Re: How regularly is the GnuPG source code examined?

From: Unruh (unruh-spam_at_physics.ubc.ca)
Date: 09/28/05

Next message: Unruh: "Re: The effects of quantum computers"

Previous message: donstockbauer_at_hotmail.com: "Re: Hey Stopids, why does color change?"
In reply to: Francois Grieu: "Re: How regularly is the GnuPG source code examined?"
Next in thread: tomstdenis_at_gmail.com: "Re: How regularly is the GnuPG source code examined?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: 28 Sep 2005 15:39:16 GMT

Francois Grieu <fgrieu@francenet.fr> writes:

>In article <dhchrf$15cn$1@agate.berkeley.edu>,
> daw@taverner.cs.berkeley.edu (David Wagner) wrote:

>> I already gave one example of an apparently accidental bug in PGP that
>> (a) allowed to attacker, intercepting only the output of the program,
>> to gain enough information to decrypt it easily; (b) could have been
>> inserted by an insider; (c) was in fact not detected for a long time.

>Is this anecdote, of great interest, documented in detail somewhere ?
>Like which PGP, which version, on which platform ? Conditions for an
>attack to be mountable ? Computational cost thereof ?

It was during the launch of new "new" pgp for which the dispute with RSA
had finally been resolved when the patent holder MIT came to an agreement
with its sole licensor, RSADSI, to issue a non-commercial version. One of
the MIT people who helped rewrite pgp (2.5.x?)for that release suddenly discovered that he
had screwed up the random number generator so that it found new randomness
and then never used it-- ie just overwrote it with some fixed value.
This had been in the new release for a few weeks (not months). Had this
been malicious then the attacker would have had a much reduced key space to
search through.

This is all from memory, so not sure if you would call it documentation.
It is all in the archives of alt.security.pgp, which was where he announced
the bug.

>Thanks in advance,

> François Grieu

Next message: Unruh: "Re: The effects of quantum computers"

Previous message: donstockbauer_at_hotmail.com: "Re: Hey Stopids, why does color change?"
In reply to: Francois Grieu: "Re: How regularly is the GnuPG source code examined?"
Next in thread: tomstdenis_at_gmail.com: "Re: How regularly is the GnuPG source code examined?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

RE: Crypto Question
... make it infeasible for an attacker to break it, then making it any larger is ... that your passphrase strength matters if an attacker can get access to the ... passphrases that are truly difficult to brute force, and indeed, most people ... PGP / XML GATEWAY APPLIANCE ...
(Security-Basics)
PGPsdk Key Validity Vulnerability
... Subject: PGPsdk Key Validity Vulnerability ... A vulnerability in PGP's display of key validity has been discovered ... attacker can obtain a signature on their key from a trusted third party, ... Whenever PGP ...
(Bugtraq)
[NT] Remotely Exploitable Buffer Overflow in PGP
... In many locations where PGP handles files, the length of the filename is ... user attempts to encrypt or decrypt a file with a long filename. ... A malicious attacker could create a filename containing: ...
(Securiteam)
Re: Help - Adding size to a document? More security
... Have you looked at PGP encryption? ... don't think adding extra file size is any real security benefit... ... If you have an attacker that can break GPG then you ...
(Ubuntu)
GPG or other PGP compatible encryption on AS400
... Has anyone ported GPG to the AS400 platform? ... posts in August and September asking about PGP, ... to be any answers to cheap/free PGP compatible encryption yet for the ...
(comp.security.misc)