Newsgroups: sci.crypt
Path: msuinfo!caen!sdd.hp.com!wupost!uwm.edu!linac!uchinews!lucpum.it.luc.edu!lucpul.it.luc.edu!hmiller
From: hmiller@lucpul.it.luc.edu (Hugh Miller)
Subject: Re: Pretty Good (tm) Privacy
Message-ID: <hmiller.695628952@lucpul.it.luc.edu>
Sender: root@lucpum.it.luc.edu (System PRIVILEGED Account)
Organization: Loyola University Chicago
References: <1992Jan16.172413.6832@iccgcc.decnet.ab.com>
Date: Fri, 17 Jan 1992 06:15:52 GMT

In <1992Jan16.172413.6832@iccgcc.decnet.ab.com> lieser@iccgcc.decnet.ab.com (Ed Lieser) writes:

>    What if you saw Congress trying to pass some invasive,
>    repressive laws?  And what if, single handedly, you could
>    nullify these laws, forever?  Would you do it?
>    Senate bills S266 and S618 posed just those questions to
>    Philip Zimmerman, a Boulder software engineer. ... [The
>    bills] both have language, however, requiring government-
>    accessible "back doors" in all encryption software produced
>    or sold in the United States. ...  Philip Zimmerman took
>    direct action.  Taking several months off from his regular
>    paying customers, he wrote the *definitive encryption program
>    for the masses*.
>    PGP -- Pretty Good Privacy -- it's called.  It's a textbook
>    example of guerrilla activism based on the Rivest-Shamir-Adelman
>    public-key cryptosystem....

>The article mentions that he will possibly be sued by the company
>controlling licensing of the RSA algorithm, but that the software
>is available free via anonymous FTP and on bulletin boards.

>I hadn't heard of this program before this.  Is it widely known?

    Yes.  And deservedly so.  It's a very nice implementation of the RSA
algorithm for public key encryption, digital signatures, the whole
schmeer.  It even includes a command-line option for private-key
encryption for files you want to keep yourself, and not send to others;
so it's a `switch hitter' in this respect.  It's fast, small, and wipes
all its scratchfiles on exit.  You can even set an environment variable
to direct PGP to look on a separate floppy disk if you don't like to
keep your collection of keys on your hard drive.
    When it encrypts a file, it compresses it first (nice: cuts down on
upload time and improves strength of encryption).  Also, if you're going
to be sending the message by e-mail, it has a command line option to
produce the ciphertext directly as a uuencoded ASCII file (also nice).
    Best of all, Phil has thrown in the source code so you can compile
it yourself if you don't want to trust somebody else's binaries.
    Binaries (for MS-DOS) and docfiles are available in a file called
PGP10.ZIP, and sourcecode in portable C in one called PGP10SRC.ZIP.
Both have been uploaded by now to virtually every BBS in the world, I am
sure.  They are also available at various sites on the Internet, if you
have binary ftp capabilities.  I have a short list of sites I'll post
tomorrow.  Right off the top of my head, I know that both files were at
uunet.uu.net in the /tmp subdirectory, last I looked; PGP10.ZIP (MS-DOS
binaries) are at garbo.uwasa.fi as well.
    As to whether Phil will be sued or not, that is in the hands of PK
Partners and RSA Associates.  He has not been yet.  He has signed an
agreement not to have anything further to do with distribution of the
current version, and as a part of that agreement published a letter in
this newsgroup a while back stating same.
    As to whether or not an algorithm such as RSA ought to be
patentable, well...  That issue falls outside the mandate of this
newsgroup.  For the record, I am of the strong opinion that it should
NOT be so patentable, and that the Patent Office has gone collectively
insane or ideologically around the bend in permitting RSA and other
algorithms to be so patented.  But I will not engage in a debate on the
matter here.

    -=- Hugh

-- 
Hugh Miller         | Dept. of Philosophy | Loyola University of Chicago
Voice: 312-508-2727 |  FAX: 312-508-2292  |    hmiller@lucpul.it.luc.edu
"Read broadly, think scientifically, speak briefly, and sell the goods!"
            -- Sinclair Lewis, _The Man Who Knew Coolidge_
