28 August 2000. Thanks to J. Orlin Grabbe.


Louis Freeh Spies on Bill Clinton

How to Exploit the Hole in PGP

by J. Orlin Grabbe

You may have heard about the "hole" in PGP (which is the email privacy encryption program called "Pretty Good Privacy"), the story of which broke with a vengeance at the end of last week.

Well, it's true, there is a problem, and to help you understand it, I'm going to show you how to doctor Bill Clinton's personal PGP key! Then, whenever anyone uses this doctored key, and encrypts a message to Our President, who is the Leader of the Free World, and the Imperial Warlord Guarding the Bridge Entrance to the 21st Century, they will be forced to also encrypt the same email to an key overseen by Louis Freeh, who is the Maximum Leader of the FBI (except, of course, for Terry Nelson)! And in so doing we will not damage Mr. Clinton's key (he will still be able to decrypt email just fine), nor will the signature on it be corrupted (the signature will show the key is still valid).

By showing you how to do this, I'm doing nothing naughty. After all, the word about PGP is already out, and the PGP hole could be exploited by terrorist nations like Great Britain and Israel! By educating you, American patriots and protectors of liberty, I am serving the cause of national security for America and the Free World. Beware the PGP hole. To protect yourself, you have to understand the problem.

Moreover, Louis Freeh's being able to decrypt and read Bill Clinton's mail cannot be said to be a bad thing, for Bill Clinton supports the use of Carnivore, whereby the FBI would use ISP installed software to read all our email. The FBI only wants to do this, of course, in order to make sure we are not terrorists, child pornographers, or spies.

Weeding out the latter is a worthy goal, naturally, and also shows why it is only right and proper that Louis Freeh keep an eye on Bill Clinton.

First of all, consider terrorism. We all know Our President is apt to bomb someone whenever he has a bad hair day. Look at that aspirin factory he Cruise-missiled in the Sudan (those guys got a headache for sure!), or those bedouin tents he blew up in Afghanistan (memo to Osama bin Ladin: stop using those cells phones; the Global Positioning System is not your friend!), or those naughty anti-Nazis he pummeled in the former Yugoslavia (I'm not sure what they did, but it apparently involved a Mata Hari named Monica). And to think: the President didn't even get his bomb-making material from the Internet; he just stole it from the military. Watch him carefully, Mr Freeh!

Next is child porn. Well, as Jim Peron shows in this issue of the Laissez Faire City Times, the U.S. government is the biggest producer and distributor of child porn in America! So this is another area for Mr. Freeh to keep track of. No telling what's on those White House videos! Are they naughty or nice? Only Louie, reading the email gossip, and inspecting the jpegs, will know for sure.

Finally, there are spies. Spies are said to commit a perversion called espionage. And that's bad! Some say Our President, the Imperial Warlord, gave away secrets to China because it was good business! And then he covered it up by having his lackeys, such as the fat-faced Energy Secretary Bill Richardson, dump the blame on patsies like Wen Ho Lee! Is this what really happened? I'm sure Louis Freeh can sort it all out!

Okay, now, let's get to it. I looked up Bill Clinton's public keys on the key servers, such as the one at MIT. I found one for William Clinton (president@whitehouse.gov). Of course, I can't be sure this is really the key for Our President, but the email address is correct, and there is no reason to assume otherwise.

Next I thought: who would Louie appoint to monitor Bill Clinton's mail. One likely candidate occurred to me: the FBI Bomb Data Center. So I found their key (bdc@fbi.gov).

Now if I doctored Bill Clinton's key, and then sent it back out to the key servers (I wouldn't send out the doctored key, of course, but hypothetically speaking), many people might download this key, and send encrypted email to Mr. Clinton. Whenever they did, they would have to also encrypt each email to Mr. Freeh's FBI key. It would be up to Mr. Freeh to figure out how to get hold of emails going to Mr. Clinton, but once he did, he could decrypt them with no problem. He could read the emails at his leisure, to see if any nastiness were afoot!

Here is the PGP key for the FBI Bomb Data Center:

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: PGP Personal Privacy 6.5.1

