From: cypherpunks@toad.com
To: cypherpunks@toad.com
Message Hash: 853ca65bf93f119777942ac6dded14a63a20c5af7751f1cabe49e1d7c27d1697
Message ID: <199509090841.BAA01249@miron.vip.best.com>
Reply To: <9509081654.AA03407@ch1d157nwk>
UTC Datetime: 1995-09-09 08:46:19 UTC
Raw Date: Sat, 9 Sep 95 01:46:19 PDT
From: cypherpunks@toad.com
Date: Sat, 9 Sep 95 01:46:19 PDT
To: cypherpunks@toad.com
Subject: Re: Scientology tries to break PGP - and fails?
In-Reply-To: <9509081654.AA03407@ch1d157nwk>
Message-ID: <199509090841.BAA01249@miron.vip.best.com>
MIME-Version: 1.0
Content-Type: text/plain
>
>Tom Rollins writes:
>> If this is the file that the Co$ is trying to crack, then what the
>> is being asked for is a pass phrase that can be handed to the Co$
>> that will pass the PGP valid key check and still not decrypt the
>> data to anything usefull.
>
>Well, I don't have the PGP 'conventional' encryption format memorized, but
>there is probably a constant after the IV that is prepended to the data. The
>constant is used to determine if the key is correct. Since the conventional
>encryption runs in CFB mode and there is a full block of random IV at the
>beginning of the file, it is extremely unlikely that a key could be found
>that would properly decrypt only the first two blocks while leaving the rest
>unreadable...
>
>> If Larry Wollersheim does have the valid key. It would be a simpler
>> process to know what fake key to use and work it backwards through
>> the MD5 to arrive at an ascii string to produce the fake key.
>
>Not really. Even if you could find an IDEA key that would produce the
>desired output it would be hard to find a passphrase that would produce that
>key when hashed. One of the properties of one-way hash functions is that it
>is difficult to find a plaintext that produces a given hash. Hence the term
>'one-way'.... Even if you did find a passphrase (which, if MD5 is strong,
>would require something like 2^64 operations), it would likely be long, have
>8-bit chars, and would be impossible to type in. It would be tough to
>convince anyone that it was the real passphrase.
>
>
>andrew
>
There was a hack to pgp ui published a while back that would allow
someone decrypting a RSA encrypted file to print out the idea key.
Another feature of the hack allowed someone with the idea key to decrypt
an RSA PGP encrypted file ignoring the RSA headers and using the IDEA
key directly.
Using this software should allow the reciever of an RSA PGP encrypted
file to allow someone else to decrypt it (by giving them the IDEA key)
without exposing the secret key. The IV block check will allow them to
check that they are using the correct idea key.
Return to September 1995
Return to “cypherpunks@toad.com”