Security of PGP if Secret Key Available?
Derek Atkins
warlord at MIT.EDU
Thu Jun 6 20:55:21 PDT 1996
> If the secret key is available then an attacker knows the length
> of p & q. Admittedly this will not usually help matters much,
> but I still feel that the lengths of p and q should be encrypted
> with the passphrase - perhaps in PGP3.0? (Derek?)
PGPlib has an interface to encrypt the whole keyring, however that
probably isn't going to be fully implemented unless time permits.
This interface allows you to encrypt the WHOLE keyring in a
passphrase, which includes not only the secret components, but the
public components as well. However I don't know if I'll have the time
to get to it.
Enjoy!
-derek
More information about the cypherpunks-legacy
mailing list