Hypothesis: PGP backdoor

Ondrej Mikle ondrej.mikle at gmail.com
Mon Aug 28 06:41:03 EDT 2006

Len Sassaman wrote:
> On Thu, 24 Aug 2006, Ondrej Mikle wrote:
> I also have no question, personally, that if there's a backdoor in PGP,
> neither Mr. Callas nor any of the PGP engineers I had the pleasure to work
> with know of it. Your theory is indeed wild, and though I don't mean to
> discourage vigilance in questioning these sorts of potential subversions
> of integrity in software as important as PGP, you might consider doing
> more research into the background of people against whom you choose to
> levy hypothetical accusations in public forums in the future.

OK, thanks for answering. I had only very limited view of the background 
behind PGP (i.e. stuff about NAI/PGP corp).

One last question: what about the PGPdisk SDA (self-decrypting archives, 
i.e. executables)? There has been a claim that SDA archives can be 
decrypted using a debugger. Is it true or false? See the section "Two 
Ways to bypass PGP SDA Authentication and EXTRACT with success" in the 
"advisory" http://www.safehack.com/Advisory/pgp/PGPcrack.html. Is the 
guy confused again? ;-)


The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com

More information about the cryptography mailing list