From: Matt Giwer Area: Public Key Encryption To: Richard Dale 1 Mar 95 19:54:10 Subject: OLD TIMES NOT FORGOTTEN UpdReq RD> -----BEGIN PGP MESSAGE----- RD> Version: 2.6.2 RD> Comment: -[ Privacy through random acts of encryption ]- We do not appear to be communicating here. -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.6 mQCNAi4kncgAAAEEAL1ke9BH87LzZa4NCqjThi8PoDWw5XN8on1UFrroOudIqEdA MVqvrY5jT5RXLtkbFvrDzWRV9l0PybGxkWwXVBE3+jI5/jqXfLeG47EKkHFhw9Y2 ek9XAOaANMOPwCICRpVcD9HW1mVu7kkKosKp1deA0oVe5gPVX/lVIE5r33etAAUT tAptYXR0IGdpd2Vy =Dhdn -----END PGP PUBLIC KEY BLOCK----- --- * RM 1.3 01261 * Liberals think Clinton never lies. 201434369420143436942014343694201434369420143436942014343694718 From: Richard Dale Area: Public Key Encryption To: Shawn Mcmahon 2 Mar 95 20:56:10 Subject: Quotes as passphrase UpdReq SM>*And nothing I've ever read about it indicated that there was ANY need to shield SM>*one's CPU. And I pointed out that I *have* done the monitoring before, a point which you conveniently ignored. The whole unit should be shielded. Please read some literature on the subject and get up to speed with what's going on. I have done it and can verify it. * 1st 2.00c #567 * Don't sweat the petty things and don't pet the sweaty things 201434369420143436942014343694201434369420143436942014343694718 From: Jay Blair Area: Public Key Encryption To: Christopher Baker 2 Mar 95 07:25:24 Subject: Hello UpdReq -----BEGIN PGP SIGNED MESSAGE----- Thanks For Making It Available For FREQ. So, Now Would A PGP -Sta Be The Right Command For A Signature Like This? -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBL1X/oF24wpdVFTFlAQG50gP/U6aDFZMWyJb2BRdteFESOljT9ysNG0s6 G+59EpUBVvkGF6AxtDKhpnBlatGj8sPNyvAHAuXNvFZyFNsPNIsFbzYWZZSyv+Jx PbGOFoprJoCoMnUdT2tqRowMNWtS0MLxmYbEba/EyW8RsZreeiuknqhOBlFoP2kp wXwTjxcaZ5w= =qrXT -----END PGP SIGNATURE----- 201434369420143436942014343694201434369420143436942014343694718 From: Jeff Trowbridge Area: Public Key Encryption To: Jeffrey Bloss 2 Mar 95 16:56:32 Subject: UpdReq -----BEGIN PGP SIGNED MESSAGE----- On (28 Feb 95) Jeffrey Bloss wrote to All... JB> -----BEGIN PGP SIGNED MESSAGE----- JB> I just got around to reading the March, 1995 Dr. Dobbs update I JB> received a couple days ago. I suppose I can't quote the whole thing JB> without permission, but here's the bad news in a nutshell... JB> Seems the RSA encryption algorithm has been compromised, at least to a JB> point. The last "Asiacrypt" conference revealed a 19-digit number JB> that was the product of two equal length prime numbers (factoring JB> large numbers has always been the best theoretical attack to RSA). JB> 512 bit modulus schemes ARE breakable by anyone willing to spend a JB> couple million for the hardware, and able to wait a couple months. JB> The beginning of the end for RSA??? I'm definately not qualified to answer that question, but I read something similar on the net. The feeling was that you take your chances with a 512 or 768 bit key, the safest was to run a 1028 or 2047 bit because it'll be awhile before they crack those. TTYL, Jeff -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBL1ZpKHPq8B1oZhD9AQEQ3wQAqFKsnFHZOpLXLVmTH0Z3Axr2viuEkRrE g7wPBu0ehJLDUUmR4rgATenFURyVgZwKOQlDGPq1/ziOg1N5oAYC86PlmQzNKGaX Ybcz2tAXHYdebGU+JmRQ6t33XJ1Lwi84+AIjVoSCWpQ9TL2JwxkvQI+/oF98Wd/T pzfapQbmgvY= =23Bb -----END PGP SIGNATURE----- ... Against stupidity, the Gods themselves contend in vain. 201434369420143436942014343694201434369420143436942014343694718 From: Jim Bell Area: Public Key Encryption To: Jeffrey Bloss 2 Mar 95 13:28:00 Subject: RSA BEATEN... SORTA. UpdReq -=> Quoting Jeffrey Bloss to All <=- JeB> I just got around to reading the March, 1995 Dr. Dobbs update I JeB> received a couple days ago. I suppose I can't quote the whole thing JeB> without permission, but here's the bad news in a nutshell... JeB> Seems the RSA encryption algorithm has been compromised, at least to a JeB> point. The last "Asiacrypt" conference revealed a 19-digit number JeB> that was the product of two equal length prime numbers (factoring JeB> large numbers has always been the best theoretical attack to RSA). JeB> 512 bit modulus schemes ARE breakable by anyone willing to spend a JeB> couple