mQGiBDlOONIRBADHXMlC3tnorciI8zoafnyHn5JIjdcnw2pbLwvZ91MJWDwp3R3B
P/guBy8VfpWDDVVO/AOJovBmwOQOsEUaR1Sle+C7YSGQAyPrWC1omQckIzIzXjkO
xYr5B8utKHYbpp4A/03yRXhGbu3DVfkmYpPtyOkxNp/TnnlBxqzcGmd13QCg/0QZ
P4SvpRkFB9apuovefClVho8D/0w2+bfgXig/0aNJekEFwUuQyQtwLrOSCnYdmPgh
833CPtrL5b8ZclptVQ1XUopHiA8fRd+PScbBSvykRFGqmp/qwleLO6pqq6Xg9O70
fuwEF8vK9hkPQ9Tcx15f33N/PHnfudgX/ltIFeYDUywg+Ws3MwpYaXRAq33hrF3H
sHogBACc8MD4TnHjQUEundUbKe22CKtHOKLBD6NhZIefkbJQ3UAZsQJKF3QwfH+6
5BsZnfLfIkweZ/pgmAjOWcF/DyiswfA2NDPbqXORmJb+gW4OfpBGKTjjEPzpgO4v
hPjFnnmV3gKdWUXf4DVmS7L6gfJx8+shjzKcSLWGtSn3hvofNbQiRkJJIEJvbWIg
RGF0YSBDZW50ZXIgPGJkY0BmYmkuZ292PokAVAQQEQIAFAUCOU440gUJAQEUgAQL
AwIBAhkBAAoJEIQxeH0RYGFtJXUAoP8szPkBg9kvRBu2oqZxfzTfsJ7RAKCNQTyM
JhwxBe9zO28pTERQOoTVbYkATAQQEQIADAUCOU7QbAUDAQEUgAAKCRBpvn1Muiki
WCtEAJ9VpfSgTsxEi03SuiBNr4rT+WYEnwCgoHl7Ax+/vI/rsIBfHv5pRkLgJgm5
Ag0EOU440hAIAPZCV7cIfwgXcqK61qlC8wXo+VMROU+28W65Szgg2gGnVqMU6Y9A
VfPQB8bLQ6mUrfdMZIZJ+AyDvWXpF9Sh01D49Vlf3HZSTz09jdvOmeFXklnN/biu
dE/F/Ha8g8VHMGHOfMlm/xX5u/2RXscBqtNbno2gpXI61Brwv0YAWCvl9Ij9WE5J
280gtJ3kkQc2azNsOA1FHQ98iLMcfFstjvbzySPAQ/ClWxiNjrtVjLhdONM0/XwX
V0OjHRhs3jMhLLUq/zzhsSlAGBGNfISnCnLWhsQDGcgHKXrKlQzZlp+r0ApQmwJG
0wg9ZqRdQZ+cfL2JSyIZJrqrol7DVekyCzsAAgIIANm/XjjSBE6iF0YZXTtgHwRh
zp47Tsmj4Dcy8UM/mLUbZRRRxPrtWRYu0ysYcyMEweXgjqeWSxqVpyztS6RroOXz
Z2Aj0QlLTjT4kswzlfagFwCqB+q8qF5BonAJd/M5i7c8ncxzxTf627OU+YyMLx4G
7ok/tBS0foQ6wUCUPPfJItOAaiZQyF3qEEh4U6oBrvaPMr+NO9br0dddyXhORP4M
pm1wtZhjnMOc8Gd/aeCGSTWQ5lAn99sPAV9hqSrHHnHFmOPfHVzc/fLUocSGYz0M
Zzpll2V8PIaEzacgBwCRsD8mAAdgQLMp37aA+zoK+bR2ZDHXa6r4MN4C8k2pJI+J
AEwEGBECAAwFAjlOONIFCQEBFIAACgkQhDF4fRFgYW0SHQCeMrxqZvRKk8T4t59M
V3NLSTw+goQAoPBC+n1Ish+79gM2SjHbxB7Ikub4
=mSjh
-----END PGP PUBLIC KEY BLOCK-----

(If you copy this key to add to your PGP ring, be careful you are just copying pure ASCII text, without any html or other control codes. Otherwise it won't be PGP!)

If you now look at the key properties with your PGP program, here's the info you will see:

ID: 1160616D
Type: DH/DSS
Size: 2048/1024
Created: 6/19/00
Expires: 12/31/00
Cipher: CAST
Fingerprint: C2A3 F5C4 CDF3 314B 049F 1F8E 8431 787D 1160 616D 

The latter group of 40 (hex) numbers, the "fingerprint", is very important. We will use this fingerprint to force PGP to encrypt email to this FBI public key, whenever it encrypts email to Bill Clinton's public key.

Next, here is Bill Clinton's public key, as it exists today, prior to doctoring:

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: PGP Personal Privacy 6.5.1

