Confirm Action

Are you sure you wish to do this?

Confirm Cancel
Member Login
Site Notices
Posted: 9/22/2004 7:43:04 AM EDT
Has it been broken by the .gov?
Do they have a hack?

Link Posted: 9/22/2004 7:51:16 AM EDT
PGP, aka "Pretty good Privacy" is not just pretty good.

Its very good.

I use an older DOS version that was the one the .gov attempted to Prosecute Phill Zimmerman for writing (they said it was "ordnance.")

If it pissed of the .gov, you can bet they haven't cracked that one yet.

The underlying cipher in the version is use is IDEA, which has been subjected to extensive crypto-analysis.

It cannot be broken with brute strength. If you had a million computers that could try a million key combinations a second, it would still take a VERY LONG TIME to get even halfway through the keyspace. Also, there aren't enough silicon atoms in the universe to build that many computers capable of trying a million keys a second.

Link Posted: 9/22/2004 8:01:16 AM EDT
but I haven't heard anything from the .gov lately, which seems to me that maybe they cracked it, and don't care anymore, or built a computer big enough for brute strength.

Link Posted: 9/22/2004 8:15:43 AM EDT
I asked this at a U.S. Customs seminar some time ago. They asked the NSA, or so they said. The NSA would not reply. That's understandable. If they broke it, users would switch to something else and they would lose the intercepts. If they couldn't break it, or didn't have a back door, they wouldn't want anyone to know for fear of a wide spread use of it to encrypt data.

Personally speaking, I think it's a very good program.
Link Posted: 9/22/2004 8:18:49 AM EDT
Why? Whatcha planning on doing with encrypted emails and storage space?
Link Posted: 9/22/2004 8:25:56 AM EDT

Originally Posted By TxLewis:
Has it been broken by the .gov?
Do they have a hack?


As mentioned above, they'd never say if they did or not.

I use the latest version, and it's good. Integrates easily with Outlook/Eudora and the encrypted volumes work seamlessly.
Link Posted: 9/22/2004 8:29:15 AM EDT
I like the PGP wipe feature myself. I highly recommend it too.
Link Posted: 9/22/2004 8:42:32 AM EDT
It's unlikely that it's been broken in the sense that the government can eavesdrop on cyphertext and decode it. It's been attacked by the best academics out there for years, and they've probably got more brainpower than the government. there may be other attacks, such as gaining control of your computer and planting key loggers, examining memory for plaintext, and other indirect attacks. Any crypto system is only as strong as the weakest link, and in PGP's case it's probably not the underlying algorithm.
Link Posted: 9/22/2004 8:49:09 AM EDT
I seriously doubt it.
Link Posted: 9/22/2004 8:54:23 AM EDT
There was an interesting court case a couple years ago. An organized crime case and the FBI ...I think the mob guy's name was Scarfo. Almost every report talks about how the FBI was unable to crack PGP on the files they got through a search warrant. So they broke in and secretly installed a "key logger" to capture Scarfo's PGP password as he typed it in...and then used that to open his PGP files.

To me, the most interesting part , (which I can't find on the net, but I recall reading in 2001), is that when the FBI first got the encrypted files, they tried to crack it but failed...so for some reason, the FBI had some sort of hope that they could crack the files.
Top Top