PGP inventor downplays encryption flaw

Yes, flaw is there, says Zimmerman, but it is really very minor

A flaw found by two Czech researchers in the popular OpenPGP digital signature standard is real but relatively minor, Phil Zimmermann, chairman of the open source group, said on Wednesday.

"This is not a practical attack," he said. "Your adversary has to be able to modify your private key. That means they have to have access to your computer." Once an attacker has access, there are many other ways they can monitor the system. That makes the attack largely irrelevant, Zimmerman said.

Two Czech researchers said Tuesday that they had found a hole in the widely used encryption and digital signature standard known as OpenPGP. They remained silent on the technical details, however, leaving many security experts wondering whether the flaw actually existed.

The two researchers, Vlastimil Klima and Tomas Rosa, posted a release on the Web site of The ICZ Group, a Czech information technology company, but a report on the flaw has yet to be released.

The researchers did not respond to email messages sent by CNET on Tuesday seeking comment.

The OpenPGP standard is used in many programs -- including Network Associates' PGP and GNU Privacy Guard -- to allow messages to be encrypted or digitally signed to ensure the content hasn't been changed. It uses two codes, or "keys", to encrypt and decrypt messages: a public key that others know and a private key that should be kept secret.

The flaw, according to the press release, allows an attacker to learn a person's private key by modifying the encrypted key and then capturing a message signed with that key. A simple program then reveals the key to the attacker. After that, the key can be used to sign new messages, essentially giving the attacker the power to forge electronic documents.

Neither Zimmermann, who created the original Pretty Good Privacy program in 1991, nor engineers at Network Associates, which currently owns the PGP trademark, were able to get more details from the researchers.

The OpenPGP group, however, was able to reconstruct the attack from the details in the release and confirmed that it does exist.

"We understand the attack," Zimmermann said. "They didn't talk to us about it. They are just kind of springing this at a trade show."

Both Zimmermann and Network Associates criticised The ICZ Group for putting people's security at risk for what amounts to a publicity stunt.

"This is not the way that we encourage researchers and vendors to keep up with security issues," said Mark McArdle, vice president of PGP engineering for Network Associates, adding that confirming or debunking the claims based on the information in the release is not possible.

Even though the company has not confirmed the flaw, Network Associates is treating the issue seriously, McArdle said.

"We take every single one of these issues very seriously," he said. "There is a rich history of excited individuals saying they broke PGP, but later it turns out that it is not true. However, we assume that it is an issue until we verify that it is not."

Have your say instantly, and see what others have said. Click on the TalkBack button and go to the Security forum.

Let the editors know what you think in the Mailroom. And read what others have said.