million for the hardware, and able to wait a couple months. JeB> The beginning of the end for RSA??? You're seriously confused! First, you mentioned a "19-digit number" above. That's probably off by a factor of 10 or so. The longest RSA key publically announced to have been broken was a 438-bit key factorized by 8000-MIPS-YEARS of CPU time. This is equivalent to about a month on the newest Cray that's made. (Or about a week on an Intel supercomputer recently tested.) Assuming a doubling in the efficiency of the algorithm since the announcement, you're talking 3-4 days on that Intel supercomputer. It is estimated that an increase in 10 bits in the public-key length results in approximately a doubling of the difficulty of doing the factorization, which means that a 512-bit key would be (2**(74/10)) times harder, or 160 times harder. Thus, you have about 500 days on that computer for a 512-bit key. Do-able, I suppose, but the problem is that any target important enough to justify 1.5 years on a $10 million (wild guess) computer is not going to be stupid enough to use a 512-bit key. Naturally, he'd use a 1024-bit key. And that should be about 2**(512/10) times more difficult to crack, or about 3 million billion years! "Beginning of the end for RSA"? Bah! ... On what conclusion do you base your facts? ___ Blue Wave/QWK v2.12 201434369420143436942014343694201434369420143436942014343694718 From: John Roman Area: Public Key Encryption To: Glen Todd 3 Mar 95 19:31:52 Subject: Re: Golded @enc: PGP UpdReq -----BEGIN PGP SIGNED MESSAGE----- On 1 Mar 95, Glen Todd wrote to John Roman: GT> I've figured out how to do that as well (@ENC seems to give FastEcho GT> heartburn for some reason), as well as pointing out to Odinn that his GT> algorithm was erroneously identifing clearsigned messages as being GT> encrypted (which they are not, as we all know.) So far I haven't heard any reason that it's necessary or required, so why put it in? I did see that Odinn acknowledged that he needs to differentiate between encrypted and clearsigned stuff. That's a step in the right direction. Good work pointing that out to him in a way that he was receptive to it. John. -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBL1ffFg4f7XXjzQ6JAQG+lgQAu19CSggORHaEXY4W4b/VZcWZcVPOMp5i fO8/LUS+HhHcvInflcALicmxhDt9DwwdnI4vLXn1DMgTwBe1/tMzgQ3eRSwyAMr3 bs5R1GI8fUI+fylaewq8F85U9ppmGmVpqqW377LwpMQbdbvgcckEJGiSPgGzsbEn JcdRdYx4BKg= =J6jf -----END PGP SIGNATURE----- 201434369420143436942014343694201434369420143436942014343694718 From: Jim Gorges Area: Public Key Encryption To: Alan Pugh 3 Mar 95 08:22:16 Subject: Re: PGPBlue UpdReq -=> Jim Gorges was saying something about PGPBlue JG> is there another means of contacting the author via netmail or other JG> email systems? AP> last time i was on the bluewave echo, the author was there. you AP> might try picking it up for a while. Thanks, Alan. I'll give it a try. Jim Internet: Jim.Gorges@oubbs.telecom.uoknor.edu 201434369420143436942014343694201434369420143436942014343694718 From: Chris Adams Area: Public Key Encryption To: Shawn McMahon 1 Mar 95 21:04:32 Subject: Quotes as passphrase UpdReq On (28 Feb 95) Shawn McMahon wrote to Chris Adams... CA> Ask over in BBSLAW. Some guy there used to do this... SM> I'm not going to pick up a new echo, with attendant long distance charges, SM> every time somebody makes a claim they can't support. Especially an echo SM> where it'd be marginally off topic. Look, I just talked to the guy a few days ago. I don't save every post he made. Of course, someone else confirmed this a little while ago. Also, if you have a decent backbone feed, what's the problem? Also, would you prefer to trust what I can remember, or someone who actually DID this. SM> I believe you misread your reference. If you don't *HAVE* a reference to Sorry, you believe wrong... ... Amazing what alcohol does to a sense of humor. Death becomes funny. 