Hello Ray Cromwell <rjc@clark.net>, patl@lcs.mit.edu and tcmay@sensemedia.net (Timothy C. May) and cypherpunks@toad.com
At 4:15 PM 8/1/95, Ray Cromwell wrote: ...
PGP, but in the algorithm itself. RSA-in-4-lines-perl is probably ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ provably correct. To guard against trapdoors in PGP, you should ^^^^^^^^^^^^^^^^^ ... [emphasis tcmay]
To which tcmay responded:
This doesn't seem likely. I mean, doesn't "RSA-in-4-lines-of-Perl" *of necessity* make use of external library/utility functions? Such as the "dc" math routines for the PRNG? Part of its compactness is that it makes use of available libraries. ...
AFAIK (my 4 lines might differ from yours), there is no PRNG in the 4 lines of perl. The key is supplied as a parameter, and no guidance to its generation is given in the implementation. You are right about the dc, but it only uses that for modular exponentiation, which is a lot easier to prove correct than PRNG. Which is not to say that it *has* been proven. I guess that makes me a nit-picker... Jiri -- If you want an answer, please mail to <jirib@cs.monash.edu.au>. On sweeney, I may delete without reading! PGP 463A14D5 (but it's at home so it'll take a day or two)