From: "Jeffrey I. Schiller" <jis@MIT.EDU>
Date: Sun, 21 Apr 1996 13:44:32 +0800
To: cypherpunks@toad.com
Subject: PGP's +makerandom is broken (was: Re: Article on PGP flaws)
Message-ID: <3179A2EB.646D@mit.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

On April 16, 1996 jf_avon@citenet.net said:
> I fed the result of 
> pgp +makerandom=2000 rnd.pgp 
> into noisesphere.exe 
>
> Every times, it gives a distribution that looks like a zebra from the 
> top view.  Any comments?

This is a bug in PGP. +makerandom doesn't work properly. I discovered
this a few week ago myself when I needed some random numbers for
another project. Due to a programming bug, the idea based random number
generator doesn't get initialized (read: doesn't get seeded at all)
when +makerandom is used. Note: +makerandom is an undocumented feature.

IMPORTANT: Only +makerandom is effected. In normal use PGP properly
generates random session keys as well as RSA public key pairs.

                                -Jeff

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMXmiyMUtR20Nv5BtAQHiYwP/dEAf5w0KstdALRabGYeUOlhEEN+fvVJH
+TE215jh91EvPP2h9XqnOS5tWKiHpAjoRng5yUF6vyfD9rsHTS9EkCPC+yrlAkPb
E5XrnAsOx3W1EkkT2kA15RDePt8lOpXetltNVBsGqBMEupCFExYldz7h6o9g9DQj
e+NSMQZzIB8=
=m21a
-----END PGP SIGNATURE-----