Archive-name: pgp-faq/part3
Posting-Frequency: monthly
Last-modified: 22 June 1995
-----BEGIN PGP SIGNED MESSAGE-----
========================================================================
Appendix I - PGP add-ons and Related Programs
========================================================================
Due to the enormous size this FAQ has begun to take, I have condensed
this section, using a home-grown format that (I hope) will be easy to
machine-parse into whatever other formats I can manage.
This list is not exhaustive, nor is it even necessarily correct. Much
of it is lifted from the old FAQ, and, as a result, some of the links
are probably out of date. Hopefully, I will be able to weed out the
bad links and update this over time; the task was too great for me to
take immediately, however, especially given the pressing need. I
present it in the hope that it will be helpful.
========
Amiga
========
PGP Mail Integration Project
Author: Peter Simons
ftp://ftp.uni-kl.de/pub/aminet/comm/mail/PGPMIP.lha
ftp://ftp.uni-kl.de/pub/aminet/comm/mail/PGPMIT.readme
Automatic PGP encryption for mail over UUCP and SMTP.
- -----
PGPAmiga-FrontEnd
Author: Peter Simons
GUI front end for Amiga PGP.
- -----
StealthPGP 1.0
ftp://ftp.uni-erlangen.de/pub/aminet/util/crypt/StealthPGP1_0.lha
Tool to remove any header stuff from PGP encrypted
messages, to make sure nobody recognizes it as
encrypted text. Source included.
- -----
PGPMore 2.3
ftp://ftp.uni-erlangen.de/pub/aminet/util/crypt/PGPMore2_3.lha
More-like tool which decrypts PGP encrypted blocks
included in the text before displaying them.
Useful for decrypting complete mail folders, etc...
========
Archimedes
========
PGPwimp
Author: Peter Gaunt
ftp://ftp.demon.co.uk/pub/archimedes/
A multi-tasking WIMP front-end for PGP (requires RISC OS 3). Operates on
files - it has no hooks to allow integration with mailers/newsreaders.
- -----
RNscripts4PGP
Author: pla@sktb.demon.co.uk (Paul L. Allen)
ftp://ftp.demon.co.uk/pub/archimedes/
A collection of scripts and a small BASIC program which integrate PGP
with the ReadNews mailer/newsreader. Provides encryp, decrypt, sign
signature- check, add key.
========
DOS (Windows utilities are in a separate section)
========
Offline AutoPGP
Author: Stale Schumacher
ftp://oak.oakland.edu/pub/msdos/security/apgp212.zip
http://www.ifi.uio.no/~staalesc/AutoPGP/
Integrates PGP with QWK and SOUP offline mail readers.
- -----
PGPSort
Author: Stale Schumacher
ftp://oak.oakland.edu/pub/msdos/security/pgpsort.zip
http://www.ifi.uio.no/~staalesc/PGP/PGPSort.html
Sorts your PGP public keyring.
- -----
HPack
ftp://garbo.uwasa.fi/pc/arcers/hpack79.zip
ftp://garbo.uwasa.fi/pc/doc-soft/hpack79d.zip
ftp://garbo.uwasa.fi/pc/source/hpack79s.zip
ftp://garbo.uwasa.fi/unix/arcers/hpack79src.tar.Z
Archiver program (like ZIP) which integrates PGP.
- -----
Menu
ftp://ghost.dsi.unimi.it/pub/crypt/menu.zip
Menu shell for PGP which uses 4DOS.
- -----
OzPKE
CompuServe: EFFSIG lib 15, OZCIS lib 7, EURFORUM lib 1
Integrates PGP into OzCIS, an automated access program for CompuServe.
- -----
PGP-Front
Author: Walter H. van Holst <121233@student.frg.eur.nl>
ftp://ftp.dsi.unimi.it:/pub/security/crypt/PGP/pgpfront.zip
Interactive shell for PGP; has most functions.
- -----
PGPShell
Author: James Still
ftp://oak.oakland.edu/pub/msdos/security/pgpshe33.zip
mailto:still@rintintin.colorado.edu (subject "send shell")
Another PGP shell for DOS.
