Security of PGP if Secret Key Available?
Gary Howland
gary at systemics.com
Wed Jun 5 07:20:25 PDT 1996
On Jun 3, 2:36, "Robert A. Hayden" wrote:
> However, I got to wondering about the security of PGP assuming somebody
> trying to read my PGPed stuff has my 1024-bit secret key. ie, if I have
> it on my personal computer, and somebody gets my secret key, how much
> less robust has PGP just become, and what are appropriate and reasonable
> steps to take to protect this weakness?
If the secret key is available then an attacker knows the length
of p & q. Admittedly this will not usually help matters much,
but I still feel that the lengths of p and q should be encrypted
with the passphrase - perhaps in PGP3.0? (Derek?)
Gary
--
pub 1024/C001D00D 1996/01/22 Gary Howland <gary at systemics.com>
Key fingerprint = 0C FB 60 61 4D 3B 24 7D 1C 89 1D BE 1F EE 09 06
More information about the cypherpunks-legacy
mailing list