Things are heating up between Fred Cohen and some of the rest of the list. I don't believe MIT is in collusion with the NSA or any other government agency to deliberately weaken or cripple PGP. I base this on having dealt with some of the MIT folks, with the various source code analyses folks have done, etc. However, I think it's a perfectly *fine* idea for some group to launch a cryptanalytic attack on PGP, or an attack based on any other approaches. This is the "tiger team," or "Team B" approach to finding flaws and weaknesses. I don't take the security of PGP only on faith, though analyzing it is not my bag, as they say. Rather, I use the Popper/Bartley notions of falsifiabilty and see truth as a process, not a state. Seeing lots of source code available, independent compilations on various machines, and believing neither Zimmermann nor Atkins nor Schiller, etc., would consent to inserting back doors into PGP, I am thus led to _believe_ that PGP is probably not so affected. Doesn't mean it isn't so, but I'm not overly worried about it. Still, more studies and technical attacks (technical, not verbal) would be welcome. One of the problems we in the "civilian cryptography" sector face is that we don't have much activity in cryptanalysis. (We've talked about this several times before, before Fred Cohen joined the list, for example.) The NSA and other intelligence agencies have not only code makers, they also have code _breakers_ (such as modern ciphers are breakable, which hasn't been the case much lately, if Bamford and Kahn are to be believed). Probably entire groups whose only job is to try to break the systems devised by others. (Modern ciphers are not as prone to breakage as earlier ciphers were, for technical reasons, so I suspect the number of cryptanalysts has shrunk since the good old days when they had more successes...there may only be a small contingent left...) The lack of cryptanalysis papers at "Crypto" has been striking...I was told that the program committee considers cryptanalysis to be less important than original research. (I can see the rationale in this, as Crypto is an academic/research conference, and there are really no "engineering" crypto conferences. And cryptanalysis might not even fit into an engineering conference very well, as cryptanalysis is traditionally a sort of "hobbyist" activity--if you've read Kahn you'll know what I mean.) Crypto comes in various flavors, from hardware implementations, to number theory, to Unix/IETF sorts of standards, to digital cash, and even to statistical analysis. It is dangerous to have a "monoculture" in which one topic is the trendy one and everyone is urged to work on that (whether the "that" is PGP or Java or anything else equally trendy). Most of the activity has been on adding hooks to PGP to make it usable in other programs, or on remailers. Not as much effort has gone into proofs of validity, systems analysis, etc. (Eric Hughes and I talked about this several years ago, before the Cypherpunks group was formed...the need for "Viper"-like systems with provably correct components, especially for digital money, etc.) If folks think PGP is flawed, or deserves an independent and critical look, then this is a good project for someone. (I think several such analyses have been made, however...this doesn't make it impossible for a flaw or backdoor to exist, but at least the code has been examined by various folks. I'm personally not too worried, though this has little suasive value.) (The Monoculture of Trendy Projects. My own programming mini-project, while proceeding slowly, is of a pattern extractor and "entropy estimator" for text. Stuff like measuring patterns, examining clusterings and author-specific patterns. I'm writing it as a bunch of "critic agents" who are responsible for different areas of analysis. In SmalltalkAgents. My point? There will be those who cite the "monoculture" and scoff at anything not written in C++ for Unix boxes, or not built to be Net-aware from the gitgo, or not written as applets in Java....oh well, in Digital Walden, one marches to a different drummer. Better to program the thing I _want_ to program rather than the things I _don't_ want to program, and hence _won't_. Final note: it'll be ready for use and maybe demonstration when it's ready. And ready when it's finished, finished when it's ready.) I've long appreciated Fred Cohen's work on viruses, so it's nice to have him on the Cypherpunks list. Maybe Fred can tell us if it's really true that he was stopped by U.S. Customs and held for many hours at the Canadian border when going to or returning from a conference where he described computer viruses.... --Tim May .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@sensemedia.net | anonymous networks, digital pseudonyms, zero 408-728-0152 | knowledge, reputations, information markets, Corralitos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: PGP and MailSafe available. "National borders are just speed bumps on the information superhighway."