- -----
PGS
ftp://oak.oakland.edu/pub/msdos/security/
Pretty Good PGP Shell or PGS is a complete shell for Philip Zimmermann's
Pretty Good Privacy (PGP). PGS enables you to do anything that PGP can do
from the commandline from a, easy to use, front-end shell.
- -----
PGPUtils
ftp://ftp.dsi.unimi.it/pub/security/crypt/PGP/pgputils.zip
Batch files and PIF files for PGP.
- -----
PC Yarn
Author: Chin Huang
ftp://oak.oakland.edu/SimTel/msdos/offline/yarn_0xx.zip (xx is version number)
MS-DOS offline mail and news software (using the SOUP packet format)
that can clearsign or encrypt outgoing messages, and decrypt incoming
messages to the CRT, a text file, or a mail folder.
========
MAC
========
========
NeXT
========
CryptorBundle
ftp://ftp.informatik.uni-hamburg.de/pub/comp/platforms/next/Mail/apps/
CryptorBundle-1.0.NI.b.tar.gz
Integrates PGP into Mail.app.
========
OS/2
========
EPM Macro for PGP
Author: John C. Frickson
ftp://ftp.gibbon.com/pub/gcp/gcppgp10.zip
Macro for EPM which places a PGP menu in the menu bar.
========
Unix
========
PGPsendmail
ftp://ftp.atnf.csiro.au/pub/people/rgooch/
ftp://ftp.dhp.com/pub/crypto/pgp/PGPsendmail/
ftp://ftp.ox.ac.uk/pub/crypto/pgp/utils/
Automatically encrypts by acting as a wrapper for sendmail.
- -----
PGPTalk
ftp://ftp.ox.ac.uk/src/security/pgptalk.zip
Integrates PGP into ytalk for secure private chatting.
- -----
Emacs Auto-PGP
Author: Ian Jackson
This is a package for integrating PGP into GNU Emacs.
- -----
Mailcrypt
Author: jsc@mit.edu (Jin S Choi), patl@lcs.mit.edu (Patrick J. LoPresti)
ftp://cag.lcs.mit.edu/pub/patl/mailcrypt/
This is an elisp package for encrypting and decrypting mail. I wrote this to
provide a single interface to the two most common mail encryption programs,
PGP and RIPEM. You can use either or both in any combination.
- -----
mail-secure.el
Author: Travis J. I. Corcoran (tjic@icd.teradyne.com)
mailto: tjic@icd.teradyne.com
Complement to Mailcrypt which adds some new features. Requires Mailcrypt.
- -----
PGPPAGER
Author: abottone@minerva1.bull.it (Alessandro Bottonelli)
This program acts as a smart pager for mail, and can automatically
decrypt the body portion of a message if necessary.
- -----
mkpgp
mailto:slutsky@lipschitz.sfasu.edu
(auto-replies the mkpgp program; use Subject: mkpgp)
Script for integrating pine and PGP.
- -----
PGP Elm
Author: Kenneth H. Cox
ftp://ftp.viewlogic.com/pub/elm-2.4pl24pgp3.tar.gz
Patched version of elm which is PGP-aware.
- -----
PGP Augmented Messaging (was PGP Enhanced Messaging)
Author: Rick Busdiecker
ftp://h.gp.cs.cmu.edu/usr/rfb/pem/
Another set of GNU Emacs PGP utilities.
========
VAX/VMS
========
ENCRYPT.COM
Author: joleary@esterh.wm.estec.esa.nl (John O'Leary)
ENCRYPT.COM is a VMS mail script that works fine for
joleary@esterh.wm.estec.esa.nl (John O'Leary)
========
Windows (v3, '95, NT)
========
PGP Help for the Windows Help engine
Author: Jeff Sheets
http://netaccess.on.ca/~rbarclay/pgp.html
PGP documentation and help in WinHelp format.
- -----
PGPWinFront (PWF)
Author: Ross Barclay
http://netaccess.on.ca/~rbarclay/index.html
mailto:rbarclay@trentu.ca (put GET PWF in subject)
Windows front end for PGP. Includes most functions.
