From: "Robert A. Hayden" <hayden@krypton.mankato.msus.edu>
Date: Mon, 3 Jun 1996 19:23:04 +0800
To: Cypherpunks Mailing List <cypherpunks@toad.com>
Subject: Security of PGP if Secret Key Available?
Message-ID: <Pine.ULT.3.91.960603023229.6519B-100000@krypton.mankato.msus.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

About once a week we get some lame-o flame bait posted to 
alt.security.pgp or this mailing list or somewhere abotu some hole in 
PGP.  We further say with fairly good reliability that they are bogus, 
get a light chuckle, and then go back to dealing with the real issues.

However, I got to wondering about the security of PGP assuming somebody 
trying to read my PGPed stuff has my 1024-bit secret key.  ie, if I have 
it on my personal computer, and somebody gets my secret key, how much 
less robust has PGP just become, and what are appropriate and reasonable 
steps to take to protect this weakness?

Thanks


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: PGP Signed with PineSign 2.2

iQCVAwUBMbJ5xTokqlyVGmCFAQGcAgQAvjFdZ+YLdQGxDHcT+GOwP82BSwiTYlaQ
F9RV8L+radCK/SyeLnEtoodkKVqpcsItIQ/JJ44FOAmnsBLljuWqbhZMl8G8+uCB
pcpkXpre83CwoM6qDKkCEyqCiMxq857ioCoqb+WRNJYbb++muVBDHADVzGoGOjLg
cvIMxnnXF3c=
=tnTb
-----END PGP SIGNATURE-----
 
____           Robert A. Hayden      <=> hayden@krypton.mankato.msus.edu
\  /__     Finger for Geek Code Info <=>    Finger for PGP Public Key
 \/  /           -=-=-=-=-=-                      -=-=-=-=-=-
   \/        http://krypton.mankato.msus.edu/~hayden/Welcome.html

-----BEGIN GEEK CODE BLOCK-----
Version: 3.12
GED/J d-- s:++>: a- C++(++++)$ ULUO++ P+>+++ L++ !E---- W+(---) N+++ o+
K+++ w+(---) O- M+$>++ V-- PS++(+++)>$ PE++(+)>$ Y++ PGP++ t- 5+++ X++
R+++>$ tv+ b+ DI+++ D+++ G+++++>$ e++$>++++ h r-- y+**
------END GEEK CODE BLOCK------