mQGiBDZaMUURBADRBmpJDV9ArASjlwErwWfxA1RCGCtOHE+3BgMjhENL/0P984DE
fyVxWvfAecMD3bJsJoGg3TphuKyEYC9HWn+F//U1OZtU3Dg04YJ/8gYUblhbXsqJ
eR2SLUxip7pqweXGC+ZJc1B/vWcX++3d272cNSHjZk2eKYBR6ju8sIRFVQCg/7ph
V+l0Mhd2J9Dau2Li+tKNiZ8EAIcjuh5xmOCyLI3co7zVWebkiePLHJln6oaeWWcn
4rcaN+J2L1OoxfggIQAlQln6YYKUcKGKd7VsaM4J96KYYSqL1SL41AEhurxpbnVs
daxNPwiukqv5+5a0ayU0//nhA3vy9j4pq8ALrV43L+rPeWcBX6bscejsvCE/fy/n
8YlgA/4m8geD6NC1v/MBsnIaQR6W8irrEY0CN2U3im5YMvzHHotgKLO0sOjGIJKZ
BeWtkqXzkelUL//Jiopk6QRoK01FnbCnA+0wvAduBpk4ffBoMblp5l5zAqPnSIYj
MWR2Fu+oXZ1twMgrHblVfExhpYnzGPZnD5t6vNZfwxkoZOC7I7QqV2lsbGlhbSBD
bGludG9uIDxwcmVzaWRlbnRAd2hpdGVob3VzZS5nb3Y+iQBLBBARAgALBQI2WjFF
BAsDAgEACgkQAzdV7vZuIvCUzACg9lMYQmHofvie9Za3G6cZKSulgu8AoJv/6NkH
NiEFo1l/W37bLP2CSXYouQQNBDZaMUYQEAD5GKB+WgZhekOQldwFbIeG7GHszUUf
Dtjgo3nGydx6C6zkP+NGlLYwSlPXfAIWSIC1FeUpmamfB3TT/+OhxZYgTphluNgN
7hBdq7YXHFHYUMoiV0MpvpXoVis4eFwL2/hMTdXjqkbM+84X6CqdFGHjhKlP0YOE
qHm274+nQ0YIxswdd1ckOErixPDojhNnl06SE2H22+slDhf99pj3yHx5sHIdOHX7
9sFzxIMRJitDYMPj6NYK/aEoJguuqa6zZQ+iAFMBoHzWq6MSHvoPKs4fdIRPyvMX
86RA6dfSd7ZCLQI2wSbLaF6dfJgJCo1+Le3kXXn11JJPmxiO/CqnS3wy9kJXtwh/
CBdyorrWqULzBej5UxE5T7bxbrlLOCDaAadWoxTpj0BV89AHxstDqZSt90xkhkn4
DIO9ZekX1KHTUPj1WV/cdlJPPT2N286Z4VeSWc39uK50T8X8dryDxUcwYc58yWb/
Ffm7/ZFexwGq01uejaClcjrUGvC/RgBYK+X0iP1YTknbzSC0neSRBzZrM2w4DUUd
D3yIsxx8Wy2O9vPJI8BD8KVbGI2Ou1WMuF040zT9fBdXQ6MdGGzeMyEstSr/POGx
KUAYEY18hKcKctaGxAMZyAcpesqVDNmWn6vQClCbAkbTCD1mpF1Bn5x8vYlLIhkm
uquiXsNV6z3WFwACAhAApQgMg6CaoTMjyUhIWIMFw/ahfUd6Iyx9EhFoWhttrUGa
m0zHBSrvTVOwXQfttxCeFoczdgr4UuU16NDJ2MsBLzT0snvsjxrxNZcwlSp4uVAt
pVbzZn8vDorXWhp+LgzdzfRFWOzb0tH0Ys9ICQ4MATyS2nndwiJbakZW4vWNnHtX
fWwZvqzvJLO+qD48QOhvVjiITXtEJNJoWPrPNDy/2lsaOHMotWvODNRigQ7ONZ5o
4IoNyF8b8Lz0p8DwXEfz81oE+Qpy40gCljKGnq6tT9yBQahaLHJqYEHdllQkPJJD
W9KKldcPfqa0uh97NxUN4eKRreHgZdS+0x2IIObpJQmNEIsSNvSNTssc+ItlA+as
qDvNx5FYrww/iarq00iyrIATU9kSGSnMOBc8xrWlqAzDuHCIlyrMf2CIbneYEIvp
dYwaRmLQzOO1+DzYQ8PPfIs8HEKMxX5Rj52Yo6SRupr/7tBf0BJS+22hasmytdhw
v9bZKm91AglZPUQCB9k0hL0SPMIQNaSvZcxKMM75tWVWxckjtsyP2WD7s8xYsKJJ
MOeVxIjwI5mJwwA/4fL+WxFwjGHmIBExiPs3Nii0laElEiqb3zLnZ1chgFhCfrSx
BRO+56IkQ8NcT/bvtaaUskcLZgKQN0APf7sJ2pfl3+Ha1qjdCt3dpzSQYg6gez2J
AEYEGBECAAYFAjZaMUYACgkQAzdV7vZuIvCT0ACg+wp+e839mJEWmi/FLTfcF1c4
h88AoOsoOETXbPbmGIsKt9kGjeBl6G8o
=pttb
-----END PGP PUBLIC KEY BLOCK-----

Mr. Clinton is security conscious. He uses a 4096-bit public key, along with a 1024- signing key. Here are Mr. Clinton's key properties:

ID: F66E22F0
Type: DH/DSS
Size: 4096/1024
Created: 11/23/98
Expires: Never
Cipher: CAST
Fingerprint: 546B 61CA D061 B7DD 3863 C6F3 0337 55EE F66E 22F0 

Okay. Now we are ready to doctor Mr. Clinton's key. To keep this simple, I will just show you the before and after. Then I will quickly explain what happened.

The computer hex (base 16) code for Mr. Clinton's key is shown below. For convenience, there are three columns displayed. The left-hand column simply numbers the bytes, and there are 16 bytes to a row. The right-hand column translates this to ASCII, assuming that makes any sense, and sure enough, half-way down the right column, you will see William Clinton's email address: president@whitehouse.gov . The middle column are the key bytes themselves. The first byte is 99 (which is decimal 153), which is the way public keys always start off.