- -----
J's Windows PGP Shell (JWPS)
ftp://oak.oakland.edu/pub/msdos/security/
Another Windows front end for PGP. Supports drag-n-drop, clipboard, etc.
- -----
PGP Windows
ftp://oak.oakland.edu/pub/msdos/security/pgpwin.zip
Still another Windows PGP front end.
- -----
WinPGP(tm)
ftp://ftp.firstnet.net/pub/windows/winpgp/pgpw40.zip
http://www.firstnet.net/~cwgeib/welcome.html
Another PGP Windows shell; this one is shareware.
- -----
ZMail Scripts for PGP
Author: Guy Berliner
ftp://ftp.netcom.com/pub/be/berliner/readme.html
ftp://kaiwan.com/user/mckinnon/pgp4zm.zip
Scripts for integrating PGP with ZMail, a popular graphical mailer.
- -----
Private Idaho
ftp://ftp.eskimo.com/joelm/pidaho21.zip
http://www.eskimo.com/~joelm/
A PGP integration tool for various Windows mailers. Supports anonymous
remailers.
- -----
S-Tools
Author: Andy Brown
ftp://mirage.nexor.co.uk/pub/security/steganography/s-tools3.zip
A set of Windows steganography tools.
========================================================================
Appendix II - Glossary of Cryptographic Terms
========================================================================
========
Chosen Plain Text Attack
========
This is the next step up from the Known Plain Text Attack. In this
version, the cryptanalyst can choose what plain text message he wishes
to encrypt and view the results, as opposed to simply taking any old
plain text that he might happen to lay his hands on. If he can recover
the key, he can use it to decode all data encrypted under this key.
This is a much stronger form of attack than known plain text. The
better encryption systems will resist this form of attack.
========
Clipper
========
A chip developed by the United States Government that was to be used
as the standard chip in all encrypted communications. Aside from the
fact that all details of how the Clipper chip work remain classified,
the biggest concern was the fact that it has an acknowledged trap door
in it to allow the government to eavesdrop on anyone using Clipper
provided they first obtained a wiretap warrant. This fact, along with
the fact that it can't be exported from the United States, has led a
number of large corporations to oppose the idea. Clipper uses an 80
bit key to perform a series of nonlinear transformation on a 64 bit
data block.
========
DES (Data Encryption Standard)
========
A data encryption standard developed by IBM under the auspices of the
United States Government. It was criticized because the research that
went into the development of the standard remained classified.
Concerns were raised that there might be hidden trap doors in the
logic that would allow the government to break anyone's code if they
wanted to listen in. DES uses a 56 bit key to perform a series of
nonlinear transformation on a 64 bit data block. Even when it was
first introduced a number of years ago, it was criticized for not
having a long enough key. 56 bits just didn't put it far enough out of
reach of a brute force attack. Today, with the increasing speed of
hardware and its falling cost, it would be feasible to build a machine
that could crack a 56 bit key in under a day's time. It is not known
if such a machine has really been built, but the fact that it is
feasible tends to weaken the security of DES substantially.
I would like to thank Paul Leyland for the following
information relating to the cost of building such a DES cracking
machine:
_Efficient DES Key Search_
At Crypto 93, Michael Wiener gave a paper with the above title. He
showed how a DES key search engine could be built for $1 million which
can do exhaustive search in 7 hours. Expected time to find a key from
a matching pair of 64-bit plaintext and 64-bit ciphertext is 3.5 hours.
So far as I can tell, the machine is scalable, which implies that a
$100M machine could find keys every couple of minutes or so.
The machine is fairly reliable: an error analysis implies that the mean
time between failure is about 270 keys.
The final sentence in the abstract is telling: In the light of this
work, it would be prudent in many applications to use DES in triple-
encryption mode.
I only have portions of a virtually illegible FAX copy, so please don't
ask me for much more detail. A complete copy of the paper is being
snailed to me.
