
Peter Trei wrote:
Some handsome devil named "Truthmonger" writes:
I stated my case for contending that PGP=>2.5 has been compromised, and got back wild-eyed demands for proof of that which I did not claim, mainly, that PGP had been 'broken.'
To reiterate my original observations: 1. The development of RSA was funded and controlled by the spooks. i.e. - The National Science Foundation and the Navy. 2. The campaign of persecution against Phil Zimmerman ground to a halt once he agreed to PGP using the spook-developed RSAREF subroutines to implement the RSA functions, instead of PGP's original subroutines.
If people with guns came to me and told me that software I had written now had to use their subroutines, instead of my own, then I would consider my software 'compromised', regardless of whether or not I could immediately discern any anomalies in it. It is far, far easier to 'build' a back-door, than to 'find' one.
His main arguement rests on the fact that the later versions of PGP use RSAREF, rather than Phil's own code.
It is rather surprising to have anyone on this list actually address the issues I raised but, all the same, you seem to want to label the detail you wish to address as my 'main' argument.
As support of the first claim, he claims:
1. The development of RSA was funded and controlled by the spooks. i.e. - The National Science Foundation and the Navy.
If it's the algorithm, you may or may not have the intellectual capacity to verify it yourself - if you don't you have no business telling us it's compromised, and if you do, either publish the problem (and claim your 15 minutes of fame), or admit there is no hole you are aware of. There are plenty of people on this list who can follow the math, even if you can't.
There seems to be a decided lack of people on this list who can follow the English language and simply stated concepts. Once again, I am asked to 'admit' what I have already made plain. What is this neurosis that everyone seems to have regarding PGP which leads them to demand hard-evidence of malfeasance before suggesting that one should not bend over in blind trust for encryption systems whose development was funded by the spooks, and whose method of implementation is a result of threats and coercion? Perhaps the government should have named their Key Escrow schemes "Zimmerman Escrow," instead, in order to take advantage of the bum-buddy mentality among the cypherpunks which seems to hold issues surrounding their holy icon to a different standard than other systems of encryption. The denziens of the cypherpunks list often have math skills far above those to be found in some of the related 'science' forums, but they do not have a monopoly on clever use and manipulation of numbers, bits and bytes. The Navy's Onion Routing system is more sophisticated than their first cousins, the cypherpunks remailers, and there is no 'visible' hole or back-door in their work. I have not seen any great rush by anyone with half-a-brain, however, to indicate the remailers are being abandoned in favor of the Navy's product. Why is that? Could it have anything to do with the same issues I have raised in regard to RSA implementation? I doubt that it would come as a surprise to anyone to know that the Navy also has mathematicians on the payroll, nor that their tenacles in the scientific community are not all wearing uniforms and saluting when their superiors enter the room. I also doubt that there are not those among the cypherpunks who are capable of writing a subroutine to take advantage of unique attributes of individual algorithms.
RSA has *not* had a good relationship with the USG, as those who have been following the matter over the years know well. Most recently, you will notice that it has licensed some of it's patents to a Japanese chip maker in an effort to avoid problems with US export restrictions. Is this the action of a USG patsy?
Their actions resulted in their product infiltrating a market which is noted for being extremely hard to penetrate. Victims of con games are seldom fooled by the 'bad guy' in the ruse.
PGP 2.5 was released in March 1994, about a year after Phil was indicted. It took until January 1996 for the indictment to be dropped; nearly another two years. If a deal was struck, why did it take so long?
I have never contended that Mr. Zimmerman was part of any direct "deal" with the government or the prosecutors. His reputation capital, in my own mind, is high enough that I am certain that it would take a phenomenal amount of pressure in order to get him to betray his principles. On the other hand, only a fool would fail to take into consideration the fact that the government is fully capable of applying a phenomenal amount of pressure when they feel the stakes are high enough. The government, indeed, did not kiss Zimmerman 'on the lips' after the 'deal' with RSA was arranged, but they let his case simply run its natural course, with no additional pressure being applied.
The government simply ran out of legal pretexts under which to harass him.
Take a whiff of some smelling-salts, Peter. The government 'never' runs out of pretexes under which to harass someone who remains an actionable target in their minds. (Where were *you* when J.F.K was shot?)
Now that your supporting assertions have been shown to be flawed,
...battered, but still standing.
let's return to the original claims.
1. "PGP => 2.5 has been compromised." 2. "It is far, far easier to 'build' a back-door, than to 'find' one."
The problem, TM, is that we have full source code, and anyone with the intelligence and knowledge required can check it independently.
