Extract numbers from a key

[Johan Wevers]

On 04-08-2011 16:14, vedaal at nym.hush.com wrote:

> All that is necessary, is to use pre-canned primes, 
> (i.e. to generate a prime which falls within a range of primes 
> stored in an offsite area by the implementation.)

This would be fat to easy noticed by inspecting the sourcecode. If you
just limited the generation of primes to Mersenne (2^n - 1) or Fermat
numbers (2^n + 1) with a very limited range of n, decryption would still
be easy but it would not be so easily noticed.

An even more subtle way to add a backdoor would be tampering with the
RNG that creates the session keys and the factors in key generation. A
bug such as this existed in the Unix version of pgp 5.0 and it took
quite some time before it was found.

-- 
Met vriendelijke groet,

Johan Wevers