Paul C. Leyland
Laszlo Baranyi says that the full paper is available
in PostScript from:
ftp://ftp.eff.org/pub/crypto/des_key_search.ps
ftp://cpsr.org/cpsr/crypto/des/des_key_search.ps
(cpsr.org also makes it available via their Gopher service)
========
EFF (Electronic Frontier Foundation)
========
The Electronic Frontier Foundation (EFF) was founded in July, 1990, to assure
freedom of expression in digital media, with a particular emphasis on
applying the principles embodied in the Constitution and the Bill of Rights
to computer-based communication. For further information, contact:
Electronic Frontier Foundation
1001 G St., NW
Suite 950 East
Washington, DC 20001
+1 202 347 5400
+1 202 393 5509 FAX
Internet: eff@eff.org
========
IDEA (International Data Encryption Algorithm)
========
Developed in Switzerland and licensed for non-commercial use in PGP.
IDEA uses a 128 bit user supplied key to perform a series of nonlinear
mathematical transformations on a 64 bit data block. Compare the
length of this key with the 56 bits in DES or the 80 bits in Clipper.
========
ITAR (International Traffic in Arms Regulations)
========
ITAR are the regulations covering the exporting of weapons and weapons
related technology from the United States. For some strange reason,
the government claims that data encryption is a weapon and comes under
the ITAR regulations. There is presently a move in Congress to relax
the section of ITAR dealing with cryptographic technology.
========
Known Plain Text Attack
========
A method of attack on a crypto system where the cryptanalyst has
matching copies of plain text, and its encrypted version. With weaker
encryption systems, this can improve the chances of cracking the code
and getting at the plain text of other messages where the plain text
is not known.
========
MD5 (Message Digest Algorithm #5)
========
The message digest algorithm used in PGP is the MD5 Message Digest
Algorithm, placed in the public domain by RSA Data Security, Inc.
MD5's designer, Ronald Rivest, writes this about MD5:
"It is conjectured that the difficulty of coming up with two messages
having the same message digest is on the order of 2^64 operations, and
that the difficulty of coming up with any message having a given
message digest is on the order of 2^128 operations. The MD5 algorithm
has been carefully scrutinized for weaknesses. It is, however, a
relatively new algorithm and further security analysis is of course
justified, as is the case with any new proposal of this sort. The
level of security provided by MD5 should be sufficient for implementing
very high security hybrid digital signature schemes based on MD5 and
the RSA public-key cryptosystem."
========
MPILIB (Multiple Precision Integer Library)
========
This is the common name for the set of RSA routines used in PGP 2.3a
and previous, as well as the international versions of PGP. It is
alleged to violate PKP's RSA patent in the USA, but is not otherwise
restricted in usage. It retains its popularity abroad because it
outperforms RSAREF and has fewer legal restrictions as well.
========
NSA (National Security Agency)
========
The following information is from the sci.crypt FAQ:
The NSA is the official communications security body of the U.S.
government. It was given its charter by President Truman in the early
50's, and has continued research in cryptology till the present. The
NSA is known to be the largest employer of mathematicians in the
world, and is also the largest purchaser of computer hardware in the
world. Governments in general have always been prime employers of
cryptologists. The NSA probably possesses cryptographic expertise many
years ahead of the public state of the art, and can undoubtedly break
many of the systems used in practice; but for reasons of national
security almost all information about the NSA is classified.
========
One Time Pad
========
The one time pad is the ONLY encryption scheme that can be proven to
be absolutely unbreakable! It is used extensively by spies because it
doesn't require any hardware to implement and because of its absolute
security. This algorithm requires the generation of many sets of
matching encryption keys pads. Each pad consists of a number of random
key characters. These key characters are chosen completely at random
using some truly random process. They are NOT generated by any kind of
cryptographic key generator. Each party involved receives matching
sets of pads. Each key character in the pad is used to encrypt one and
only one plain text character, then the key character is never used
again. Any violation of these conditions negates the perfect security
available in the one time pad.
So why don't we use the one time pad all the time? The answer is that
the number of random key pads that need to be generated must be at
least equal to the volume of plain text messages to be encrypted, and
the fact that these key pads must somehow be exchanged ahead of time.