00000000 9901 A204 365A 3145 1104 00D1 066A 490D ....6Z1E.....jI.
00000016 5F40 AC04 A397 012B C167 F103 5442 182B _@.....+.g..TB.+
00000032 4E1C 4FB7 0603 2384 434B FF43 FDF3 80C4 N.O...#.CK.C....
00000048 7F25 715A F7C0 79C3 03DD B26C 2681 A0DD .%qZ..y....l...
00000064 3A61 B8AC 8460 2F47 5A7F 85FF F535 399B :a...`/GZ....59.
00000080 54DC 3834 E182 7FF2 0614 6E58 5B5E CA89 T.84......nX[^..
00000096 791D 922D 4C62 A7BA 6AC1 E5C6 0BE6 4973 y..-Lb..j.....Is
00000112 507F BD67 17FB EDDD DBBD 9C35 21E3 664D P..g.......5!.fM
00000128 9E29 8051 EA3B BCB0 8445 5500 A0FF BA61 .).Q.;...EU....a
00000144 57E9 7432 1776 27D0 DABB 62E2 FAD2 8D89 W.t2.v'...b.....
00000160 9F04 0087 23BA 1E71 98E0 B22C 8DDC A3BC ....#..q...,....
00000176 D559 E6E4 89E3 CB1C 9967 EA86 9E59 6727 .Y.......g...Yg'
00000192 E2B7 1A37 E276 2F53 A8C5 F820 2100 2542 ...7.v/S... !.%B
00000208 59FA 6182 9470 A18A 77B5 6C68 CE09 F7A2 Y.a..p..w.lh....
00000224 9861 2A8B D522 F8D4 0121 BABC 696E 756C .a*.."...!..inul
00000240 75AC 4D3F 08AE 92AB F9FB 96B4 6B25 34FF u.M?........k%4.
00000256 F9E1 037B F2F6 3E29 ABC0 0BAD 5E37 2FEA ...{..>)....^7/.
00000272 CF79 6701 5FA6 EC71 E8EC BC21 3F7F 2FE7 .yg._..q...!?./.
00000288 F189 6003 FE26 F207 83E8 D0B5 BFF3 01B2 ..`............
00000304 721A 411E 96F2 2AEB 118D 0237 6537 8A6E r.A...*....7e7.n
00000320 5832 FCC7 1E8B 6028 B3B4 B0E8 C620 9299 X2....`(..... ..
00000336 05E5 AD92 A5F3 91E9 542F FFC9 8A8A 64E9 ........T/....d.
00000352 0468 2B4D 459D B0A7 03ED 30BC 076E 0699 .h+ME.....0..n..
00000368 387D F068 31B9 69E6 5E73 02A3 E748 8623 8}.h1.i.^s...H.#
00000384 3164 7616 EFA8 5D9D 6DC0 C82B 1DB9 557C 1dv...].m..+..U|
00000400 4C61 A589 F318 F667 0F9B 7ABC D65F C319 La.....g..z.._..
00000416 2864 E0BB 23B0 0100 B42A 5769 6C6C 6961 (d..#....*Willia
00000432 6D20 436C 696E 746F 6E20 3C70 7265 7369 m Clinton .presi
00000448 6465 6E74 4077 6869 7465 686F 7573 652E dent@whitehouse.
00000464 676F 763E B001 0189 004B 0410 1102 000B gov>.....K......
00000480 0502 365A 3145 040B 0302 0100 0A09 1003 ..6Z1E..........
00000496 3755 EEF6 6E22 F094 CC00 A0F6 5318 4261 7U..n"......S.Ba
00000512 E87E F89E F596 B71B A719 292B A582 EF00 .~........)+....
00000528 A09B FFE8 D907 3621 05A3 597F 5B7E DB2C ......6!..Y.[~.,
00000544 FD82 4976 28B0 0160 B904 0D04 365A 3146 ..Iv(..`....6Z1F
00000560 1010 00F9 18A0 7E5A 0661 7A43 9095 DC05 ......~Z.azC....
00000576 6C87 86EC 61EC CD45 1F0E D8E0 A379 C6C9 l...a..E.....y..
00000592 DC7A 0BAC E43F E346 94B6 304A 53D7 7C02 .z...?.F..0JS.|.
00000608 1648 80B5 15E5 2999 A99F 0774 D3FF E3A1 .H....)....t....
00000624 C596 204E 9865 B8D8 0DEE 105D ABB6 171C .. N.e.....]....
00000640 51D8 50CA 2257 4329 BE95 E856 2B38 785C Q.P."WC)...V+8x\
00000656 0BDB F84C 4DD5 E3AA 46CC FBCE 17E8 2A9D ...LM...F.....*.
00000672 1461 E384 A94F D183 84A8 79B6 EF8F A743 .a...O....y....C
00000688 4608 C6CC 1D77 5724 384A E2C4 F0E8 8E13 F....wW$8J......
00000704 6797 4E92 1361 F6DB EB25 0E17 FDF6 98F7 g.N..a...%......
00000720 C87C 79B0 721D 3875 FBF6 C173 C483 1126 .|y.r.8u...s...
00000736 2B43 60C3 E3E8 D60A FDA1 2826 0BAE A9AE +C`.......(....
00000752 B365 0FA2 0053 01A0 7CD6 ABA3 121E FA0F .e...S..|.......
00000768 2ACE 1F74 844F CAF3 17F3 A440 E9D7 D277 *..t.O.....@...w
00000784 B642 2D02 36C1 26CB 685E 9D7C 9809 0A8D .B-.6..h^.|....
00000800 7E2D EDE4 5D79 F5D4 924F 9B18 8EFC 2AA7 ~-..]y...O....*.
00000816 4B7C 32F6 4257 B708 7F08 1772 A2BA D6A9 K|2.BW.....r....
