This was sent to just me by mistake, and I'm forwarding with permission of Jay. ---------- Forwarded message ---------- Date: Fri, 27 May 94 21:26 PDT From: Jay Prime Positive <jpp@jpplap.markv.com> To: hayden@krypton.mankato.msus.edu Subject: Re: PGP 2.confusion Date: Fri, 27 May 1994 23:49:55 -0500 (CDT) From: "Robert A. Hayden" <hayden@krypton.mankato.msus.edu> Do we (the cypherpunk community) perhaps need to come up with EBP 1.0 (Even Better Privacy) that abandons the RSAREF patent problem with some other public-key system that is functionally equial and just as safe? EBP would have to provide the two critical functions of PGP -- digital signatures, and key distribution. There exist signature standards other than RSA. Perhaps the USA's DSS can be exported. If not, there may well be other systems out there. Feel free to implement DSS, or others. But the critical problem seems to be encryption. Or more exactly the key distribution problem. How do I and my secret corespondant share a secret key? I only know of four kinds of solutions. Send the key via a secure channel. Secure chanels are hard to find, and as history teaches us, not fully secure. (Read Kahn for instance.) Use a trusted key distributer. Trusted. Ha. This is cypherpunks list. Public key cryptography. The problem is that PKP (or is it RSADSI?) claims pattent rights to the whole PK ball of wax. The Diffe Helman key exchange (oblivious transfer?) pattent will expire the soonest, and it can be used in the future. The really exciting result, IMHO, is from crypto 92 that I mentioned a while back. If A and B can hear a source of bits S with some errors, then they can generate a shared secret which even an eves dropper with much greater (listening) resources can't discover. This is exciting. Is it pattented? Does it work on the internet? I don't know. Unfortunately all of these suffer from various active tapper attacks. More unfortuneately, on the internet active tapping isn't very hard to arrange. If you can come up with aditional solutions, or ones more resistant to active tappers, please publish. j'