From: Andy Hayes Area: Public Key Encryption To: CHRISTOPHER BAKER 26 May 95 08:52:00 Subject: SecureMail Host Routi UpdReq In a message to MARK BAINTER, CHRISTOPHER BAKER said... CB> SecureMail Host Systems Could you please explain what all thsi is for? Andy -=or=- Jose * QUOTEOLX 2.4 1892898 * * OLX 2.2 TD * For sincere personal advice, page your sysop at 3 A.M. 201434369420143436942014343694201434369420143436942014343694718 From: Alan Pugh Area: Public Key Encryption To: Jeffrey Bloss 25 May 95 09:14:12 Subject: Re: Send/rec PGP Msg's UpdReq JB> Let's say I'm tapping this line, not monitoring it from a "pass JB> through" POV, so I have no idea which direction the individual messages JB> are traveling... and lets say that the participants are using a JB> "revolving key" method of generating noise. If everything is set up JB> right, I have NO way to pick out the useful from the useless, and the JB> useless messages are generated to specifically keep the message load JB> constant... there's no real flux in the numbers of messages. JB> Ahhhhh.... but wait. :) Every message I run through PGP gives me a JB> number! Geeeee, that's strange, this key ID received 10 messages this JB> week, none before, and hey... it seems to fade in and out at some JB> sorta interval. Hmmm.... probably a fake. :) And these five keys over JB> here. Funny how THEY seem to inversely vary in use when compared to JB> these other five keys. This tells me I've probably isolated messages JB> originating from one point. Look here... of the 10 "inverse" JB> messages, five of the keys changed and five didn't last week. JB> Hmmmmm.... JB> Start to get the picture? With a little more time, and some more JB> sophisticated analysis, there's a pretty good chance I can filter out JB> nearly ALL the noise and be left with two things... a "package" of JB> messages I can be pretty sure are legit, and the key ID's of the JB> people they were sent to. That's what traffic analysis is all about. JB> :) JB> There's a LOT more you can add to the mix on either end... this is JB> just a simple "what if" to show one way those "can only be read by JB> XXXX" messages can be put to use. excellent post on this jeffrey. i see your point. you are right in that i wasn't really looking far enough into it. i've worked out methods to scramble the pgp message a bit so as to hide the originator and recipient but it would probably fall fast to real cryptanalysis unless i was able to implement a good one-time pad into the mix. have you ever been subscribed to cypherpunks? i was for a while and learned quite a bit until the s/n ratio got too high to justify the traffic on my end. the situation you mentioned of sending packets at a given time every day was described in detail as well as some of the pitfalls and gotchas involved in this type of regular communications. it was pretty interesting reading overall. amp <0003701548@mcimail.com> May 25, 1995 10:14 ... The so-called New World Order isn't welcome here! -Somali Banner 201434369420143436942014343694201434369420143436942014343694718 From: L P Area: Public Key Encryption To: Glen Todd 27 May 95 18:24:00 Subject: Re: pgp Stuff Available UpdReq -----BEGIN PGP SIGNED MESSAGE----- -=> Quoting Glen Todd to L P <=- LP> My setup uses the Zone 1 nodelist to identify systems that may LP> download files from my PGP directory. It lets callers GT> Just out of curiousity, how do you do this. Magic, eh . But, if you don't DO magic, you might try my setup for the supernaturally challenged: Front end: BinkleyTerm 2.59 Extract a Zone 1 nodelist when you compile your nodelist. Binkley permits you to set up your FREQ security using 3 levels of security defined by settings in your Binkley configuration file: "Default" permits FREQs of files listed in a defined file list, for example, file list OKFILES1.LST. Anyone who calls can FREQ files listed in OKFILES1.LST. My "default" file list lists all of my files *except* for my files in my PGP directory; "Known" permits FREQs from a separate file list, e.g. OKFILES2.LST, by anyone listed on the compiled nodelist you are using . So, I extract and use only a Zone 1 nodelist for my system, in part to implement this feature for PGP FREQs. My "known" file list lists *all* of my files and makes them available for FREQ. "Protected (Prot)" security can be used to identify a third file list that defines files FREQable only by systems with which you have established a password. GT> I've spent quite a bit of time on my setup, and haven't found GT> anything that looks like it'll let me do this. My GT> current solution is to password-protect that directory and to GT> supply the password only in response to netmail from zone 1 GT> addresses. Hmm... doesn't sound like BinkleyTerm. Unless you're interested in switching, you should post a request identifying your mailer and maybe someone else can help -- especially if there is an echo dealing with the software you are using. Good luck, L P -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Get PubKey WHOSASKN.ASC at BBS 907-745-6093 1:17/75 iQCVAgUBL8fevl3p8JHts+exAQGMugP9Ge9zz4hySnQILZPm550cQUkBkAyjp2HM CXUhc4ilFBDcMXRsw86FS+kvSP/tpzxfR9WDHbiTOz3qs29I9jAMfmor/t8Ugfrm ePMSwn8BAWHrFdagAL5x4Yk79l8hG41ErD8Ec2hVzT5yaS+z0bdRFJwATEI6b8iu 2AtHB9Bx6FM= =6aAC -----END PGP SIGNATURE----- ___ Blue Wave/QWK v2.12 # Origin: Who's Askin'? Matanuska-Susitna Valley, AK (1:17/75.0) * Origin: PODNet <-> FidoNet EchoGate! (93:9600/0.0) SEEN-BY: 107/946 259/212 382/7 640/217 9000/0 9600/0 9608/0 9609/0 201434369420143436942014343694201434369420143436942014343694718 From: Alan Pugh Area: Public Key Encryption To: Rebellious Guerrilla 27 May 95 00:51:32 Subject: Public Key UpdReq guerrilla, i saw you key posted in key drop, and am hoping you scan this echo. have you put out a version that incorporates the 'clearsign bug' i'm using 2.61 because i like the abilitiy to handle bigger keys, but would like to be able to upgrade. amp <0003701548@mcimail.com> May 27, 1995 1:50 ... The family that shoots together shouldn't be messed with! 201434369420143436942014343694201434369420143436942014343694718 From: Shawn McMahon Area: Public Key Encryption To: All 14 May 95 12:36:00 Subject: OS/2 PM shell for PGP UpdReq I haven't downloaded and tested it yet, but I just found the following on 1:109/347: PMPGP.ZIP PMPGP Shell for PGP for OS2 201434369420143436942014343694201434369420143436942014343694718 From: Shawn McMahon Area: Public Key Encryption To: John Stephenson 14 May 95 12:47:22 Subject: RSA UpdReq Despite the stern warnings of the tribal elders, John Stephenson said this to All: JS> But.. how do I find out D & E with knowing P & Q? I'd eventually JS> like to implement a Pascal program using the formula.. but I JS> can't get past that "little" road block. E is randomly generated, such that E and (P-1)x(Q-1) are relatively prime. D equals E^-1(mod(P-1)x(Q-1)) That's for encryption. For decryption, you *DON'T* find them; D is the private key. E and N together comprise the public key. You either know 'em or you don't know 'em. But, of course, you should ignore me because Richard Dale says I don't know anything about this stuff. 201434369420143436942014343694201434369420143436942014343694718