00000832 42F3 05E8 F953 1139 4FB6 F16E B94B 3820 B....S.9O..n.K8 
00000848 DA01 A756 A314 E98F 4055 F3D0 07C6 CB43 ...V....@U.....C
00000864 A994 ADF7 4C64 8649 F80C 83BD 65E9 17D4 ....Ld.I....e...
00000880 A1D3 50F8 F559 5FDC 7652 4F3D 3D8D DBCE ..P..Y_.vRO==...
00000896 99E1 5792 59CD FDB8 AE74 4FC5 FC76 BC83 ..W.Y....tO..v..
00000912 C547 3061 CE7C C966 FF15 F9BB FD91 5EC7 .G0a.|.f......^.
00000928 01AA D35B 9E8D A0A5 723A D41A F0BF 4600 ...[....r:....F.
00000944 582B E5F4 88FD 584E 49DB CD20 B49D E491 X+....XNI.. ....
00000960 0736 6B33 6C38 0D45 1D0F 7C88 B31C 7C5B .6k3l8.E..|...|[
00000976 2D8E F6F3 C923 C043 F0A5 5B18 8D8E BB55 -....#.C..[....U
00000992 8CB8 5D38 D334 FD7C 1757 43A3 1D18 6CDE ..]8.4.|.WC...l.
00001008 3321 2CB5 2AFF 3CE1 B129 4018 118D 7C84 3!,.*....)@...|.
00001024 A70A 72D6 86C4 0319 C807 297A CA95 0CD9 ..r.......)z....
00001040 969F ABD0 0A50 9B02 46D3 083D 66A4 5D41 .....P..F..=f.]A
00001056 9F9C 7CBD 894B 2219 26BA ABA2 5EC3 55EB ..|..K"....^.U.
00001072 3DD6 1700 0202 1000 A508 0C83 A09A A133 =..............3
00001088 23C9 4848 5883 05C3 F6A1 7D47 7A23 2C7D #.HHX.....}Gz#,}
00001104 1211 685A 1B6D AD41 9A9B 4CC7 052A EF4D ..hZ.m.A..L..*.M
00001120 53B0 5D07 EDB7 109E 1687 3376 0AF8 52E5 S.].......3v..R.
00001136 35E8 D0C9 D8CB 012F 34F4 B27B EC8F 1AF1 5....../4..{....
00001152 3597 3095 2A78 B950 2DA5 56F3 667F 2F0E 5.0.*x.P-.V.f./.
00001168 8AD7 5A1A 7E2E 0CDD CDF4 4558 ECDB D2D1 ..Z.~.....EX....
00001184 F462 CF48 090E 0C01 3C92 DA79 DDC2 225B .b.H.......y.."[
00001200 6A46 56E2 F58D 9C7B 577D 6C19 BEAC EF24 jFV....{W}l....$
00001216 B3BE A83E 3C40 E86F 5638 884D 7B44 24D2 ...>.@.oV8.M{D$.
00001232 6858 FACF 343C BFDA 5B1A 3873 28B5 6BCE hX..4...[.8s(.k.
00001248 0CD4 6281 0ECE 359E 68E0 8A0D C85F 1BF0 ..b...5.h...._..
00001264 BCF4 A7C0 F05C 47F3 F35A 04F9 0A72 E348 .....\G..Z...r.H
00001280 0296 3286 9EAE AD4F DC81 41A8 5A2C 726A ..2....O..A.Z,rj
00001296 6041 DD96 5424 3C92 435B D28A 95D7 0F7E `A..T$..C[.....~
00001312 A6B4 BA1F 7B37 150D E1E2 91AD E1E0 65D4 ....{7........e.
00001328 BED3 1D88 20E6 E925 098D 108B 1236 F48D .... ..%.....6..
00001344 4ECB 1CF8 8B65 03E6 ACA8 3BCD C791 58AF N....e....;...X.
00001360 0C3F 89AA EAD3 48B2 AC80 1353 D912 1929 .?....H....S...)
00001376 CC38 173C C6B5 A5A8 0CC3 B870 8897 2ACC .8.........p..*.
00001392 7F60 886E 7798 108B E975 8C1A 4662 D0CC .`.nw....u..Fb..
00001408 E3B5 F83C D843 C3CF 7C8B 3C1C 428C C57E .....C..|...B..~
00001424 518F 9D98 A3A4 91BA 9AFF EED0 5FD0 1252 Q..........._..R
00001440 FB6D A16A C9B2 B5D8 70BF D6D9 2A6F 7502 .m.j....p...*ou.
00001456 0959 3D44 0207 D934 84BD 123C C210 35A4 .Y=D...4......5.
00001472 AF65 CC4A 30CE F9B5 6556 C5C9 23B6 CC8F .e.J0...eV..#...
00001488 D960 FBB3 CC58 B0A2 4930 E795 C488 F023 .`...X..I0.....#
00001504 9989 C300 3FE1 F2FE 5B11 708C 61E6 2011 ....?...[.p.a. .
00001520 3188 FB37 3628 B495 A125 122A 9BDF 32E7 1..76(...%.*..2.
00001536 6757 2180 5842 7EB4 B105 13BE E7A2 2443 gW!.XB~.......$C
00001552 C35C 4FF6 EFB5 A694 B247 0B66 0290 3740 .\O......G.f..7@
00001568 0F7F BB09 DA97 E5DF E1DA D6A8 DD0A DDDD ................
00001584 A734 9062 0EA0 7B3D B001 0089 0046 0418 .4.b..{=.....F..
00001600 1102 0006 0502 365A 3146 000A 0910 0337 ......6Z1F.....7
00001616 55EE F66E 22F0 93D0 00A0 FB0A 7E7B CDFD U..n".......~{..
00001632 9891 169A 2FC5 2D37 DC17 5738 87CF 00A0 ..../.-7..W8....
00001648 EB28 3844 D76C F6E6 188B 0AB7 D906 8DE0 .(8D.l..........
00001664 65E8 6F28 B001 60                       e.o(..`

