From: Scott Mills Area: Public Key Encryption To: Shawn McMahon 16 May 95 02:40:34 Subject: OS/2 PM shell for PGP UpdReq -----BEGIN PGP SIGNED MESSAGE----- Sunday May 14 1995, Shawn McMahon writes to All: SM> PMPGP.ZIP PMPGP Shell for PGP for OS2 I freqed this over an hour ago and still know nothing about it except that it has very annoying beg screens and that it isn't worth a damn for large keyrings. It's been crunching for about an hour trying to read my public ring and is still working on it. You might have better luck on your system if you have a smaller keyring. Mine is about 2 meg. I'll try later with a smaller ring and see if this does anything usefull. Maybe when I get up tomorrow it will be done reading this ring. Scott Impeach Clinton now. Avoid the rush in '96. Scott Mills 1024/26CD5D03 For my PGP key freq PGPKEY sm@f119.n265.z1.fidonet.org -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBL7hX9yP6qSQmzV0DAQFbDgP/SkxAsyUJdA4sYEqBeJgkDYzj5N9rc83t 0DArO413QXN2S6ILs913//0P25/wCaijbjvGOzCwGeRR4f5R0H1b+0kNzZWYscdx YwaDeG3jEzdVNEcxqCpZzZJ+MN5cKWqAlrrOyEO+j/Bhd52M0XS+Ct532tIkEduf mFsbrqtPe0g= =J7N+ -----END PGP SIGNATURE----- --- 201434369420143436942014343694201434369420143436942014343694718 From: John Stephenson Area: Public Key Encryption To: Ted Rolle 15 May 95 18:48:24 Subject: PGPWave source code gone UpdReq JS> Yes. But this should be of little concern to most people, I've already JS> started building a bigger, better PGPWave. I've finished the main menu, TR> You have my heartfelt sympathy, John. I am a programmer also, and to TR> lose what you have put blood, sweat, and tears into is a great loss. TR> You seem to have (appropriately) looked on the brighter side. If I didn't I wouldn't have gotten this far. Right now I've rewritten about 60% of the source. I just have to do the multiple encryption features, taglines, post keys, verify signature, and beta testing. This normally shouldn't take more than about 3-4 weeks tops. PGPWave is looking much better too. I redid a few things ie made a better clock function, global debugging, shelling, and configuration routines, plus a lot of duplicate letters in the main menu have been taken out. - John ... "Buy me a drink?" said Tom dryly. 201434369420143436942014343694201434369420143436942014343694718 From: John Stephenson Area: Public Key Encryption To: Michael Babcock 15 May 95 18:48:24 Subject: RSA UpdReq MB> Take two prime numbers, (p,q) and multiply them to get n. Make two MB> numbers [p-1] and [q-1], multiply them to get [(p-1)(q-1)] (i'm MB> leaving the unnamed variables as their equations). d is any number MB> between 1 and [(p-1)(q-1)] that is not a factor of [(p-1)(q-1)] MB> (fairly arbitrary choice). Now find a value for e that satisfies MB> [(e)(d)]/[(p-1)(q-1)] = 1. This will work... MB> BTW, as we all know, use LARGE numbers for p and q... Thanx, I'll give it a try. [time passes] Okay, it doesn't work. I found the error in your formulae, but I don't know how to fix it. Let x = (p-1)(q-1) You say that d is any number between 1 and x that is not a factor of x. Simply this means that "x mod d <> 0", ie doesn't evenly divide. But then you say that (e*d)/x = 1! Or that e*d=x, how could that work if the modulus isn't taken into account? E would have to a real number! Impossible! Maybe you meant that gcd(d,x)=1, ie d is relatively prime to x? If you did, or if you meant something else please give me an example (showing p,q,n,(p-1)*(q-1),d,e, and an example of encryption and decryption) using small prime numbers of your choice (ie 2,3,5,7..) Have you implemented RSA in a program? Has anyone here implemented true RSA, or is everyone just re-echoing incorrect information? Help! - John ... Oxymoron: Ferenghi Dentist. 