GMP cryptographic developments
mjm at ellipsa.net
Wed Apr 1 18:49:52 CEST 2009
Floria Lop a écrit :
> After a long internal discussion, and with some regret, the GMP team
> is soliciting suggestions for a novel high-level cryptography function
> layer, accommodating suitable back-doors for law enforcement agencies'
> security work.
> The plan is to add cryptography functions such as mpz_rsakeygen and
> mpz_dsakeygen that implement the RSA and DSA algorithms, respectively,
> with builtin key escrow. By default, private keys will be transferred
> securely to NSA for US users, and PRCIA for Chinese users, etc, but this
> should of course be configurable.
> Please treat the information in this letter as confidential to the
> GMP project, so that it does not fall in the hands of terrorists.
> If these new functions do not get used, this security project will
> be less successful. Remember, the governments are spying on us
> for our own safety and security!
> To stop terrorists from removing these features, the license of GMP
> 4.3 will be the new PGPL, the Patriot GNU Public License. It is a mix
> of the GPL and FDL, with "invariant code sections".
> "We understand that this is a controversial move, and that paranoid
> people will not like it", says Jarl Bong-Rundtörn, security officer
> within the GMP project. "But please remember that if you have nothing
> to hide, you have nothing to fear" he concludes.
> For the GMP project
> Floria Lop
More information about the gmp-discuss