Check it for what? For 'tricks and techniques' that you *know* about? The fact that an individual has taught you 'everything you know' does not lead to the conclusion that they have taught you everything that 'they' know. I am sure you will agree, as well, that if a teenage hacker violates your system, leaving its entrails shredded, that it is small consolation that their math skills are not on a par with your own. Do people with superior knowledge of virus' leave their systems open to attack from unknown techniques? I don't think so. Several years ago, I emailed MicroSoft a short post suggesting that they take steps to prevent their use of macros from being abused. The reply I received, politely telling me to 'piss off,' informed me that virus' could *not* be transmitted via "ASCII" files.
Your second claim, that it is easier to build a backdoor than to find one, is true but not pertinant. Let's try an analogy.
1. You buy a house from a builder. You, being paranoid, wonder if the builder has included a secret door to enable him to enter the house without your permission. You investigate what you can, but in the end are left with some doubts.
2. You buy a set of blueprints from the builder, and examine them carefully for weaknesses. You then buy a plot of land of your choice, hire the workers you want, get materials from any supplier you wish. You supervise the construction yourself down to the last detail. Others who have purchased the same blue prints include trusted independent architects and construction engineers, who concur with you thatno hidden back doors can be found in the design. At this point, how worried are you that the builder has left himself an unauthorized entry?
This is the point at which I realize that the builder has been banging my wife, and that he 'leaked' a rumor of a 'secret' back-door so that I would be too busy to notice my wife letting him in the "back door" that was plainly visible in the blueprints. As well, if the blueprint bore the name of Doug Henning, would you be as secure in your belief that there were no secret doors in place?
What it comes down to "TM" is: Put up or shut up.
Your points are well taken, but far off the mark of the issue I raised, which was one of PGP having been "compromised." You make a strong case for the mathematical strength of RSA implementation having been scrupulously investigated, although not an airtight one, by any means. However, the issue of this or that system having been "compromised" has more to do with the concept, rather than the mathematics, of security. At the risk of being labeled a tenacle of Dr. Vulis, I will use a "cocksucker" analogy, this being an area in which all factions of the cypherpunks list seem to claim knowledge (although on 'opposite' sides of the fence). In the militaristic/spook scheme of things, a system or entity is deemed to be "compromised" if there is a *possibility* of what is sometimes called a *known/unknown* (KU) factor having been introduced into a *controlled* situation or system. i.e. During the Cold War, homosexuality was one of the fulcrums which could be used to pry open the security bonds between an agent and that agent's controller. This was a 'known' factor which raised alarms, and an agent or entity was deemed to be "compromised," regardless of whether this factor was considered to be 'unknown' to the enemy. Trusted systems, as we call them today, were automatically considered to be compromised if there was reason to suspect that they *could have been* compromised, even if it was 'unknown' whether or not they actually *were* compromised. The case of Alan Turning is a prime example, here. Revelation that there existed a fulcrum point which enemy agents could well have used to compromise his work left it open to valid suspicion. It then behooved those with an interest in security matters to scrutinize not only his 'numbers,' but also his 'history,' and that of those around him. It also became in their best interest to assume that his work *had* been compromised, and to take measures to modify or alter it in ways that would conceivably affect any methodologies which were based on hidden designs or schemes.
Respond in a substantive manner. So far, you've avoided doing so.
The issues I raised were not of 'substance,' but of 'shadows.' Had RSA development and implementation been funded and controlled by the KGB, then I seriously doubt if the U.S. Military would have embraced it, no matter what the *numbers* showed. If cypherpunks have a lower standard of suspicion, then I am certain the government would be happy to provide them with *all* the software they care to use.
You can't spread FUD in a situation where there is no unknown to Fear, no Uncertainty to deal with, and no Doubt that we have all the knowledge we need.
If there is "no unknown to Fear," then perhaps you would be so kind to supply me with "substantive" information such as all of the top- secret government documents concerning encryption and the development of RSA. If there is "no Uncertainty to deal with," then I assume that all mathematical possibilities have been discovered and are known to all members of the list, and that there will be no future developments in the field of mathematics or encryption. It there is "no Doubt that (you) have all the knowledge (you) need," then there is a fellow I met in Chicago who runs a Pea/Shell game and, I am certain, would be happy to give you a 'chance' to exercise your Doubt-muscles. Thank you for at least dealing with matters that are in the same ballpark as the issues I raised, as opposed to arguing over whether or not the Dodgers could beat the Sharks. TruthMonger