201434369420143436942014343694201434369420143436942014343694718 From: jason carr Area: Public Key Encryption To: Alan Pugh 16 May 95 06:36:24 Subject: ] UpdReq -----BEGIN PGP SIGNED MESSAGE----- jc> Software chaos theory! Sourcecode entropy! :) AP> AP> no doubt! i don't have a real problem with people hacking the source AP> as long as they don't mess with the encryption algorythms. having the AP> different versions out there has both good and pad points to it. Or if they frob the algorithms they will at least need to publish the changes for peer/academic/(nsa!) review. jc> Prolly so, but I guarantee I won't be generating any 3k keys on this jc> 8088 laptop! :) AP> AP> i feel for ya guy. i've found pgp to be an excellent benchmarking AP> tool in addition to its other wonderful uses. have you ever played I generally run it at home on a dinosaur 386, but when I'm doing BW packets for whatever reason I'm limited to this old luggable. When I finally get fed up with my current job, I'll take the profitsharing $$$ and by a decent mono vga laptop. WinBook makes a sweet one for about $1800. AP> with 'fractint'? i finally found version 19 recently and they've AP> beefed up the software so it is now guaranteed to bring a cray to its Never messed with it. Sounds brutal, though. AP> [is a good read too. the author(s) have a pretty good sense of humour. I love that kind of thing. Makes all the difference when you're poring over new docs at 2am. :) -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Fully-encrypted echos =work= iQCVAwUBL7hxsUjhGzlN9lCZAQEPSwQAvRoYsQlck4p9M/srUk0F8DzBgcbdRQb7 IbWvl4n2uYHFJ1qyeX4pXGmBbX2MvvXowIML8TOgUO2mdDYgB9daIzv/jz7xLgQk dvF8sp3IB42q1nv+Cl0ra3K4OJKQry01zG+30RWN94q7ZqX4WSkHJ2V4NQeRKMLn m9PuPJrzfGg= =Pa+Z -----END PGP SIGNATURE----- jason ... BW-PGP.BAT / BlueWave 2.12 / PGP 2.6.2 201434369420143436942014343694201434369420143436942014343694718 From: jason carr Area: Public Key Encryption To: All 16 May 95 07:18:40 Subject: PGP and GEdit xpost UpdReq * Originally By: Andreas Otto * Originally To: Ryan Shaw * Originally Re: timEd w/external editor * Original Area: Fido: TimEd, NetMgr, WIMM Support Conference * Forwarded by : Blue Wave v2.12 Hi, RS> Could someone please post there external editor batch file? RS> I'm actually most interested in the one belonging to the RS> moderator of COLLEGE though (I can't recall his name at the RS> moment) as he had options configured for PGP and for a spell RS> checker. Thats not me, but maybe you'are intrested in my one too !? I'm using GEdit (yes, that online bbs-editor) as an external editor, using his msgtmp-Feature, this means i can Quote message text by Ctrl-Q like it is, when you are writing online in a BBS. I hate the other form of 'quoting', if you have all the original text in your mail and then you have to delete, what you don't need <--- thats stupid without end ! Therefore look at this ...: @echo off REM if not exist msgtmp. echo ! > msgtmp. move timed.msg msgtmp. >nul gedit.exe -s0 if not exist msgtmp. goto abort move msgtmp. timed.msg>nul gedk timed.msg buffer ? goto ende :abort del timed.msg buffer ? exit :ende Well, looks pretty difficult, huh ? :) Well, first of all timed.msg, the temporary message is moved to msgtmp, so that GEDIT.EXE kann access it. The 2 external programs used are "buffer", a small tool, what stores a letter in the keyboard-puffer, but what isn't really neccessary here, and the second one is "gedk", a small .exe by me what changes the wrong soft linefeeds to real hard linefeed, so that timeEd accepts the message in the right way and doesn't destroy boxes and other "grafical" things like FILE_ID.DIZ etc. I hope this helps .. btw: you can include SpellChecking in GEDIT too! Ciao, Andreas sid@rage.fido.de -!- ! Origin: 21st century digital boy (2:2452/307) 201434369420143436942014343694201434369420143436942014343694718 From: jason carr Area: Public Key Encryption To: Ted Rolle 16 May 95 13:27:34 Subject: Re: Pgp Stuff Available UpdReq -----BEGIN PGP SIGNED MESSAGE----- LP> files in the directory containing my PGP program files are LP> available only to Zone 1 callers. TR> How do you enforce this? You could compile your nodelist index using only Zone 1, then set your mailer to only allow FREQs from nodelisted systems. -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Fully-encrypted echos =work= iQCVAwUBL7jSDUjhGzlN9lCZAQHIFwP/U3sjHOAoS9oXuukFeBDTIWqBaT6KNfhn CUHBbz6nwOxCG4N+nOeif94Rs9bkHT389qkKPzxQyZqJIJ297zo1chp4j5aUkkAd mS7/9LvlTKTejFKl/Cj1P+onbhkjWK4ThQVZYojtexHCFsOhNCpbH5P/pwDDt2qv lQMkfoCeZwA= =SS1e -----END PGP SIGNATURE----- jason ... BW-PGP.BAT / BlueWave 2.12 / PGP 2.6.2 201434369420143436942014343694201434369420143436942014343694718 From: jason carr Area: Public Key Encryption To: Laurence Lane 16 May 95 06:42:24 