From: Andrew Brown <a.brown@nexor.co.uk>
Date: Wed, 14 Sep 94 04:30:01 PDT
To: cypherpunks@toad.com
Subject: Re: Running PGP on Netcom (and Similar)
In-Reply-To: <199409121554.LAA10096@bwh.harvard.edu>
Message-ID: <Pine.3.89.9409141257.A10742-0100000@victor.nexor.co.uk>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 12 Sep 1994, Adam Shostack wrote:

> >	To do this properly, you would want one shot passphrases,
> >similar to S/Key.  The implementation I see would have PGP hash your
> >pass phrase some large number of times (say 1000, which takes less
> >than a second on my 68030 mac) before using it to decrypt your pass
> >phrase.
> >
> >	Then, when logged in from a line being sniffed, you would
> >invoke PGP -1es ..., and when prompted for your pass phrase you would
> >enter 800/something-ugly-that-md5-makes.  PGP would then md5 this 200
> >times, and you'd have demonstrated your knowledge of your passphrase
> >without ever sending it over a line.  Clearly, PGP would need to store
> >the fact that you had used #800, and only accept lower numbers.

I can see how this gets around the problem of sending cleartext 
passphrases over a network, but how does it help stop the problem of the 
remote system running a keystroke log that is handed over to the 
authorities during a bust?  Armed with 800/some-number they can just type 
the same thing into PGP (or a modified copy) and decrypt the files that 
you were keeping on-line.


Regards,

- Andy

+-------------------------------------------------------------------------+
| Andrew Brown  Internet <asb@nexor.co.uk>  Telephone +44 115 952 0585    |
| PGP 2.6ui fingerprint: EC 80 9C 96 54 63 CC 97  FF 7D C5 69 0B 55 23 63 |
+-------------------------------------------------------------------------+