This becomes totally impractical in modern high speed communications
systems.
Among the more famous of the communications links using a one time pad
scheme is the Washington to Moscow hot line.
========
PEM (Privacy Enhanced Mail)
========
The following was taken from the sci.crypt FAQ:
How do I send encrypted mail under UNIX? [PGP, RIPEM, PEM, ...]?
Here's one popular method, using the des command:
cat file | compress | des private_key | uuencode | mail
Meanwhile, there is a de jure Internet standard in the works called
PEM (Privacy Enhanced Mail). It is described in RFCs 1421 through
1424. To join the PEM mailing list, contact pem-dev-request@tis.com.
There is a beta version of PEM being tested at the time of this
writing.
There are also two programs available in the public domain for
encrypting mail: PGP and RIPEM. Both are available by FTP. Each has
its own news group: alt.security.pgp and alt.security.ripem. Each has
its own FAQ as well. PGP is most commonly used outside the USA since
it uses the RSA algorithm without a license and RSA's patent is valid
only (or at least primarily) in the USA.
[ Maintainer's note: The above paragraph is not fully correct, as MIT
PGP uses RSAREF as well now. ]
RIPEM is most commonly used inside the USA since it uses the RSAREF
which is freely available within the USA but not available for
shipment outside the USA.
Since both programs use a secret key algorithm for encrypting the body
of the message (PGP used IDEA; RIPEM uses DES) and RSA for encrypting
the message key, they should be able to interoperate freely. Although
there have been repeated calls for each to understand the other's
formats and algorithm choices, no interoperation is available at this
time (as far as we know).
========
PGP (Pretty Good Privacy)
========
The program we're discussing. See question 1.1.
========
PKP (Public Key Partners)
========
A patent holding company that holds many public-key patents, including
(supposedly) the patent on public-key cryptography itself. Several of
its patents are not believed by some to be valid, including their
patent on RSA (which affects PGP).
========
RIPEM
========
See PEM
========
RSA (Rivest-Shamir-Adleman)
========
RSA is the public key encryption method used in PGP. RSA are the
initials of the developers of the algorithm which was done at taxpayer
expense. The basic security in RSA comes from the fact that, while it
is relatively easy to multiply two huge prime numbers together to
obtain their product, it is computationally difficult to go the
reverse direction: to find the two prime factors of a given composite
number. It is this one-way nature of RSA that allows an encryption key
to be generated and disclosed to the world, and yet not allow a
message to be decrypted.
========
RSAREF
========
This is the free library RSA Data Security, Inc., made available for
the purpose of implementing freeware PEM applications. It implements
several encryption algorithms, including (among others) RSA. MIT PGP
uses RSAREF's RSA routines to avoid the alleged patent problems
associated with other versions of PGP.
========
Skipjack
========
See Clipper
========
TEMPEST
========
TEMPEST is a standard for electromagnetic shielding for computer
equipment. It was created in response to the fact that information can
be read from computer radiation (e.g., from a CRT) at quite a distance
and with little effort. Needless to say, encryption doesn't do much
good if the cleartext is available this way. The typical home
computer WOULD fail ALL of the TEMPEST standards by a long shot. So,
if you are doing anything illegal, don't expect PGP or any other
encryption program to save you. The government could just set up a
monitoring van outside your home and read everything that you are
doing on your computer.
Short of shelling out the ten thousand dollars or so that it would
take to properly shield your computer, a good second choice might be a
laptop computer running on batteries. No emissions would be fed back
into the power lines, and the amount of power being fed to the display
and being consumed by the computer is much less than the typical home
computer and CRT. This provides a much weaker RF field for snoopers to
monitor. It still isn't safe, just safer. In addition, a laptop
computer has the advantage of not being anchored to one location.
Anyone trying to monitor your emissions would have to follow you
around, maybe making themselves a little more obvious. I must
emphasize again that a laptop still is NOT safe from a tempest
standpoint, just safer than the standard personal computer.
========================================================================
Appendix III - Cypherpunks
========================================================================
========
What are Cypherpunks?
