In a FidoNet debate, it's been charged that PGP is unsafe, and that NSA can crack it. The persons holding this viewpoint espouse the idea that the NSA can crack anything, pretty much, and that anything they could not crack would not be available to the general public, but would have been supressed.
The basic problem here is not whether the NSA has or hasn't cracked PGP. Certainly it's safe today from the prying eyes of even a really determined FIDO sysop, even if he keeps up with all his mathematical journals and has access to commercially available supercomputer power. This should be sufficient reason for its use... :-) In all of the literature I have read, it is acknowledged that one of the two possible things is true: 1) Factoring might not be as hard as we think it is; Bruce Schneier, for instance, cautions readers to keep informed about mathematical developments in factoring. It has not been disproved that factoring is a hard problem, but neither has it been proved. 2) The NSA may have equipment that, using massively parallel techniques, can factor small RSA keys by brute force. However, if factoring is as hard as we think it is, very large keys are probably not within the scope of the NSAs ability, unless they have access to a different universe where physical laws behave differently. [...]
SO, let's take this opportunity at online education, and spread the news that under current technology, PGP is in fact a secure cryptosystem.
Security is always a relative thing, Stanton, and if the transport layer becomes sufficiently problematic, a really determined opponent will seek other weaknesses (a spike mike in your house, a tap in your computer, having burly gentlemen with names like "Butch" grab you and hold you upside down over a large body of rapidly moving water). IMHO, the real point of encrypting is to make it difficult for the NSA and their ilk to casually surf the nets for stuff, and stymie more humble opponents (whether they are sysops, employers, competitors, hackers, or France). Doug -- ---------------- /\ Douglas Barnes cman@illuminati.io.com / \ Chief Wizard (512) 447-8950 (d), 447-7866 (v) / () \ Illuminati Online metaverse.io.com 7777 /______\