Next, here is the same key, after I've made some changes with a hex editor.

00000000 9901 A204 365A 3145 1104 00D1 066A 490D ....6Z1E.....jI.
00000016 5F40 AC04 A397 012B C167 F103 5442 182B _@.....+.g..TB.+
00000032 4E1C 4FB7 0603 2384 434B FF43 FDF3 80C4 N.O...#.CK.C....
00000048 7F25 715A F7C0 79C3 03DD B26C 2681 A0DD .%qZ..y....l...
00000064 3A61 B8AC 8460 2F47 5A7F 85FF F535 399B :a...`/GZ....59.
00000080 54DC 3834 E182 7FF2 0614 6E58 5B5E CA89 T.84......nX[^..
00000096 791D 922D 4C62 A7BA 6AC1 E5C6 0BE6 4973 y..-Lb..j.....Is
00000112 507F BD67 17FB EDDD DBBD 9C35 21E3 664D P..g.......5!.fM
00000128 9E29 8051 EA3B BCB0 8445 5500 A0FF BA61 .).Q.;...EU....a
00000144 57E9 7432 1776 27D0 DABB 62E2 FAD2 8D89 W.t2.v'...b.....
00000160 9F04 0087 23BA 1E71 98E0 B22C 8DDC A3BC ....#..q...,....
00000176 D559 E6E4 89E3 CB1C 9967 EA86 9E59 6727 .Y.......g...Yg'
00000192 E2B7 1A37 E276 2F53 A8C5 F820 2100 2542 ...7.v/S... !.%B
00000208 59FA 6182 9470 A18A 77B5 6C68 CE09 F7A2 Y.a..p..w.lh....
00000224 9861 2A8B D522 F8D4 0121 BABC 696E 756C .a*.."...!..inul
00000240 75AC 4D3F 08AE 92AB F9FB 96B4 6B25 34FF u.M?........k%4.
00000256 F9E1 037B F2F6 3E29 ABC0 0BAD 5E37 2FEA ...{..>)....^7/.
00000272 CF79 6701 5FA6 EC71 E8EC BC21 3F7F 2FE7 .yg._..q...!?./.
00000288 F189 6003 FE26 F207 83E8 D0B5 BFF3 01B2 ..`............
00000304 721A 411E 96F2 2AEB 118D 0237 6537 8A6E r.A...*....7e7.n
00000320 5832 FCC7 1E8B 6028 B3B4 B0E8 C620 9299 X2....`(..... ..
00000336 05E5 AD92 A5F3 91E9 542F FFC9 8A8A 64E9 ........T/....d.
00000352 0468 2B4D 459D B0A7 03ED 30BC 076E 0699 .h+ME.....0..n..
00000368 387D F068 31B9 69E6 5E73 02A3 E748 8623 8}.h1.i.^s...H.#
00000384 3164 7616 EFA8 5D9D 6DC0 C82B 1DB9 557C 1dv...].m..+..U|
00000400 4C61 A589 F318 F667 0F9B 7ABC D65F C319 La.....g..z.._..
00000416 2864 E0BB 23B0 0100 B42A 5769 6C6C 6961 (d..#....*Willia
00000432 6D20 436C 696E 746F 6E20 3C70 7265 7369 m Clinton .presi
00000448 6465 6E74 4077 6869 7465 686F 7573 652E dent@whitehouse.
00000464 676F 763E B001 0189 0063 0410 1102 000B gov>.....c......
00000480 0502 365A 3145 040B 0302 0100 2217 0A80 ..6Z1E......"...
00000496 11C2 A3F5 C4CD F331 4B04 9F1F 8E84 3178 .......1K.....1x
00000512 7D11 6061 6D09 1003 3755 EEF6 6E22 F094 }.`am...7U..n"..
00000528 CC00 A0F6 5318 4261 E87E F89E F596 B71B ....S.Ba.~......
00000544 A719 292B A582 EF00 A09B FFE8 D907 3621 ..)+..........6!
00000560 05A3 597F 5B7E DB2C FD82 4976 28B0 0160 ..Y.[~.,..Iv(..`
00000576 B904 0D04 365A 3146 1010 00F9 18A0 7E5A ....6Z1F......~Z
00000592 0661 7A43 9095 DC05 6C87 86EC 61EC CD45 .azC....l...a..E
00000608 1F0E D8E0 A379 C6C9 DC7A 0BAC E43F E346 .....y...z...?.F
00000624 94B6 304A 53D7 7C02 1648 80B5 15E5 2999 ..0JS.|..H....).
00000640 A99F 0774 D3FF E3A1 C596 204E 9865 B8D8 ...t...... N.e..
00000656 0DEE 105D ABB6 171C 51D8 50CA 2257 4329 ...]....Q.P."WC)
00000672 BE95 E856 2B38 785C 0BDB F84C 4DD5 E3AA ...V+8x\...LM...
00000688 46CC FBCE 17E8 2A9D 1461 E384 A94F D183 F.....*..a...O..
00000704 84A8 79B6 EF8F A743 4608 C6CC 1D77 5724 ..y....CF....wW$
00000720 384A E2C4 F0E8 8E13 6797 4E92 1361 F6DB 8J......g.N..a..
00000736 EB25 0E17 FDF6 98F7 C87C 79B0 721D 3875 .%.......|y.r.8u
00000752 FBF6 C173 C483 1126 2B43 60C3 E3E8 D60A ...s...+C`.....
00000768 FDA1 2826 0BAE A9AE B365 0FA2 0053 01A0 ..(.....e...S..
00000784 7CD6 ABA3 121E FA0F 2ACE 1F74 844F CAF3 |.......*..t.O..
00000800 17F3 A440 E9D7 D277 B642 2D02 36C1 26CB ...@...w.B-.6..
00000816 685E 9D7C 9809 0A8D 7E2D EDE4 5D79 F5D4 h^.|....~-..]y..
