On Fri, 28 Jul 1995, Dr. Frederick B. Cohen wrote:
Philo Zimmerman would almost certainly win if they ever took him to court, but by harassing him in this more subtle way, they destroy the impact of PGP in the marketplace, get MIT to support an official (and perhaps customized for the NSA to have weak keys) version,
I've personally pulled apart the innards of both MIT pgp 2.6.2 and the non-MIT pgp 2.6.2i in order to generate large primes and full RSA keys.
There are no hacks in MIT pgp that cause it to generate weak keys.
How (specifically) do you know that this is true? Key generation is very tricky stuf, and very subtle changes can have very profound impacts. I doubt that Zimmerman's original was truly perfect at this either, but how do we really know? -- -> See: Info-Sec Heaven using our New Super Secure World-Wide-Web Server -> Free: Test your system's security (scans deeper than SATAN or ISS!) ---------------------- both at URL: http://all.net ---------------------- -> Read: "Protection and Security on the Information Superhighway" John Wiley and Sons, 1995 ISBN 0-471-11389-1, 320 pp, $24.95 ------------------------------------------------------------------------- Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236