1993-08-27 - Plausible Spookiness

Header Data

From: an31144@anon.penet.fi
To: cypherpunks@toad.com
Message Hash: 115025c5a0ed6095cdb849dd762a27b12c1c244de61212aa2d470f599e4e085b
Message ID: <199308272046.AA04048@xtropia>
Reply To: N/A
UTC Datetime: 1993-08-27 21:15:59 UTC
Raw Date: Fri, 27 Aug 93 14:15:59 PDT

Raw message

From: an31144@anon.penet.fi
Date: Fri, 27 Aug 93 14:15:59 PDT
To: cypherpunks@toad.com
Subject: Plausible Spookiness
Message-ID: <199308272046.AA04048@xtropia>
MIME-Version: 1.0
Content-Type: text/plain

> Whoever "Raymond Paquin" is, he's no spook. Spooks just don't do
> things like that - tell a little bit, then clam up. They are
> trained by instinct never to leak.

I got a sad little chuckle out of that one.  Leaving aside the
paradoxical "trained by instinct" line, I can assure you that your claim
here is simply naive.  Perhaps you watch too much TV.

For every Ivy League CIA careerist station chief with a vested interest
and thorough indoctrination, there are several thousand nobodies who
more or less blundered into the racket in minor capacities.  These are
underpaid, ignored, fucked-with, jacked around, abused, denied,
manipulated, lied to, insulted, cut loose, yanked back and otherwise
generally driven nuts until they quit, at which time they discover they
are too burned out to do anything in the real world - say, hold down
some shitty job ("There seems to be a rather large hole in your resume,
Mr. Smith...") or maintain personal relationships.

What these people will or won't do is beyond reliable conjecture.

Did you guess I speak from personal experience and observation?

What Paquin is or isn't, I can't say.  I haven't believed or trusted
anyone since late 1970 or so anyway, but I would not be surprised if
Paquin actually was doing pretty much what he said, namely working at
some university doing crypto math on some government grant with big
strings.  This is completely plausible.

> If there is any flaw in PGP, there are only a few places where it
> could be. The basic mechanics of the program (RSA, IDEA, etc)
> obviously work...

If you mean that they are NSA-proof, or that only brute force attacks
would affect decryption, I would suggest that we know no such thing, and
it is extremely unlikely that we ever will.  The NSA has _astounding_
resources, unequalled by anything in the private sector, dedicated to no
other purpose than compromising world-class cyphers.  Their successes
are not public knowledge, to say the least.  No one here should blithely
dismiss claims of PGP weaknesses when the opposition has literally
billions of dollars earmarked to find such flaws.

It bears noting that the concealment of major successes in decryption
are every bit as important as the decryption itself, a fact often

I would like to see "Paquin's" case against PGP as well as a competent
analysis of his claims.  Unfortunately, I cannot produce either.

 > A subtle flaw would have to be somewhere like: prime number
 > generation, random RSA key generation, or random session key
 > generation. If the primes weren't actually prime, that would make the
 > RSA keys breakable. But you could take the primes (pgp -kg -l and you
 > will see them in hex) and feed them into a primality tester to verify
 > that.

I have seen numerous conjectures about PGP primes, but am not competent
to judge them.

 > The most likely place for a bug would be in the randomness.
This has been another subject of discussion, though I know of no firm
conclusions being reached.