Re: Scientology tries to break PGP - and fails?
Tom Rollins writes:
If this is the file that the Co$ is trying to crack, then what the is being asked for is a pass phrase that can be handed to the Co$ that will pass the PGP valid key check and still not decrypt the data to anything usefull.
Well, I don't have the PGP 'conventional' encryption format memorized, but there is probably a constant after the IV that is prepended to the data. The constant is used to determine if the key is correct. Since the conventional encryption runs in CFB mode and there is a full block of random IV at the beginning of the file, it is extremely unlikely that a key could be found that would properly decrypt only the first two blocks while leaving the rest unreadable...
If Larry Wollersheim does have the valid key. It would be a simpler process to know what fake key to use and work it backwards through the MD5 to arrive at an ascii string to produce the fake key.
Not really. Even if you could find an IDEA key that would produce the desired output it would be hard to find a passphrase that would produce that key when hashed. One of the properties of one-way hash functions is that it is difficult to find a plaintext that produces a given hash. Hence the term 'one-way'.... Even if you did find a passphrase (which, if MD5 is strong, would require something like 2^64 operations), it would likely be long, have 8-bit chars, and would be impossible to type in. It would be tough to convince anyone that it was the real passphrase. andrew
Tom Rollins writes:
If this is the file that the Co$ is trying to crack, then what the is being asked for is a pass phrase that can be handed to the Co$ that will pass the PGP valid key check and still not decrypt the data to anything usefull.
Well, I don't have the PGP 'conventional' encryption format memorized, but there is probably a constant after the IV that is prepended to the data. The constant is used to determine if the key is correct. Since the conventional encryption runs in CFB mode and there is a full block of random IV at the beginning of the file, it is extremely unlikely that a key could be found that would properly decrypt only the first two blocks while leaving the rest unreadable...
If Larry Wollersheim does have the valid key. It would be a simpler process to know what fake key to use and work it backwards through the MD5 to arrive at an ascii string to produce the fake key.
Not really. Even if you could find an IDEA key that would produce the desired output it would be hard to find a passphrase that would produce that key when hashed. One of the properties of one-way hash functions is that it is difficult to find a plaintext that produces a given hash. Hence the term 'one-way'.... Even if you did find a passphrase (which, if MD5 is strong, would require something like 2^64 operations), it would likely be long, have 8-bit chars, and would be impossible to type in. It would be tough to convince anyone that it was the real passphrase.
andrew
There was a hack to pgp ui published a while back that would allow someone decrypting a RSA encrypted file to print out the idea key. Another feature of the hack allowed someone with the idea key to decrypt an RSA PGP encrypted file ignoring the RSA headers and using the IDEA key directly. Using this software should allow the reciever of an RSA PGP encrypted file to allow someone else to decrypt it (by giving them the IDEA key) without exposing the secret key. The IV block check will allow them to check that they are using the correct idea key.
-----BEGIN PGP SIGNED MESSAGE----- Tonight's local news included an interesting blurb about this case. The judge refused to order Wollersheim to disclose his passphrase, since the encrypted material comprised names of Co$ critics who could then be targeted by the Church. And the secret (and copyright!) $criptures were read in court and excerpts broadcast on the news, "close-captioned for the hearing-impaired." All the entertaining stuff some of us have been reading on the net was there: aliens transported to earth, volcanoes h-bombed, thetans...I laughed my ass off. A bigtime win for PGP and encryption generally, and a major PR debacle for the $cienos. Kute Korrespondences Koda: Tomorrow, Sept. 9, there will be protests worldwide at Co$ centers. I was cleaning out some paperwork and disk file archives recently, and noticed that the ViaCrypt and Austin Code Works subpoenas were dated Sept. 9, 1993. Grady Ward of ACW has, of course, been a major Co$ antagonist, making good use of PGP and the Cypherpunks remailers. The old message I found detailing these subpoenas was from this list's sometime visionary, L. Detweiler. Alan Westrope <awestrop@nyx10.cs.du.edu> __________/|-, <adwestro@ouray.cudenver.edu> (_) \|-' 2.6.2 public key: finger / servers PGP 0xB8359639: D6 89 74 03 77 C8 2D 43 7C CA 6D 57 29 25 69 23 -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBMFDh51RRFMq4NZY5AQEO/gP/VgOEP8LpcrrIno2yj3oqD7zHc3a0d5If GC/ze1b6frpWPKo2mIb7IiZQzQ8rkZmky07PR9MV6jPO4S8UCpwix/ylgV1kGWmd WWWe4t8xVfHc2wJGS7qjRvkt8PDvgPkcHWktxOHkASl9cemscwYJbGyXq1BkCJCT Mkgv7cSClDM= =Nuz5 -----END PGP SIGNATURE-----
On Fri, 8 Sep 1995, Alan Westrope wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Tonight's local news included an interesting blurb about this case. The judge refused to order Wollersheim to disclose his passphrase, since the encrypted material comprised names of Co$ critics who could then be targeted by the Church. And the secret (and copyright!) $criptures were read in court and excerpts broadcast on the news, "close-captioned for the hearing-impaired."
Anyone have the name of this action, the court it was in or the name of the judge? I would very much like to see a transcript of his order.
All the entertaining stuff some of us have been reading on the net was there: aliens transported to earth, volcanoes h-bombed, thetans...I laughed my ass off. A bigtime win for PGP and encryption generally, and a major PR debacle for the $cienos.
Kute Korrespondences Koda:
Tomorrow, Sept. 9, there will be protests worldwide at Co$ centers. I was cleaning out some paperwork and disk file archives recently, and noticed that the ViaCrypt and Austin Code Works subpoenas were dated Sept. 9, 1993. Grady Ward of ACW has, of course, been a major Co$ antagonist, making good use of PGP and the Cypherpunks remailers. The old message I found detailing these subpoenas was from this list's sometime visionary, L. Detweiler.
Alan Westrope <awestrop@nyx10.cs.du.edu> __________/|-, <adwestro@ouray.cudenver.edu> (_) \|-' 2.6.2 public key: finger / servers PGP 0xB8359639: D6 89 74 03 77 C8 2D 43 7C CA 6D 57 29 25 69 23
-----BEGIN PGP SIGNATURE----- Version: 2.6.2
iQCVAwUBMFDh51RRFMq4NZY5AQEO/gP/VgOEP8LpcrrIno2yj3oqD7zHc3a0d5If GC/ze1b6frpWPKo2mIb7IiZQzQ8rkZmky07PR9MV6jPO4S8UCpwix/ylgV1kGWmd WWWe4t8xVfHc2wJGS7qjRvkt8PDvgPkcHWktxOHkASl9cemscwYJbGyXq1BkCJCT Mkgv7cSClDM= =Nuz5 -----END PGP SIGNATURE-----
participants (4)
-
adwestro@ouray.cudenver.edu -
Andrew Loewenstern -
Black Unicorn -
cypherpunks@toad.com