: 1995-08-01 15:42:52 UTC
Raw Date: Tue, 1 Aug 95 08:42:52 PDT
Raw message
From: "Perry E. Metzger" <perry@panix.com>
Date: Tue, 1 Aug 95 08:42:52 PDT
To: patl@lcs.mit.edu
Subject: Re: a hole in PGP
In-Reply-To: <199508011530.LAA00429@skyclad.lcs.mit.edu>
Message-ID: <199508011542.LAA23817@panix4.panix.com>
MIME-Version: 1.0
Content-Type: text/plain
"Patrick J. LoPresti" writes:
> I find it surprising that people so familiar with public key
> cryptography would be reassured by the argument, "Here, this algorithm
> has been examined by thousands and nobody has found a trap door."
> Public key cryptography demonstrates that it is possible, in
> principle, to construct an algorithm with a trap door that nobody else
> is *ever* going to find.
This is not correct as you have phrased it.
Although it is not possible to find a decision proceedure for any
non-trivial property of programs in general (whether it halts, for
example) in practice well written code can be well understood and
cannot conceal very much at all.
In order to use public key cryptography to obfuscate a program as you
suggest, you'd have to include huge tables of large numbers in it. Any
idiot can observe the existance of such mysterious tables.
Trying to conceal anything in cleanly written code is an enormous
challenge, and one that has nothing to do with public key crypto per
se.
Incidently, this doesn't mean that you can't conceal things by
producing subtle flaws in, for example, random number generation code.
However, such flaws are hardly of the form "nobody else is *ever*
going to find" -- anyone being extremely cautious in his analysis will
find such flaws.
.pm
Thread
- Return to July 1995
Return to August 1995
- Return to “Andy Brown <asb@nexor.co.uk>”
- Return to “Derek Atkins <warlord@MIT.EDU>”
- Return to “fc@all.net (Dr. Frederick B. Cohen)”
- Return to “futplex@pseudonym.com (Futplex)”
- Return to “lmccarth@cs.umass.edu (L. McCarthy)”
- Return to ““Patrick J. LoPresti” <patl@skyclad.lcs.mit.edu>”
- Return to ““Perry E. Metzger” <perry@panix.com>”
- Return to “Ray Arachelian <sunder@escape.com>”
- Return to “Ray Cromwell <rjc@clark.net>”
Return to “Syed Yusuf <yusuf921@uidaho.edu>”
- Unknown thread root
- 1995-07-31 (Mon, 31 Jul 95 05:38:45 PDT) - Re: your mail - Andy Brown <asb@nexor.co.uk>
- 1995-07-31 (Mon, 31 Jul 95 07:43:38 PDT) - Re: your mail - fc@all.net (Dr. Frederick B. Cohen)
- 1995-07-31 (Mon, 31 Jul 95 12:26:05 PDT) - Re: your mail - Derek Atkins <warlord@MIT.EDU>
- 1995-07-31 (Mon, 31 Jul 95 13:50:00 PDT) - Re: your mail - Syed Yusuf <yusuf921@uidaho.edu>
- 1995-07-31 (Mon, 31 Jul 95 15:59:19 PDT) - a hole in PGP - fc@all.net (Dr. Frederick B. Cohen)
- 1995-07-31 (Mon, 31 Jul 95 16:40:47 PDT) - Re: a hole in PGP - Derek Atkins <warlord@MIT.EDU>
- 1995-08-01 (Mon, 31 Jul 95 17:56:16 PDT) - Re: a hole in PGP - fc@all.net (Dr. Frederick B. Cohen)
- 1995-08-01 (Tue, 1 Aug 95 01:21:38 PDT) - Re: a hole in PGP - lmccarth@cs.umass.edu (L. McCarthy)
- 1995-08-01 (Tue, 1 Aug 95 05:19:42 PDT) - Re: a hole in PGP - fc@all.net (Dr. Frederick B. Cohen)
- 1995-08-02 (Tue, 1 Aug 95 19:01:10 PDT) - Re: a hole in PGP - futplex@pseudonym.com (Futplex)
- 1995-08-01 (Tue, 1 Aug 95 05:19:42 PDT) - Re: a hole in PGP - fc@all.net (Dr. Frederick B. Cohen)
- 1995-08-01 (Tue, 1 Aug 95 01:21:38 PDT) - Re: a hole in PGP - lmccarth@cs.umass.edu (L. McCarthy)
- 1995-08-01 (Tue, 1 Aug 95 08:31:10 PDT) - Re: a hole in PGP - “Patrick J. LoPresti” <patl@skyclad.lcs.mit.edu>
- 1995-08-01 (Tue, 1 Aug 95 08:42:52 PDT) - Re: a hole in PGP - “Perry E. Metzger” <perry@panix.com>
- 1995-08-01 (Tue, 1 Aug 95 09:34:31 PDT) - Re: a hole in PGP - “Patrick J. LoPresti” <patl@skyclad.lcs.mit.edu>
- 1995-08-01 (Tue, 1 Aug 95 09:15:27 PDT) - Re: a hole in PGP - Ray Cromwell <rjc@clark.net>
- 1995-08-01 (Tue, 1 Aug 95 09:55:43 PDT) - Re: a hole in PGP - “Patrick J. LoPresti” <patl@skyclad.lcs.mit.edu>
- 1995-08-01 (Tue, 1 Aug 95 08:42:52 PDT) - Re: a hole in PGP - “Perry E. Metzger” <perry@panix.com>
- 1995-08-03 (Thu, 3 Aug 95 08:29:20 PDT) - Re: a hole in PGP - Ray Arachelian <sunder@escape.com>
- 1995-08-01 (Mon, 31 Jul 95 17:56:16 PDT) - Re: a hole in PGP - fc@all.net (Dr. Frederick B. Cohen)
- 1995-07-31 (Mon, 31 Jul 95 16:40:47 PDT) - Re: a hole in PGP - Derek Atkins <warlord@MIT.EDU>
- 1995-07-31 (Mon, 31 Jul 95 12:26:05 PDT) - Re: your mail - Derek Atkins <warlord@MIT.EDU>
- 1995-07-31 (Mon, 31 Jul 95 07:43:38 PDT) - Re: your mail - fc@all.net (Dr. Frederick B. Cohen)
- 1995-07-31 (Mon, 31 Jul 95 05:38:45 PDT) - Re: your mail - Andy Brown <asb@nexor.co.uk>