1997-12-03 - How long before McAfee PGP v6.0 with GAK?

Header Data

From: Adam Back <aba@dcs.ex.ac.uk>
To: cypherpunks@cyberpass.net
Message Hash: 9a746cab80034fb97f21c66ca1797a8335c482cce2f69e5cd133cb02364ab7b3
Message ID: <199712032128.VAA01388@server.test.net>
Reply To: N/A
UTC Datetime: 1997-12-03 22:41:04 UTC
Raw Date: Thu, 4 Dec 1997 06:41:04 +0800

Raw message

From: Adam Back <aba@dcs.ex.ac.uk>
Date: Thu, 4 Dec 1997 06:41:04 +0800
To: cypherpunks@cyberpass.net
Subject: How long before McAfee PGP v6.0 with GAK?
Message-ID: <199712032128.VAA01388@server.test.net>
MIME-Version: 1.0
Content-Type: text/plain




Someone forwarded a wired article:

>  | PGP is competing with RSA Data Security Inc.'s S/MIME (Secure
>  | Multipurpose Internet Mail Extension) to become a standard for E-mail
>  | encryption. So far, PGP appears to be winning the hearts of the IETF
>  | (Internet Engineering Task Force) because it is based upon the public
>  | Diffie-Hellman algorithm.

Whoever wrote this isn't paying attention.

S/MIMEv3 is an IETF process and also uses patent free algorithms.

> ===> http://www.wired.com/news/news/politics/story/8906.html
> 
>  | Pretty Good Privacy Not Looking So Great
>  |
>  | Legendary cypherpunk and former PGP Inc. chief technology officer Phil
>  | Zimmermann is in the uncomfortable position of having to eat his
>  | words. Following Monday's US$35 million cash acquisition of PGP by
>  | Network Associates, the man who once testified before the Senate that
>  | key recovery could "strengthen the hand of a police state" now works
>  | for a company that actively promotes it.
>  |
>  | Reaction from e-privacy activists was swift and harsh.
>  |
>  | "The users of PGP can no longer rely on the credibility of Phil
>  | Zimmermann to ensure that the product is everything that they've been
>  | promised it's been previously," said Dave Banisar, attorney for the
>  | Electronic Privacy Information Center and co-author of The Electronic
>  | Privacy Papers

pgp5.x had corporate message recovery (CMR) features in it from the
git-go.  Not quite as bad as KRAP (Key Recovery Alliance Partnership
-- the government toady scheme for companies argreeing to add GAK to
their products), but still risky stuff the way that they implemented
it.  Anyone who is interested should read:

	http://www.dcs.ex.ac.uk/~aba/cdr/

where I attempt to compare the risks of PGP Inc's method of disaster
recovery with more logical and more secure alternatives.

The folks at PGP Inc who poo-pooed the uproar caused by their CMR
exploits are now left with the thought that they have built the GAK
mechanism for a KRAP company.  The KRAP program calls for companies to
implement GAK in a two year time-frame, in exchange for this they have
the bribe of being allowed to export puny 56 bit encryption in place
of the joke 40 bit encryption.  So it may be necessary to forget PGP
Inc.  If I was PRZ I would demand that the name PGP not be used for
KRAP.

>  | Network Associates, formerly known as McAfee Associates, is an active
>  | member of the Key Recovery Alliance, an organization that lobbies
>  | Congress for key recovery that would grant law enforcement agencies
>  | back-door access to private encrypted communications.

Yup, they're government sell outs who are part of the "program"
helping government to install key recovery government master back door
keys etc.  PGP Inc's CMR looks set to be the architecture for GAK much
earlier than it's detractors predicted.  Shame on those at PGP who
invented it, and defended it.

>  | Network Associates and other companies support key recovery because
>  | it would allow them to export strong crypto software without bothering
>  | to make a separate nonrecoverable version for the domestic market. 

Not really, they are allowed to export 56 bit crypto which is still
ultra puny.  They won't be able to export 128 bit IDEA, or 128 bit
CAST, or 112 bit 3DES which is what PGP5.x uses.  So they'll either
need two versions or they'll dumb down the whole lot to 56 bits, which
is just too weak by far.

>  | But Zimmermann, a pioneer of strong encryption, has spent years
>  | crusading against key recovery, calling it an invasion of privacy. And
>  | the most recent release of PGP's encryption software allows users to
>  | disable key recovery.

Many of us were already upset with PRZ for his part in the development
of CMR, and for allowing it to happen.  It was far too politically
risky a technology to associate with the PGP name, or for someone who
cared about privacy or personal freedom to endorse.

>  | "People should give their consent to use [recovery]," Zimmermann said.
>  | When asked whether future versions of the package will retain that
>  | option, Zimmermann replied, "Certainly, as long as I have anything to
>  | say about it."

I would imagine that PRZ doesn't retain much control.

>  | "It's going to take some time to figure things out," said Zimmermann.

I hope PRZ does the right thing.

>  | "It will require a fundamental examination by human rights groups and
>  | others about whether any newer versions of PGP are truly trustworthy,"
>  | said Banisar.

pgp5.x is already tainted with the features to interoperate with
future GAKked software from NAI versions of PGP which will likely have
GAK to comply with McAfee's KRAP program.

Adam






Thread