========
========
What is the cypherpunks mailing list?
========
Eric Hughes runs the "cypherpunk" mailing list
dedicated to "discussion about technological defenses for privacy in
the digital domain." Frequent topics include voice and data
encryption, anonymous remailers, and the Clipper chip. Send e-mail to
majordomo@toad.com with "subscribe cypherpunks" in the body to be
added or subtracted from the list. The mailing list itself is
cypherpunks@toad.com. You don't need to be a member of the list in
order to send messages to it, thus allowing the use of anonymous
remailers to post your more sensitive messages that you just as soon
would not be credited to you. (Traffic is sometimes up to 30-40
messages per day.)
========
What is the purpose of the Cypherpunk remailers?
========
The purpose of these remailers is to take privacy one level further.
While a third party who is snooping on the net may not be able to read
the encrypted mail that you are sending, he is still able to know who
you are sending mail to. This could possibly give him some useful
information. This is called traffic flow analysis. To counter this
type of attack, you can use a third party whose function is simply to
remail your message with his return address on it instead of yours.
Two types of remailers exist. The first type only accepts plain text
remailing headers. This type would only be used if your goal was only
to prevent the person to whom your are sending mail from learning your
identity. It would do nothing for the problem of net eavesdroppers
from learning to whom you are sending mail.
The second type of remailer accepts encrypted remailing headers. With
this type of remailer, you encrypt your message twice. First, you
encrypt it to the person ultimately receiving the message. You then
add the remailing header and encrypt it again using the key for the
remailer that you are using. When the remailer receives your message,
the system will recognize that the header is encrypted and will use
its secret decryption key to decrypt the message. He can now read the
forwarding information, but because the body of the message is still
encrypted in the key of another party, he is unable to read your mail.
He simply remails the message to the proper destination. At its
ultimate destination, the recipient uses his secret to decrypt this
nested encryption and reads the message.
Since this process of multiple encryptions and remailing headers can
get quite involved, there are several programs available to simplify
the process. FTP to soda.berkeley.edu and examine the directory
/pub/cypherpunks/remailers for the programs that are available.
========
Where are the currently active Cypherpunk remailers?
========
Raph Levien maintains a list of currently active remailers. The list,
unfortunately, seems to change often as remailers are shut down for
whatever reasons; therefore, I am not printing a list here. You can
get the list by fingering remailer-list@kiwi.cs.berkeley.edu.
========
Are there other anonymous remailers besides the cypherpunk remailers?
========
Yes, the most commonly used remailer on the Internet is in Finland. It
is known as anon.penet.fi. The syntax for sending mail through this
remailer is different from the cypherpunk remailers. For example, if
you wanted to send mail to me (gbe@netcom.com) through anon.penet.fi,
you would send the mail to "gbe%netcom.com@anon.penet.fi". Notice that
the "@" sign in my Internet address is changed to a "%". Unlike the
cypherpunk remailers, anon.penet.fi directly supports anonymous return
addresses. Anybody using the remailer is assigned an anonymous id of
the form "an?????" where "?????" is filled in with a number
representing that user. To send mail to someone when you only know
their anonymous address, address your mail to "an?????@anon.penet.fi"
replacing the question marks with the user id you are interested in.
For additional information on anon.penet.fi, send a blank message to
"help@anon.penet.fi". You will receive complete instructions on how to
use the remailer, including how to obtain a pass phrase on the system.
========
What is the remailer command syntax?
========
The first non blank line in the message must start with two colons
(::). The next line must contain the user defined header
"Request-Remailing-To: ". This line must be followed by a
blank line. Finally, your message can occupy the rest of the space. As
an example, if you wanted to send a message to me via a remailer, you
would compose the following message:
::
Request-Remailing-To: gbe@netcom.com
[body of message]
You would then send the above message to the desired remailer. Note
the section labeled "body of message" may be either a plain text
message, or an encrypted and armored PGP message addressed to the
desired recipient. To send the above message with an encrypted header,
use PGP to encrypt the entire message shown above to the desired
remailer. Be sure to take the output in armored text form. In front of
the BEGIN PGP MESSAGE portion of the file, insert two colons (::) as
the first non-blank line of the file. The next line should say
"Encrypted: PGP". Finally the third line should be blank. The message
now looks as follows:
::
Encrypted: PGP
-----BEGIN PGP MESSAGE-----
Version 2.3a
[body of pgp message]
-----END PGP MESSAGE-----
You would then send the above message to the desired remailer
just as you did in the case of the non-encrypted header. Note that it
is possible to chain remailers together so that the message passes
through several levels of anonymity before it reaches its ultimate
destination.