Subject: Re: Send/rec PGP Msg's UpdReq -----BEGIN PGP SIGNED MESSAGE----- LL> I guess PGP's compression is not-very-robust compared to .ZIP. :) If I remember correctly, Phil Z. used ZIP's algorithms. If that's so, it should be very close. LL> Yeah. I initially conceived and implemented the idea to send a LL> private echo through Internet e-mail, where session passwords don't LL> apply. It was an attempt to synchronize several e-mail conversations LL> between myself and a few fellows in the Netherlands. The initial idea Yeah, it's a great idea when you have to share information with more than one other person. LL> The weakest links would be the hoomans[sic]. ;) It's true... -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Fully-encrypted echos =work= iQCVAwUBL7hzGUjhGzlN9lCZAQH2XwP9E9KXDMb8Y1a1H0ltibpJGTBi8CY0rQMi Al2XGV3IiCiTwThcpSdcokTvUguTM9WX1vy3EZYpxlGF0mbOKUG12TXeD2u4dDrY Id8uO3Quwwnh7gddMCZRDumrE9jKRTaFpExWOYsjKYMFU/M8QU01mQtC2xnhdh2d wJoUdfPd1jk= =SlDH -----END PGP SIGNATURE----- jason ... BW-PGP.BAT / BlueWave 2.12 / PGP 2.6.2 201434369420143436942014343694201434369420143436942014343694718 From: Shawn Pringle Area: Public Key Encryption To: John Stephenson 16 May 95 11:20:18 Subject: Re: RSA UpdReq -=> Quoting John Stephenson to All <=- JS> @PID: BWRA 3.01 [Eval] JS> @MSGID: 1:249/126.0 2fb2da8d JS> Forgive me if I'm offtopic, but I don't see any conferences JS> specifically devoted to this topic, and this was as close as it JS> gets for me. I'm familiar with the basic idea of RSA encryption, JS> and this is what I know so far: JS> The encryption algorithm is: C = (M^e) mod n The decryption JS> algorithm is: M = (C^d) mod n JS> (the same formulae, just with the opposite keys) JS> Where C is the encrypted byte JS> M is the original byte JS> p is a prime number JS> q is a prime number JS> n is pq JS> d is the inverse to the function of e JS> e is the inverse to the function of d JS> So the encryption key is the two numbers: e,n So the decryption JS> key is the two numbers: d,n JS> JS> But.. how do I find out D & E with knowing P & Q? I'd eventually JS> like to implement a Pascal program using the formula.. but I JS> can't get past that "little" road block. JS> Btw I live in Canada, so it's legal :) I took this scheme at the University of Winnipeg, Note that d must be reletively prime to (p-1)(q-1). So that means that the gcd((p-1)(q-1) , d) = 1, and that is all reletively prime means. So now you go through (p-1)(q-1) and you factor it into primes, all you really need to do is find all primes that divide it and avoid multiples of those primes. Make sure that d != e. Otherwise d is random. That's another important idea of d being random, there are lots of such numbers between 1 and (p-1)(q-1) all you have to do is make sure that it is 1024 bit, that is the first bit must be 1, and then you can randomize the rest of the bits and increment them until you get something you can use. I have this program it's called QFIX, it word wraps messages to 70 characters but it's written for a 32-bit extended interpeter and takes more memory than what I would otherwise have barganed. It uses 32b for each character and it would be quite harry to change, ironically enough I don't run out of memory. I can even do things that I *can't* do in Pascal. I have used things I could do in Pascal and have attempted to port it. Observe that you're quoted text is wrapped to 70 characters, by my program. If you want the source to be used in your program please do. You can FREQ the upgrade package from my system as QFIXU and then get EUPHOR12.ZIP locally. QFIXU is the source that runs off of EUPHOR12.ZIP, the interpeter. This interpeter is available on CD-ROM (night owl 11). It would be fantastic if you integrated this into PGPBlue. It's my own baby, so if you want it you can ask for it here and I'll transmit the upgrade, even at 2400b 18k is nothing. My system is up from 9:00pm - 7:00am. JS> - John Shawn ... Real programmers confuse XMAS & Halloween: DEC 25=OCT 31! --- QFix v0.624[FreeWare] Available @1:348/945FREQ: QFIXF ~~~ ReneWave v1.00.wb2 (unregistered) 201434369420143436942014343694201434369420143436942014343694718 From: L P Area: Public Key Encryption To: Ted Rolle 15 May 95 09:38:00 Subject: Re: pgp Stuff Available