PGP for mailing lists

[Note: there are many commercial programs available which may provide 
additional features not found in PGP 5.5, such as automatic encryption 
of an entire drive.  A review of some of these programs for Windows 95
can be found in the cryptome.  I have been advised that the Triple DES 
algorithm is probably the most secure.]



For those who are not familiar with it, I would like to briefly describe 
encryption and how it works, and then suggest how the freeware 
program pgp could be used to encrypt an internet mailing list, so 
that third parties would not be able to decode and read messages 
broadcast within a private group.  

As far as I know, no one is using pgp to encrypt a mailing list 
at this time - but it's easy to do so, and a foolproof way to 
prevent big brother wannabies in spy agencies from sticking
their noses where they don't belong -- politics.  If this is beginning 
to sound like a conspiracy theory, then a few historical references 
are in order.

The FBI performed over 10,000 illegal black bag jobs (break-ins 
to gather intelligence) during the cointelpro period of the sixties 
and seventies, and most of those were for political purposes.  
Fighting communism, fighting the Black Panthers and the American 
Indian Movement, the murders of Martin Luther King and Malcolm X
-- there are many examples of the use of surveillance and counter-
intelligence for political purposes, the shameful underside  and
shadow of twentieth century American politics. 

Today, with almost everyone going online, even ordinary people 
are taking great risks in their personal conversations, because 
email can be so easily intercepted and cataloged.  And it's not 
just a rogue law enforcement officer we have to be afraid of; the 
APEC scandal provides a perfect example of the unethical use 
of our intelligence community for commercial purposes, and
in that case, for the purpose of campaign finance.

Well, if someone wants to read my email, they're going to have
to get a warrant to steal my computer.  Without the private key I 
keep on my hard drive (which itself is password protected), 
even an acre of cray computers at Fort Meade couldn't crack 
my code.  That's how powerful this technology is.  Louie the 
Freeh and other top cops have tried to make this illegal, but it 
is not illegal, at least in the U.S.  [There may be countries where 
the use of unlimited strength crypto is illegal, however.  These
programs may be considered to be weapons of war, due to the 
historical importance of secret codes in wars.]

You don't need to have any secrets to need encryption.  One good 
reason to use encryption is the NSA database of private email 
(and etc), which can be searched for keywords, just like dejanews is 
used by regular folks, to search through public usenet posts.  By 
keying in on your email address and name as keywords, anyone with 
access to their system could read all your incoming and outgoing 
email (all the mail, from day one) as well as all the emails in which 
someone else mentions your name.  A search on your name would
probably turn up things other people have said about you that you 
don't even know about.  

OK, let's discuss pgp.  PGP, which stands for Pretty Good Privacy, is 
a freeware program available for IBM, Mac, and Unix computers at
http://www.pgp.com/products/personal/products.cgi.  Older versions and 
newer versions of pgp seem to be incompatible, and people 
with older versions need to update to version 5.5 to stay current.

When the program installed itself on my Windows 95 machine, it 
generated a pair of keys.  A key is a long sequence of characters 
generated by complex mathematical formulas.  The two keys 
generated by the formulas have a mathematical relationship to 
each other, and pgp can tell that they are a pair by applying its 
equations - the puzzle is solved!  

One of the keys is public and the other is private.  You give key
away to your friends, and you keep the other one for yourself.  The 
private key is never given to anyone else.  Then the only way a 
third party would be able to decode messages encrypted to you would 
be to get a hold of your private key - and they would have to steal 
your computer for that.  If this ever happens to you, remember to tell 
your lawyer about the Steve Jackson Games case, which set a 
precedent for the legal grounds required for a federal agency to 
confiscate a person's computer.   

The private key on your computer requires a password to use, which 
should be something you can remember and don't need to write down.  
If they have your computer, they can probably hack this password, 
but it would require serious effort.   Some people encrypt everything 
on their computer and keep the key on a floppy disk.  That would be 
the safest way to go.  Then they would need to steal the floppy disk 
-- does this sound like James Bond yet?