========
Where can I learn more about Cypherpunks?
========
ftp://ftp.csua.berkeley.edu/pub/cypherpunks
=======================================================================
Appendix IV - Testimony of Philip Zimmermann to Congress.
Reproduced by permission.
=======================================================================
- From netcom.com!netcomsv!decwrl!sdd.hp.com!col.hp.com!csn!yuma!ld231782 Sun
Oct 10 07:55:51 1993
Xref: netcom.com talk.politics.crypto:650 comp.org.eff.talk:20832
alt.politics.org.nsa:89
~Newsgroups: talk.politics.crypto,comp.org.eff.talk,alt.politics.org.nsa
Path: netcom.com!netcomsv!decwrl!sdd.hp.com!col.hp.com!csn!yuma!ld231782
~From: ld231782@LANCE.ColoState.Edu (L. Detweiler)
~Subject: ZIMMERMANN SPEAKS TO HOUSE SUBCOMMITTEE
~Sender: news@yuma.ACNS.ColoState.EDU (News Account)
Message-ID:
~Date: Sun, 10 Oct 1993 04:42:12 GMT
Nntp-Posting-Host: turner.lance.colostate.edu
Organization: Colorado State University, Fort Collins, CO 80523
~Lines: 281
~Date: Sat, 9 Oct 93 11:57:54 MDT
~From: Philip Zimmermann
~Subject: Zimmerman testimony to House subcommittee
Testimony of Philip Zimmermann to
Subcommittee for Economic Policy, Trade, and the Environment
US House of Representatives
12 Oct 1993
Mr. Chairman and members of the committee, my name is Philip
Zimmermann, and I am a software engineer who specializes in
cryptography and data security. I'm here to talk to you today about
the need to change US export control policy for cryptographic
software. I want to thank you for the opportunity to be here and
commend you for your attention to this important issue.
I am the author of PGP (Pretty Good Privacy), a public-key encryption
software package for the protection of electronic mail. Since PGP was
published domestically as freeware in June of 1991, it has spread
organically all over the world and has since become the de facto
worldwide standard for encryption of E-mail. The US Customs Service
is investigating how PGP spread outside the US. Because I am a target
of this ongoing criminal investigation, my lawyer has advised me not
to answer any questions related to the investigation.
I. The information age is here.
Computers were developed in secret back in World War II mainly to
break codes. Ordinary people did not have access to computers,
because they were few in number and too expensive. Some people
postulated that there would never be a need for more than half a
dozen computers in the country. Governments formed their attitudes
toward cryptographic technology during this period. And these
attitudes persist today. Why would ordinary people need to have
access to good cryptography?
Another problem with cryptography in those days was that cryptographic
keys had to be distributed over secure channels so that both parties
could send encrypted traffic over insecure channels. Governments
solved that problem by dispatching key couriers with satchels
handcuffed to their wrists. Governments could afford to send guys
like these to their embassies overseas. But the great masses of
ordinary people would never have access to practical cryptography if
keys had to be distributed this way. No matter how cheap and powerful
personal computers might someday become, you just can't send the keys
electronically without the risk of interception. This widened the
feasibility gap between Government and personal access to cryptography.
Today, we live in a new world that has had two major breakthroughs
that have an impact on this state of affairs. The first is the
coming of the personal computer and the information age. The second
breakthrough is public-key cryptography.
With the first breakthrough comes cheap ubiquitous personal
computers, modems, FAX machines, the Internet, E-mail, digital
cellular phones, personal digital assistants (PDAs), wireless digital
