Your assertion that I could find the backdoor by inspecting the program is the wrong tactic for secure programs. If you want people to believe that a program is secure, you had better come up with good reasons that it is secure, and not hide behind "if you can't find any holes, it must be secure".
This is where you are very wrong. I am not saying that "if you can't find any holes it must be secure". What I am saying is that the source is available, and thousands of people have looked at the source, and none of them have found any holes in it.
- to wit: What makes you think PGPs method of getting seeds does not lead to a limited key space that is within the realm of modern computers to search?
How do you propose that a user's keystrokes can be analyzed? If you assume that the PC's internal clock speed >> typing speed (which is a good assumption -- how many keystrokes/second can you type?) then you have a large amount of randomness that can be gained from timing keystrokes. Even a good typist will not have an even typestroke! Have you read RFC 1750? If not, I would recommend you read it before you consider continuing this thread!
Why (specifically) do you think the MIT version of PGP has no backdoors and is not subject to attacks such as the one outlined in my previous posting?
I think it has no backdoors because Jeff Schiller and I (among others) have looked closely at the random number generator code (he has taken a much closer look than I) and believe it to be secure. I also know that I did not put any backdoors into the code (but why would you believe me, I must be paid by the government to say this, right?) As to why I believe it is not subject to attack, I ask you again to go read RFC 1750. PGP follows its recommendations fairly closely. There is only one place where PGP fails to follow, and that is that PGP does expose the bucket of random bits, rather than mixing them before exporting them. However I do not believe that this would affect the generation of PGP Public Keys. -derek PS: In what field is your Doctorate?