Anybody willing to offer a bit of help to a cypher-newbie? I'm
-----BEGIN PGP SIGNED MESSAGE----- At 03:45 PM 7/28/97 -0700, you wrote: trying to sort out a few of the basics: Well as long as you ask like that instead of what most newbies do, such as try and subscribe by sending "Add me to the mailing list" to the list.
1. PGP 5.0 -- good software?
It's better integrated for Mac Lusers and Windows 95ers. It is, however, flawed in some respects.
If not, what problems? Why to use DSS vs/ RSA keys? How is 5.0 different than 2.6.3i ? Which is better?
2.6.3i cannot use CAST, or (who would want to , it's DES!) Triple- DES. It does however, can use other hashes with RSA, thanks to someone's discovery on PGP-USERS. 2.6.3i is dos native, and complex. A shell integrates nicely, but it's still not the same.
2. Are emails encrypted using PGP 5.0 decypherable by PGP 2.6.3i (and vice versa?) Using RSA keys?
3. I understand certain encryption s/w cannot be legally exported, I am aware that such s/w is nevertheless being used (and built) abroad. My queries: Is purely domestic use being threatened by the pending legislation? Is it already illegal to send an encrypted msg out of
ONLY using RSA keys. DSS/Diffie-Hellman support is being added to old PGP's. RSAREF is used in PGP 5.0 . MPILIB, Phil Zimmermann's original PGP RSA algorithm implementation is used in international versions. It's becuase of RSA's patent stuff. the US? If so, is it illegal to receive an encrypted msg from outside the US? Unless it is the "shitty 40 bit" type. It can be built abroad, for example, IDEA was made in switzerland, or something like that..., PGP 2.6.3i was made legally, I think. Domestic use is being threatened by Nazi Motherfuckers like Billy-Bob Clinton [spit], The FBI, and the NSA. Oppose them. Go to www.crypto.com and do some of the stuff there. Sending and recieving mail from the outside of the US *is legal*.
4. How strong is strong? My MS Explorer has the 128 bit encryption scheme to secure domestic financial transactions (such as credit cards). How "un-encryptable" is this? I read some recent postings here re difficulty of breaking 128 bit keys -- but this had reference to stronger methods of encryption than MS Explorer uses, right? So 128 bits is hard to break (umptyump years, terrawatts, etc.)? Then why does my PGP 5.0 software offer keys that are 768, 1024, etc. up to 4096 bits in length? Are these numbers on the same scale?
Any "strength" differences between RSA, DSS, and Diffie-Hellman? IS
Unencryptable? What the fuck are you talking about? If you mean crackable, let's just say it'd take several time the age of the Universe to crack it. The RSA keys are weaker than symmetric cyphers, unless we're talking about DSS/Diffie-Hellman keys with 4096bits. They are not on the same scale. there some layman-understandable difference between these? Well, RSA's are patented and RSA is really anal with their patents. DSS/Diffie-Hellman keys are unpatented. You can change hashes on RSA keys (RIPEM160, MD5 [was broken already], and SHA-1). But to use those RSA's with older PGP's, use only MD5.
5. Is international data traffic somehow monitored (or monitorable) to detect encrypted traffic?
It can be detected that you're using encryption. Breaking PGP is another thing. If any other cypherpunks want to correct me here, do so. -----BEGIN PGP SIGNATURE----- Version: PGP for Personal Privacy 5.0 Charset: noconv iQCVAwUBM9065B0+FhmmTrSJAQEdsgQAmRAJR7CxQCy4Wfny8YM6oJ3chLKnJCnA E45EElRsAVS8zyAWy06/ZJFG8XjInjgAzmx+fRvGoN0qHvObyFfrDMPML0w+405s cddgcApc0DfbjP8narKHVBQnbOhwuSjdDbwTbFF9F+EG0OkXewgYKXS/QnS11ov/ ofr4ooPGcr0= =rowH -----END PGP SIGNATURE-----