[Dshield] (OT)PGP question...

Johannes Ullrich jullrich at euclidian.com
Tue Aug 26 17:03:15 GMT 2003


> > There is probably a back door key whose existence is denied but careful 
> > searching of links like http://www.undergroundworld.de.vu/ or 
> > http://uk.geocities.com/textdocs/hackgen.html (this one today has a post on 
> > defeating PGP with Lanman) 

Just glanced over these papers and I would call them bogus.
Essentially, the attack is based on catching the file while after the
'regular' user decrypted it. The attack does also require
'Administrator' rights on the machine the unencrypted text file is kept.

So in short: If you are 'Administrator' on a machine, you can read the
unencrypted text file.

The only trick this paper uses is to time the "attack" to coincide with
the decryption. But for that matter, the attacker could as well replace
the pgp application with a trojaned version.




-- 
--------------------------------------------------------------
Johannes Ullrich                     jullrich at euclidian.com
pgp key: http://johannes.homepc.org/PGPKEYS
--------------------------------------------------------------
   "We regret to inform you that we do not enable any of the 
    security functions within the routers that we install."
         support at covad.net
--------------------------------------------------------------





More information about the list mailing list