home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
Freaks Macintosh Archive
/
Freaks Macintosh Archive.bin
/
Freaks Macintosh Archives
/
Textfiles
/
zines
/
DNA
/
DNAV1I7.sit
/
DNAV1I7
/
DNA107.003
< prev
next >
Wrap
Text File
|
1994-02-06
|
3KB
|
64 lines
PGP and the Encryption Standard
by M. Theroux
One of the more interesting things concerning the world of Cryptography
has been the government's recent attacks on PGP. PGP, the public key
encryption system developed by Phil Zimmermann, has widely been acclaimed
as the "one" NSA can't crack. This absurd notion is being propagated by
many who fancy themselves knowledgeable in computer related cryptography.
These neophytes bleat that the government's attacks on PGP are proof that
the program is invincible even to the NSA's expertise and technology. It
has been justly stated that to become an "expert" in cryptology one must
first pay their dues cracking code. It is probable that none of the
amateurs touting "uncrackable" have so much experience. They certainly
wouldn't blatantly display their ignorance with such statements.
Far more disturbing is the scenario which develops out of this. On
many conferences devoted to data encryption, this thread has evolved into
rallying support for PGP; to adopt it as a STANDARD for data encryption.
It is not my intention to knock PGP or its quality. It is one of the finest
encryption programs available to the public. But, adopting it as a standard
is just what the "fed" wants, as you will soon discover. Let's first examine
the plan of attack. The government wishes to enforce a "standard" and
introduces the "key-escrow" system.
Key-escrow encryption programs, are loosely based on the public key
concept. Two independent escrow agents each hold half the key needed to
decrypt a message. Any communications made on this system would be
automatically channeled to a gov't databank which can't be accessed without
both keys. It gives the gov't a passkey. Enter the infamous "Clipper Chip".
In the first phase of the Key Escrow policy, AT&T will market
telephones with the government's Clipper Chip built in. Communication from
one "Clipper" phone to another will be encrypted and will utilize the key
escrow system. This is obviously analogous to the gov't installing a bug
in your home, and promising not to listen in without a court order.
It is made quite obvious that they will be in charge of the keys and "will
not snoop". Then the name "Capstone" is openly plastered about; its
semantical evidence boldly displayed to all who understand the significance
of "The Great Seal" on a dollar bill.
Capstone is the newest NSA key escrow chip. Capstone was developed
for computer modems to track ("track" being the operative word) electronic
communications, in much the same fashion that the Clipper monitors telephone
conversations.
Naturally, the people unite against the government's imposing
encryption standards, and unwittingly adopt their own. The rationale of
the government's attacks on PGP becomes twofold. First, their attack has
succeeded in the adoption of an encryption standard, and second, they have
powerfully deterred the public from writing other equally useful encryption
programs.
Although this may come off as wild conspiracy, it is as valid as
any argument, and should, of course, be thoroughly examined by each
individual. Quantity would obviously override any standard in its ability
to confound cryptanalytic attack. Privacy IS a right. Something to think
about.
Michael Theroux
Cryptographic Arts
Borderlands BBS
707-826-1124