Apology to Dale Thorn

Tue Nov 12 00:45:11 PST 1996

James A. Tunnicliffe wrote:
> Dale Thorn writes (in part):
> >I'm tending to think that, instead of using PGP for all encoding (even
> >though it may have multiple facilities for all situations), a message
> >could be encrypted with a good trusted private-key system or whatever,
> >then the private key encrypted with the Public Key software and sent
> >either separately or with the message.

> But you've described exactly what PGP does.  It encrypts the message
> with a "good, trusted private-key system" -- IDEA, which has undergone
> significant peer review, has a long-enough key (128 bits), and has
> exhibited no significant weaknesses or shortcuts to brute force (which
> is impossible, given the key length).  It then encrypts the IDEA session
> key that was used with the recipient's public key, and bundles the the
> IDEA-encrypted message and the RSA-encrypted session key (and
> optionally, a signed hash of the message) for delivery to the recipient.

I hope I'm not repeating this in more than one or two places, but the
idea originated as a way to verify PGP code, i.e., if one could verify
some minimal portion of it sufficient to send a small message (i.e., a
private key), one could then rely on his/her own favorite (and really
well verified) private key software to do the bulk of the encryption.

Relying on one software program (despite the hoopla) to "do it all" is,
in my book, a prescription for disaster.  The peer-review statements
notwithstanding, the PGP source code, at 60,000 or so lines, and without
a doubt way too complex for one individual and his/her closest trusted
associates to verify, cannot be trusted without a really clean rewrite,
using a heirarchical design of some sort, where all code is completely
consistent and well-annotated, broken into numerous small functions,
and is very easy to read and follow.

If you think the above can't be justified, as in the example that PGP
will have to be continuously updated in its central routines, so as to
maintain its "edge" in security, well, that would imply that its security
is seriously lacking if attacked by advanced hackers.

I know it may not be a perfect analogy, but remember the HSCA board review
from the late 1970's regarding certain forensics in the JFK case?  If I'm
not mistaken, the central points demonstrating conspiracy were upheld by
only one professional out of approximately 12, i.e., Cyril Wecht.

Now you're not going to convince any jury I know of that Oswald did it,
or did it alone, but getting past that and to the professionals who did
the reviews of certain evidence, it should be obvious that in cases where
there may be *very important* programs for which the public needs to be
convinced of this-or-that, the government-controlled institutions (i.e.,
the major universities) can come up with all the experts it needs to
convince people of this-or-that.  Some of these I know personally...