Re: PGP 2.6.3ia and the passing of time?
- From: "vedaal" <vedaal@xxxxxxxxx>
- Date: 27 Feb 2007 08:14:03 -0800
On Feb 27, 8:45 am, George Orwell <nob...@xxxxxxxxxxxx> wrote:
Is anyone aware of how a more
modern version of GnuPG might
compare with the venerable
PGP 2.6.3ia?
Specifically , any incompatibilities
between this particular version of
PGP and a more recent version of GnuPG ,
as well as any weaknesses that have
since been discovered within PGP 2.6.3ia
since it was released.
current gnupg (1.4.6) does not include IDEA because of proprietary
patent issues, but has a plug-in available allowing use of IDEA
the real problems are:
[1] pgp 2.x accepts only v3 rsa keys, and (current, unhacked) gnupg
does not allow for generation of v3 rsa keys, so unless a gnupg user
already has a v3 rsa key, such a user cannot have an encrypted
correspondence with a 2.x user
(and even if a gnupg user did have such a key, it has to have no
signatures from newer key types in order to be accepted into a 2.x
public key ring)
[2] pgp 2.x uses md5 for signatures, both as self-sigs on keys , and
on files,
and md5 is pretty much 'almost completely broken' and is no longer
considered 'safe'
[3] pgp 2.x v3 rsa keys do not include the key length in the hash for
the fingerprint,
(v4 rsa keys do), so it is possible to generate an imposter key with
the same key id and the same fingerprint, but with an atypical key
size.
(This is not such a big problem as long as people know to check the
key size together with the key id and fingerprint.)
[4] some cryptographers frown on the use of the same key for both
signing and encrypting,
(not so much because of any known vulnerability,
but for the practical reason that if authorities require giving up a
key to decrypt messages, the surrendered key cannot be used for forged
signatures)
there are only a few reasons to continue using pgp2.x:
(1) it fits on a bootable floppy, and does not require registry
entries or changes, or installation
(2) it has its own 'wipe' feature
(not great by 'eraser' standards,
but gnupg has none, and newer pgp requires installation)
(3) it has die-hard users who refuse to communicate using anything
else
(n.b. Ross Anderson is one of them, or at least was 2 or 3 years ago
when i last corresponded with him, and had a gnupg message returned to
me with a note that he accepts only pgp 2.x)
a possible reason why this is so, is not that pgp2.x is better than
gnupg
(gnupg is way, way *better*)
but that 2.x is small enough so that people can actually check the
entire source code themselves, and have already done so, and have
studied it well.
if you don't have any of the 3 above reasons to require 2.x,
i would advise you to switch to gnupg,
(which can be run from a usb drive without registry entries or
installation,
if that is one of your requirements)
vedaal
.
- References:
- PGP 2.6.3ia and the passing of time?
- From: George Orwell
- PGP 2.6.3ia and the passing of time?
- Prev by Date: About RSA Cryptosystem
- Next by Date: Re: Quantum Cryptography can not work
- Previous by thread: Re: PGP 2.6.3ia and the passing of time?
- Next by thread: Re: PGP 2.6.3ia and the passing of time?
- Index(es):
Relevant Pages
|
|