UpdReq -----BEGIN PGP SIGNED MESSAGE----- -=> Quoting Ted Rolle to L P <=- TR> Hello L! LP> files in the directory containing my PGP program files are LP> available only to Zone 1 callers. TR> How do you enforce this? I use Binkley Term as my BBS front end. Its security provisions permit one to define separate lists of files that the system will send to 1) any system that calls, 2) only systems calling that are on the available nodelist, and 3) only systems with which a password protected session has been arranged. I extract only a Zone 1 nodelist for my system and list my PGP directory and magic filenames only at the level 2 security. This security, like any measures other than making files entirely unavailable, can be circumvented and broken. But it seems reasonable to me under the circumstances -- it would require a person outside of Zone 1 to perpetrate a fraud and an electronic form of burglary to get these files; all the files that I have are available internationally, and anyone outside of Zone 1 smart enough to "break" this security is smart enough to get anything I have for less money and with less hassle outside of Zone 1 than calling me. If my country would make me a criminal for being a victim of crime (and a crime having no practical effect), then we truly are at the end of a government of, by, and for the people. But, I feel that I have the right to act reasonably and that I should only be expected to act reasonably under the circumstances, and this is my determination in this case based upon the information that is available to me. Take care, L P -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Get PubKey WHOSASKN.ASC at BBS 907-745-6093 1:17/75 iQCVAgUBL7eRj13p8JHts+exAQFwBwP/cdG4xOUbKvEd7pXZ1LUN5Ao8GoEYpXwu PJqeMX3vwX9zNgsX2aEEHbNuSpRv80phy4aSp+yGLa7g7KUcqb5YTqTCrwqaqlW+ ohR1yQz+EvjqayMcCsr5wEzZk5Ltg39XfkkgynO+5eaf7AFy7mSILfqglJgCGYv3 65eV0WKfHsY= =FDnL -----END PGP SIGNATURE----- --- Blue Wave/QWK v2.12 # Origin: Who's Askin'? Matanuska-Susitna Valley, AK (1:17/75.0) * Origin: PODNet <-> FidoNet EchoGate! (93:9600/0.0) SEEN-BY: 107/946 259/212 382/7 640/217 9000/0 9600/0 9608/0 9609/0 201434369420143436942014343694201434369420143436942014343694718 From: Reed Darsey Area: Public Key Encryption To: John Schofield 17 May 95 02:10:36 Subject: Keep Out (via Internet?) UpdReq What is the latest on the availability of Keep Out, via the Internet? Some time ago there was an offer of e-mailing out of issues, but I never got it to work. Is it still going? ~~~ wsOMR/1.01b [UNREG] 201434369420143436942014343694201434369420143436942014343694718 From: David Mcneil Area: Public Key Encryption To: Michel Bertler 16 May 95 04:43:00 Subject: Pgp (mac <> Ibm) UpdReq Michel Bertler: I'm encountering problems decoding a ciphertext file (Ascii radix 64 format) coming from a Mac user! So far, he's been using commands: -sea and -seat but the blocks lines are concatenated into a single line wrapping at excessive length (512 caracters) and PGP does not recognize this as being a ciphertext file. Macintosh text files are line-delimited by just a carriage return character; MS-DOS text files are delimited by a carriage return character followed by a linefeed character. There are eighty-zillion little programs which do textfile conversion between MS-DOS and Mac (and MS-DOS and Unix, and Mac and Unix, and...). I had no problem using DOS PGP to read my friends' public key blocks which were created on their Mac and exported as text. I remember being impressed that DOS PGP was smart enough to deal with the problem on its own. I haven't got a signed or encrypted message from them yet, so I haven't tested that aspect. What version of PGP are you using, and what version is your friend using? Is your friend *literally* using the dash options? In my friends' MacPGP, there's a menu item called "Run command file." If you click on it, a dialogue box comes up saying that feature is untested, and to RTFM before trying it. --dave. Version: 2.6.2 iQCVAwUBL7iP0iJ0nJJxUe5ZAQHRYQQAjVitDksL1JZilYKJ5mweWFWkaG7VHwer TROsaNe9RfqMsWzxmJkar9QSX/1x42K8U3He4g2FykLbj2GcdwsIN8RHnsfHdpW7 YorqRN4EuOAxOKsmcz6qhi6oWuM+OoMAP6YqsAvxOgKfDZ5pToRRQo/jaaIsW4vO Mo4Xc42IUuk= =WQP1 201434369420143436942014343694201434369420143436942014343694718