00000832 924F 9B18 8EFC 2AA7 4B7C 32F6 4257 B708 .O....*.K|2.BW..
00000848 7F08 1772 A2BA D6A9 42F3 05E8 F953 1139 ...r....B....S.9
00000864 4FB6 F16E B94B 3820 DA01 A756 A314 E98F O..n.K8 ...V....
00000880 4055 F3D0 07C6 CB43 A994 ADF7 4C64 8649 @U.....C....Ld.I
00000896 F80C 83BD 65E9 17D4 A1D3 50F8 F559 5FDC ....e.....P..Y_.
00000912 7652 4F3D 3D8D DBCE 99E1 5792 59CD FDB8 vRO==.....W.Y...
00000928 AE74 4FC5 FC76 BC83 C547 3061 CE7C C966 .tO..v...G0a.|.f
00000944 FF15 F9BB FD91 5EC7 01AA D35B 9E8D A0A5 ......^....[....
00000960 723A D41A F0BF 4600 582B E5F4 88FD 584E r:....F.X+....XN
00000976 49DB CD20 B49D E491 0736 6B33 6C38 0D45 I.. .....6k3l8.E
00000992 1D0F 7C88 B31C 7C5B 2D8E F6F3 C923 C043 ..|...|[-....#.C
00001008 F0A5 5B18 8D8E BB55 8CB8 5D38 D334 FD7C ..[....U..]8.4.|
00001024 1757 43A3 1D18 6CDE 3321 2CB5 2AFF 3CE1 .WC...l.3!,.*...
00001040 B129 4018 118D 7C84 A70A 72D6 86C4 0319 .)@...|...r.....
00001056 C807 297A CA95 0CD9 969F ABD0 0A50 9B02 ..)z.........P..
00001072 46D3 083D 66A4 5D41 9F9C 7CBD 894B 2219 F..=f.]A..|..K".
00001088 26BA ABA2 5EC3 55EB 3DD6 1700 0202 1000 ...^.U.=.......
00001104 A508 0C83 A09A A133 23C9 4848 5883 05C3 .......3#.HHX...
00001120 F6A1 7D47 7A23 2C7D 1211 685A 1B6D AD41 ..}Gz#,}..hZ.m.A
00001136 9A9B 4CC7 052A EF4D 53B0 5D07 EDB7 109E ..L..*.MS.].....
00001152 1687 3376 0AF8 52E5 35E8 D0C9 D8CB 012F ..3v..R.5....../
00001168 34F4 B27B EC8F 1AF1 3597 3095 2A78 B950 4..{....5.0.*x.P
00001184 2DA5 56F3 667F 2F0E 8AD7 5A1A 7E2E 0CDD -.V.f./...Z.~...
00001200 CDF4 4558 ECDB D2D1 F462 CF48 090E 0C01 ..EX.....b.H....
00001216 3C92 DA79 DDC2 225B 6A46 56E2 F58D 9C7B ...y.."[jFV....{
00001232 577D 6C19 BEAC EF24 B3BE A83E 3C40 E86F W}l....$...>.@.o
00001248 5638 884D 7B44 24D2 6858 FACF 343C BFDA V8.M{D$.hX..4...
00001264 5B1A 3873 28B5 6BCE 0CD4 6281 0ECE 359E [.8s(.k...b...5.
00001280 68E0 8A0D C85F 1BF0 BCF4 A7C0 F05C 47F3 h...._.......\G.
00001296 F35A 04F9 0A72 E348 0296 3286 9EAE AD4F .Z...r.H..2....O
00001312 DC81 41A8 5A2C 726A 6041 DD96 5424 3C92 ..A.Z,rj`A..T$..
00001328 435B D28A 95D7 0F7E A6B4 BA1F 7B37 150D C[.....~....{7..
00001344 E1E2 91AD E1E0 65D4 BED3 1D88 20E6 E925 ......e..... ..%
00001360 098D 108B 1236 F48D 4ECB 1CF8 8B65 03E6 .....6..N....e..
00001376 ACA8 3BCD C791 58AF 0C3F 89AA EAD3 48B2 ..;...X..?....H.
00001392 AC80 1353 D912 1929 CC38 173C C6B5 A5A8 ...S...).8......
00001408 0CC3 B870 8897 2ACC 7F60 886E 7798 108B ...p..*..`.nw...
00001424 E975 8C1A 4662 D0CC E3B5 F83C D843 C3CF .u..Fb.......C..
00001440 7C8B 3C1C 428C C57E 518F 9D98 A3A4 91BA |...B..~Q.......
00001456 9AFF EED0 5FD0 1252 FB6D A16A C9B2 B5D8 ...._..R.m.j....
00001472 70BF D6D9 2A6F 7502 0959 3D44 0207 D934 p...*ou..Y=D...4
00001488 84BD 123C C210 35A4 AF65 CC4A 30CE F9B5 ......5..e.J0...
00001504 6556 C5C9 23B6 CC8F D960 FBB3 CC58 B0A2 eV..#....`...X..
00001520 4930 E795 C488 F023 9989 C300 3FE1 F2FE I0.....#....?...
00001536 5B11 708C 61E6 2011 3188 FB37 3628 B495 [.p.a. .1..76(..
00001552 A125 122A 9BDF 32E7 6757 2180 5842 7EB4 .%.*..2.gW!.XB~.
00001568 B105 13BE E7A2 2443 C35C 4FF6 EFB5 A694 ......$C.\O.....
00001584 B247 0B66 0290 3740 0F7F BB09 DA97 E5DF .G.f..7@........
00001600 E1DA D6A8 DD0A DDDD A734 9062 0EA0 7B3D .........4.b..{=
00001616 B001 0089 0046 0418 1102 0006 0502 365A .....F........6Z
00001632 3146 000A 0910 0337 55EE F66E 22F0 93D0 1F.....7U..n"...
00001648 00A0 FB0A 7E7B CDFD 9891 169A 2FC5 2D37 ....~{....../.-7
00001664 DC17 5738 87CF 00A0 EB28 3844 D76C F6E6 ..W8.....(8D.l..
00001680 188B 0AB7 D906 8DE0 65E8 6F28 B001 60   ........e.o(..`