201434369420143436942014343694201434369420143436942014343694718 From: Chris Adams Area: Public Key Encryption To: David Chessler 1 Mar 95 21:06:48 Subject: Quotes as passphrase UpdReq On (28 Feb 95) David Chessler wrote to Chris Adams... CA> DC> From what I know about digital signal processing and spectral >analysis, I > DC> suspect they're right--"jamming" or obscuring the signal won't >work. CA>Probably. How would multitasking with something OS/2 affect it? It seems >that swapping a few different programs in and out would complicate their >job a bit keeping things straight. DC> I don't know, but it seems to me they could just record the signals and DC> replicate them. Not easy, but not impossible. Every little bit helps... DC> and really, all they want is the screen and the keyboard, and forget what's DC> in background. What would prevent you from using something like a ECHO blahblahblah > PGP in a background window? There'd be no screen or keyboard. For that matter, you could always enter the password with the mouse using a template type chart over a deactivated screen (ie click in one area is A, anothe B, etc), which would prevent spying... CA> DC> Jamming with white noise would be no problem at all. CA>So much for that... DC> It's really easy to pull a signal out of white noise using spectral DC> analysis. Actually, I shouldn't be surprised... ... Death takes its toll. Please have exact change ready. 201434369420143436942014343694201434369420143436942014343694718 From: Chris Adams Area: Public Key Encryption To: Jeffrey Bloss 3 Mar 95 22:08:32 Subject: RSA beaten... sorta. UpdReq On (28 Feb 95) Jeffrey Bloss wrote to All... JB> I just got around to reading the March, 1995 Dr. Dobbs update I JB> received a couple days ago. I suppose I can't quote the whole thing JB> without permission, but here's the bad news in a nutshell... JB> Seems the RSA encryption algorithm has been compromised, at least to a JB> point. The last "Asiacrypt" conference revealed a 19-digit number JB> that was the product of two equal length prime numbers (factoring JB> large numbers has always been the best theoretical attack to RSA). JB> 512 bit modulus schemes ARE breakable by anyone willing to spend a JB> couple million for the hardware, and able to wait a couple months. JB> The beginning of the end for RSA??? Seems ominous, but it's not. As others have explained, just use a 2048 bit key, because EACH bit doubles the time needed. Also, volume makes anything approaching realtime decryption impossible for more than a message or two... ... The Kennedys' favorite sexual position: Defendant! 201434369420143436942014343694201434369420143436942014343694718 From: Eddie Benson Area: Public Key Encryption To: All 3 Mar 95 00:55:04 Subject: Internet mail reader that supports PGP.UpdReq Does anyone know of a good Mail reader that supports PGP? Eddie Benson ebenson@tyrell.net ... Amoebae leave no fossils. 201434369420143436942014343694201434369420143436942014343694718 From: Eddie Benson Area: Public Key Encryption To: Scott Mills 3 Mar 95 01:02:50 Subject: Re: Quotes as passphrase UpdReq -----BEGIN PGP SIGNED MESSAGE----- -=> While reading Naked Lunch, Scott Mills screamed; <=- SM> -----BEGIN PGP SIGNED MESSAGE----- SM> Thursday February 23 1995, Shawn McMahon writes to Chris Adams: CA>> Anyway, they do read more than that. It is actually possible to CA>> monitor your CPU, based on the RF it puts off. SM> Source, please. I don't think it is. SM> From the Cryptography faq section 9.3. SM> 9.3. What is TEMPEST? SM> TEMPEST is a standard for electromagnetic shielding for computer SM> equipment. It was created in response to the discovery that SM> information can be read from computer radiation (e.g., from a CRT) SM> at quite a distance and with little effort. SM> Needless to say, encryption doesn't do much good if the cleartext SM> is available this way. SM> For more info you can freq TEMPEST from here. If I have it set up SM> right that should get you a 21k zip with two text files on tempest. If SM> you have a problem let me know. I never heard of this program. Do you know a FTP site that I could get it from? Eddie Benson ebenson@tyrell.net ... Amoebae leave no fossils. -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.6 mQCNAy9Tt9sAAAEEAKZJkP6C3BUrnrOC6py4sY25shWH3m8gAY2fQIGFBN7GRtyg Rr3b85aiSUIccax2Xm+AOClPOfYMetf3FFogk67AAITy2dfxojwIh2oZIInL0cVV nKRUBC+XaRxtinYm52O5eE3b+0GFECVt9h6oKwljEZmbEP7dZF8PBRP4I0+tAAUR tCFFZGRpZSBCZW5zb24gPGViZW5zb25AdHlyZWxsLm5ldD4= =/rLl - -----END PGP PUBLIC KEY