Let's say you want to send me an encrypted message.  You will need 
to have my public key.  You may have seen people who post on the 
internet with signatures like BEGIN PGP PUBLIC KEY BLOCK, then a 
lot of characters in a row, then END PGP PUBLIC KEY BLOCK.  This 
public key is public information, and providers are beginning to 
archive them for their customers.  A public key is used by other 
people to encrypt a message that only you can decode, using the 
private key that is the other half of the pair.  Once someone 
encrypts a message to you, they can't decrypt it and read it 
afterwards, because they don't have the private key.  That's how 
pgp works.

Now, for me to send an encrypted reply to your message, I need 
your public key.  I encrypt my message with your public key, paste 
it into an email message, and you will be able to decode it with 
your private key.  

We would use four keys to have this conversation.  As I mentioned,
they are automatically generated by the pgp program, and you just 
select "encrypt contents of clipboard" and "decrypt contents of
clipboard" from a menu in pgp and select the proper keys from a 
list the program keeps, like a telephone directory.  


Apparantly, the way to crack encrypted messages is to use the 
formulas in pgp and try every combination to see if it works.  But
with this particular program (pgp), each key is so long that it 
would be an astronomical computer problem to try every combination.    
Many nonsense plaintext solutions are generated by shotgun type 
approaches, and a computer can't determine if it has a correct 
answer unless it can verify that the syntax of the message is 
gramatically correct; this is not easy, and even gramatically 
correct solutions could be found randomly, which have no relation
to the real message.  It's the same idea as a million monkeys (or 
more) with typewriters producing a Bible by accident.  Imagine how 
many guesses an acre of cray computers could make in just one 
moment.  Imagine the late Carl Sagan telling you how big the 
universe is - there must be a huge number of possible pgp keys.  

When they talk about unlimited strength crypto, they mean programs 
that can overpower supercomputers using trial and error methods, 
simply by using very long keys.  Obviously, longer keys are harder 
to guess than shorter ones. 
 
Without getting any more technical, that is the basic idea of pgp.  
A numerical sequence is used to scramble your message, and a 
corresponding sequence, which is mathematically related to it, is 
used to unscramble it.  The sequences used are too long to make 
guessing practical, even by the most powerful networks of computers.


I have an idea for how to use pgp to encrypt a mailing list.  
Members of a mailing list all have to be able to read the messages
on the list.  In pgp terms, everyone needs to use the same public 
key to encrypt messages for the list, and everyone uses the same 
private key to read them.  So everyone needs to have copies of the 
same "master keys" for the list.

Here's how it would work.  First, a group of people all download
a copy of pgp and get it working on their machines.  PGP is 
available for IBM, Mac, and Unix, and the members can have a mixture
of these different operating systems.  Each person will generate a 
pair of keys, public and private - that's part of the installation.

After reading this story, you're now familiar with pgp, and your 
friends will undoubtedly expect you to take the lead as organizer 
of the mailing list.  The first thing for you to do is to generate 
another pair of keys - these will be the master keys.  Next, send 
copies of both of keys to everyone on the list, using your newfound 
encryption technology.  Sending keys in the mail may sound like a 
dangerous idea, but because your friends all have their own sets of 
keys, you can *italics* use their personal public keys to encrypt 
the master keys for the list *end italics* and send the master keys 
securely to each of the members. 

Now everyone has an identical pair of master keys, and they've never 
even met face to face.  These keys are in addition to their own 
personal keys, which they can use for personal encrypted mail.  
Emails sent to the mailing list are encrypted by the public master 
key and broadcast to the list members, who use the private master 
key to decode them.  This is a perfect information security system, 
as long as no one's computer gets bagged.


Our private communications are none of the government's 
business.  Of course, the legality of using encryption depends 
upon what it is you're encrypting.  This is a technology that can 
be used for all kinds of criminal purposes.  But at the same time, 
it protects us from criminal acts by unethical people in positions
of power in our government.  That's a compromise I am willing
to make.


Paul Wolf