Robert J. Hansen rjh at
Sun Jan 23 02:47:41 CET 2022

> Are there known, documented security deficiencies in it?

The CSPRNG is almost certainly broken.

PGP 2.6.3 was a DOS program, which meant it could easily get direct 
access to hardware.  That meant it could use the uncertainty of the 
physical world as a key factor in the CSPRNG.

But ever since August 2001 and the release of Windows XP, DOS programs 
no longer get direct access to hardware.  Everything is abstracted away 
through the Windows Hardware Abstraction Layer (HAL) or other similar 

The core assumption of the PGP 2.6.3 CSPRNG ("we can use direct access 
to hardware to sample entropy from the physical world") no longer holds 
and hasn't been valid for more than twenty years.

More information about the Gnupg-users mailing list