...
It's true that, in general, the "burden" of demonstrating whether a system is secure should fall primarily on those who claim it is rather than on those who claim it isn't. It's also true that PGP, for whatever reason, is treated with a degree of reverence that is, perhaps, unwarranted. I, for one, would be much happier to see greater vetting of widely-used programs like PGP.
Excellent assessment - I wholely agree with it.
But that does not mean that one can expect to be taken seriously by simply throwing darts and seeing where they land. That would mean that essentially no hardware, software, algorithm or protocol could ever be considered trustworthy by anyone for any purpose. There is a difference between raising specific concerns and making vague, wild, unsupported claims, which is how what you wrote below reads to me.
A reasonable response. My question is: Why do you think that the key generation algorithm used by PGP is secure? Specifically, how do we know there is no subtle back door that reduces the problem of testing the typical key space to a solvable problem in today's technology? I don't believe I made ANY "vague, wild, unsupported claims" however, that is certainly a matter of opinion. ...
Why (specifically) do you think so? Because you claim it? Because the MIT maintainer claims it? You say MIT is not associated with the NSA, but they have historically been funded by the NSA and other federal agencies for work on information security. Do you really think that the only information protected by PGP is dirty pictures? Do you somehow think that MIT and the NSA are above that sort of thing? All you have to do is look at history, and it should be clear that this appeal to authority is often used by those trying to cover things up. If you know something about PGPs security that you aren't telling us, don't beat around the bush about it. Come out and say it. Tell us that you have proven that PGP has no backdoors and what method you used to do that. Tell us that you have hand verified all the code and that none of it overwrites the key generation process and tell us how you verified it.
No one knows how "prove" anything substantial, much less the absence of backdoors, for anything but the most trivial software and algorithms.
Excellent - have you looked at the white paper describing the secure "get-only" W3 server available under What's New at http://all.net? I think that this is a step in the right direction toward demonstrating more about a program than that it runs most of the time and seems to give reasonable answers. Perhaps someone would like to make similar demonstrations for PGP.
It cannot be safely assumed that any program is clean or that any one person or group is not involved with intentionally subverting security. That violates the fundamental principles of information protection.
Your attempt to cast a near-defamatory shadow of suspicion over the individuals and institutions who wrote the software, without raising even a single specific concern about something you've observed about the code, invites more questions about your own motives than those of MIT or its staff. It seems reasonable to ask you to put up or shut up.
Under what analysis do you construe "It cannot be safely assumed" as "near-defamatory"? I don't know you any more than you know me. We are both just mail sources on the Internet. Why do you consider it reasonable to assume that we should all trust statements made by people we do not know and have not met based on their assertion that they think a cryptosystem is safe and free of back doors? If I add a PGP signature, does it make me any more trustworthy?
Disclaimer: I also give away cryptographic source code, in connection with my job as a research scientist for a company that has even closer ties to the spook community than you seem to think MIT has...
And I should trust you to tell me that PGP is safe for me to use? -- -> See: Info-Sec Heaven at URL http://all.net Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236