-----BEGIN PGP SIGNED MESSAGE-----
At 04:39 AM 3/9/90 +0000, you wrote:
>My current ISP provides pgp to its users from their shell accounts.
>curious to know how secure this is in fact. From what i've read it's
>damned near impossible to crack pgp without access to the secret key
>generated at startup (i think... feel free to correct me), but if
>generate a key in shell (at the isp), they will have axs to both
>public and secret keys. With access to both of these how easy would
>then to mount an attack against a document/file/program encrypted
>that specific key? I'm interested in any figures anyone has
>the feasibility/time involved in such an attempt.
I'm sure that your ISP could access your files, if your private key
is stored on their server, and if they sniff your keystrokes for your
>Many of you will simply say do not use it from the isp, and i agree
>you. However i'm really more interested in how easy pgp can be
>(if at all) with just the public key, as compared to both public and
If someone has your Public and private key they would need to figure
out your passphrase (so make it a real good one). If they just have
your Public key, and if your key is of sufficient length, then it's
infeasable that it will be broken. There's no documentation of anyone
breaking PGP except by brute force. So a long key would negate that.
<Shameless Plug Below>
Check out http://www.frii.com/~rcv/deschall.htm and
This will give you info on how we cracked 64 bit DES and how longer
keys are needed.
>I ask the stupid question about whether pgp can be cracked with
>the public key alone because a contact of mine spoke to a leading
>cryptologist (Dr. Vlad Rosgova) who pointed out that all code can be
>broken. Is it then feasible that pgp could be cracked given the
>alone (i don't care about the billions of years required just
>possible), or whether it is essential to have the secret key?
The Public key does not cause any weaknesses in the encryption, brute
force would take the same time with or without your Public Key
-----BEGIN PGP SIGNATURE-----
Version: PGP for Personal Privacy 5.0
-----END PGP SIGNATURE-----
PGP Public Key found at
We cracked DES!!! http://www.frii.com/~rcv/deschall.htm
Member of "The Interhack Posse!! <dclydew @