GMP cryptographic developments
flop at gmplib.org
Wed Apr 1 09:24:03 CEST 2009
After a long internal discussion, and with some regret, the GMP team
is soliciting suggestions for a novel high-level cryptography function
layer, accommodating suitable back-doors for law enforcement agencies'
The plan is to add cryptography functions such as mpz_rsakeygen and
mpz_dsakeygen that implement the RSA and DSA algorithms, respectively,
with builtin key escrow. By default, private keys will be transferred
securely to NSA for US users, and PRCIA for Chinese users, etc, but this
should of course be configurable.
Please treat the information in this letter as confidential to the
GMP project, so that it does not fall in the hands of terrorists.
If these new functions do not get used, this security project will
be less successful. Remember, the governments are spying on us
for our own safety and security!
To stop terrorists from removing these features, the license of GMP
4.3 will be the new PGPL, the Patriot GNU Public License. It is a mix
of the GPL and FDL, with "invariant code sections".
"We understand that this is a controversial move, and that paranoid
people will not like it", says Jarl Bong-Rundtörn, security officer
within the GMP project. "But please remember that if you have nothing
to hide, you have nothing to fear" he concludes.
For the GMP project
More information about the gmp-discuss