Clever back doors are not accomplished by an obvious program change, but rather by the subtle use of some technique that appears to do one thing when it actually does something else. As a good example, a subtle interation with the rest of the environment could modify the key generation algorithm after it is loaded. Unfortunately, PGP is too large to verify against such back doors, so I ask again:
Why (specifically) do you think the MIT version of PGP has no backdoors and is not subject to attacks such as the one outlined in my previous posting?
This is a good question. Subtle backdoors hidden in such a program may be difficult to find out. It might be more effective to use the PGP file format, to understand pgp as a reference implementation, and to write you own pgp compatible program where you can generate your keys etc. in the way you prefer. Hadmut