From: norm@netcom.com (Norman Hardy)
To: cypherpunks@toad.com
Message Hash: 7af7dc2dbac4a320b90ab9c3669eb9ad11ce562ee252efbd5b602313e32e2fdc
Message ID: <9308270215.AA19598@netcom3.netcom.com>
Reply To: N/A
UTC Datetime: 1993-08-27 02:15:51 UTC
Raw Date: Thu, 26 Aug 93 19:15:51 PDT
From: norm@netcom.com (Norman Hardy)
Date: Thu, 26 Aug 93 19:15:51 PDT
To: cypherpunks@toad.com
Subject: Re: Commercial PGP: Verifying Trustworthiness
Message-ID: <9308270215.AA19598@netcom3.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain
Forwarding for cdodhner@indirect.com (Christian D. Odhner)
>
> peter honeyman <honey@citi.umich.edu> says:
> > pgp and viacrypt will always generate differnt outputs: pgp
> > adds some pseudo-random stuff to the start of the file it is
> > encrypting to ensure that a file encrypts differently each time.
> This means that I am trusting the "pseudo-random" stuff not to be
> some secrets that PGP has read from my disk. The only benefit
> that I see to the pseudo-random stuff is to send the same message
> to several people without revealing the fact that the messages are
> the same except to those that can decode the messages.
>
I could very well be wrong about this one, but since pgp uses a random
idea session key each time you encrypt, wouldn't that in fact ensure that
no two encryptions of the same file with the same public key are ever the
same? Why then would random stuff be needed?
Happy Hunting, -Chris
<cdodhner@indirect.com>
PGP public key available upon request.
Return to August 1993
Return to “norm@netcom.com (Norman Hardy)”
1993-08-27 (Thu, 26 Aug 93 19:15:51 PDT) - Re: Commercial PGP: Verifying Trustworthiness - norm@netcom.com (Norman Hardy)