BLOCK----- 201434369420143436942014343694201434369420143436942014343694718 From: Juergen Werner Area: Public Key Encryption To: Alle 28 Feb 95 00:00:00 Subject: key UpdReq -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.3a mQCNAi33yykAAAEEAL3YwYwquZGtAMNLASY23ECY6IeYn/iTeQJVo6ylyUxf++0S vc64GPDdPbD5XRASX4iZCFl4Jt4pX559z6UmbXNIegsEPGbLwfxX08GXw7VWu+kr iwni0PfZOn4+WP+cLqlvZ7Nq3rJziKoR99CFpjfo6WbE67Ncxs9l+FukA4RBAAUR tCpKdWVyZ2VuIFdlcm5lciA8anVlcmdlbl93ZXJuZXJAYm8ucnVoci5kZT6JAJUC BRAt984lz2X4W6QDhEEBAdFtA/9hghn57mJn71tehBxG/B5AZ2Zznq6u82lf0mlV JKixLMouNLUMxpeSTnGTrIN7uKtoVCZxT7ley0rRrUn7ow/nE78nPjXiRIhykskZ XIoEfOdlL3YciJzqyV9ZiW3sr/wlJOi2YGrROfIIADLdohqpEbIgTuk0N9w1AMdu TmaiwbQuSnVlcmdlbiBXZXJuZXIgPEp1ZXJnZW4gV2VybmVyQDI6MjQ0NC8xMDA3 LjI2Pg== =Fwv4 -----END PGP PUBLIC KEY BLOCK----- * Origin: Bitte + drcken 201434369420143436942014343694201434369420143436942014343694718 From: Steve Linton Area: Public Key Encryption To: All 2 Mar 95 23:15:00 Subject: PGPBLUE & BLUEWAVE UpdReq To ALL: It is now March 2,1995, I have left this message twice before! This will be my third and final attempt. If any body in this echo sees this, I would appreciate a reply just to let me know whether or not I'm getting out! Thanks, Steve-- On Feb. 12, 1995 I wrote the following letter to Bruce Davis. It appears that FIDO ATE IT! So I will try again! If any body can help me, please respond! Thanks, Steve-- 02-12-95 11:31:00 From: STEVE LINTON To: BRUCE DAVIS Subj: BLUEWAVE & PGPBLU HELP!!! Bruce Davis wrote to David Mcintyre on 02/10/95... BD> By the way, I HIGHLY recommend PGPBLUE as a BlueWave/PGP BD> Interface. I've been using it for approximately 6 months...and it's BD> a good solid program. Bruce, I hope that you can help me! I recently got a copy of PGPBLUE vs. 3.0 but I have not been able to get it to work with my other programs. I'm using PGP vs. 2.6.2 and BLUEWAVE vs. 2.12. I have followed the installation procedures to the letter, yet when I try to run it I get the following error message from PGP: "Error: 'pgpblue.tmp' is not a ciphertext, signature, or key file." Then my editor appears with the original encrypted text all quoted! If I tell Bluewave not to quote the message, then I get the same error message, and the editor appears with a blank screen! This all occured when trying to decrypt a message. I get a different error message from PGP when I try to clearsign a message: "File [pgptemp.txt] does not exist." I have tried everything that I can think of to solve this but to no avail! If you have any suggestions that may be of help I would be grateful. Steve-- ___ Blue Wave/QWK v2.12 201434369420143436942014343694201434369420143436942014343694718 From: Steve Linton Area: Public Key Encryption To: All 21 Feb 95 21:07:00 Subject: PGPBLUE & BLUEWAVE UpdReq On Feb. 12, 1995 I wrote the following letter to Bruce Davis. It appears that FIDO ATE IT! So I will try again! If any body can help me, please respond! Thanks, Steve-- 02-12-95 11:31:00 From: STEVE LINTON To: BRUCE DAVIS Subj: BLUEWAVE & PGPBLU HELP!!! Bruce Davis wrote to David Mcintyre on 02/10/95... BD> By the way, I HIGHLY recommend PGPBLUE as a BlueWave/PGP BD> Interface. I've been using it for approximately 6 months...and it's BD> a good solid program. Bruce, I hope that you can help me! I recently got a copy of PGPBLUE vs. 3.0 but I have not been able to get it to work with my other programs. I'm using PGP vs. 2.6.2 and BLUEWAVE vs. 2.12. I have followed the installation procedures to the letter, yet when I try to run it I get the following error message from PGP: "Error: 'pgpblue.tmp' is not a ciphertext, signature, or key file." Then my editor appears with the original encrypted text all quoted! If I tell Bluewave not to quote the message, then I get the same error message, and the editor appears with a blank screen! This all occured when trying to decrypt a message. I get a different error message from PGP when I try to clearsign a message: "File [pgptemp.txt] does not exist." I have tried everything that I can think of to solve this but to no avail! If you have any suggestions that may be of help I would be grateful. Steve-- ___ Blue Wave/QWK v2.12 201434369420143436942014343694201434369420143436942014343694718