The main thing to notice are the lines below. Byte number 495 (80), at the end of the first line below, forces Mr. Clinton's key to use an associated ADK. ADK stands for "Additional Decryption Key". Byte number 496 (11) just tells which algorithm (Digital Signature Standard) will be used. Then the next 20 bytes (C2 A3 F5 C4 CD F3 31 4B 04 9F 1F 8E 84 31 78 7D 11 60 61 6D) are the fingerprint for the FBI Bomb Data Center's public key.

00000480 0502 365A 3145 040B 0302 0100 2217 0A80 ..6Z1E......"...
00000496 11C2 A3F5 C4CD F331 4B04 9F1F 8E84 3178 .......1K.....1x
00000512 7D11 6061 6D09 1003 3755 EEF6 6E22 F094 }.`am...7U..n"..

So here is Mr. Clinton's new public key. Import it into your key ring. (If you imported Mr. Clinton's original key, delete it before importing this version. PGP tends to stick with whichever version you have imported first: it thinks the key is the same, so will not update it, at least in some versions of PGP.)

Now look at the key properties of this doctored version.

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: PGP Personal Privacy 6.5.1

mQGiBDZaMUURBADRBmpJDV9ArASjlwErwWfxA1RCGCtOHE+3BgMjhENL/0P984DE
fyVxWvfAecMD3bJsJoGg3TphuKyEYC9HWn+F//U1OZtU3Dg04YJ/8gYUblhbXsqJ
eR2SLUxip7pqweXGC+ZJc1B/vWcX++3d272cNSHjZk2eKYBR6ju8sIRFVQCg/7ph
V+l0Mhd2J9Dau2Li+tKNiZ8EAIcjuh5xmOCyLI3co7zVWebkiePLHJln6oaeWWcn
4rcaN+J2L1OoxfggIQAlQln6YYKUcKGKd7VsaM4J96KYYSqL1SL41AEhurxpbnVs
daxNPwiukqv5+5a0ayU0//nhA3vy9j4pq8ALrV43L+rPeWcBX6bscejsvCE/fy/n
8YlgA/4m8geD6NC1v/MBsnIaQR6W8irrEY0CN2U3im5YMvzHHotgKLO0sOjGIJKZ
BeWtkqXzkelUL//Jiopk6QRoK01FnbCnA+0wvAduBpk4ffBoMblp5l5zAqPnSIYj
MWR2Fu+oXZ1twMgrHblVfExhpYnzGPZnD5t6vNZfwxkoZOC7I7QqV2lsbGlhbSBD
bGludG9uIDxwcmVzaWRlbnRAd2hpdGVob3VzZS5nb3Y+iQBjBBARAgALBQI2WjFF
BAsDAgEAIhcKgBHCo/XEzfMxSwSfH46EMXh9EWBhbQkQAzdV7vZuIvCUzACg9lMY
QmHofvie9Za3G6cZKSulgu8AoJv/6NkHNiEFo1l/W37bLP2CSXYouQQNBDZaMUYQ
EAD5GKB+WgZhekOQldwFbIeG7GHszUUfDtjgo3nGydx6C6zkP+NGlLYwSlPXfAIW
SIC1FeUpmamfB3TT/+OhxZYgTphluNgN7hBdq7YXHFHYUMoiV0MpvpXoVis4eFwL
2/hMTdXjqkbM+84X6CqdFGHjhKlP0YOEqHm274+nQ0YIxswdd1ckOErixPDojhNn
l06SE2H22+slDhf99pj3yHx5sHIdOHX79sFzxIMRJitDYMPj6NYK/aEoJguuqa6z
ZQ+iAFMBoHzWq6MSHvoPKs4fdIRPyvMX86RA6dfSd7ZCLQI2wSbLaF6dfJgJCo1+
Le3kXXn11JJPmxiO/CqnS3wy9kJXtwh/CBdyorrWqULzBej5UxE5T7bxbrlLOCDa
AadWoxTpj0BV89AHxstDqZSt90xkhkn4DIO9ZekX1KHTUPj1WV/cdlJPPT2N286Z
4VeSWc39uK50T8X8dryDxUcwYc58yWb/Ffm7/ZFexwGq01uejaClcjrUGvC/RgBY
K+X0iP1YTknbzSC0neSRBzZrM2w4DUUdD3yIsxx8Wy2O9vPJI8BD8KVbGI2Ou1WM
uF040zT9fBdXQ6MdGGzeMyEstSr/POGxKUAYEY18hKcKctaGxAMZyAcpesqVDNmW
n6vQClCbAkbTCD1mpF1Bn5x8vYlLIhkmuquiXsNV6z3WFwACAhAApQgMg6CaoTMj
yUhIWIMFw/ahfUd6Iyx9EhFoWhttrUGam0zHBSrvTVOwXQfttxCeFoczdgr4UuU1
6NDJ2MsBLzT0snvsjxrxNZcwlSp4uVAtpVbzZn8vDorXWhp+LgzdzfRFWOzb0tH0
Ys9ICQ4MATyS2nndwiJbakZW4vWNnHtXfWwZvqzvJLO+qD48QOhvVjiITXtEJNJo
WPrPNDy/2lsaOHMotWvODNRigQ7ONZ5o4IoNyF8b8Lz0p8DwXEfz81oE+Qpy40gC
ljKGnq6tT9yBQahaLHJqYEHdllQkPJJDW9KKldcPfqa0uh97NxUN4eKRreHgZdS+
0x2IIObpJQmNEIsSNvSNTssc+ItlA+asqDvNx5FYrww/iarq00iyrIATU9kSGSnM
OBc8xrWlqAzDuHCIlyrMf2CIbneYEIvpdYwaRmLQzOO1+DzYQ8PPfIs8HEKMxX5R
j52Yo6SRupr/7tBf0BJS+22hasmytdhwv9bZKm91AglZPUQCB9k0hL0SPMIQNaSv
ZcxKMM75tWVWxckjtsyP2WD7s8xYsKJJMOeVxIjwI5mJwwA/4fL+WxFwjGHmIBEx
iPs3Nii0laElEiqb3zLnZ1chgFhCfrSxBRO+56IkQ8NcT/bvtaaUskcLZgKQN0AP
f7sJ2pfl3+Ha1qjdCt3dpzSQYg6gez2JAEYEGBECAAYFAjZaMUYACgkQAzdV7vZu
IvCT0ACg+wp+e839mJEWmi/FLTfcF1c4h88AoOsoOETXbPbmGIsKt9kGjeBl6G8o
=ZeQW
-----END PGP PUBLIC KEY BLOCK-----

You will see that a new tag has appeared: "ADK". Click this tag. It will show you the additional decryption key: FBI Bomb Data Center (bdc@fbi.gov), and it will have "Enforce" marked! So if you encrypt a copy of something to Bill, you will also automatically encrypt a copy that can be decrypted by the FBI Bomb Data Center. And yet the fingerprint and signature on Bill's key have not been altered! (Check this for yourself.)

One easy way to look at the parts of a PGP key on your key ring is to use a program called GnuPG. GnuPG is an open source replacement for PGP. You can get the GnuPG software here: http://www.gnupg.org/.

Using GnuPG to look at the packets of William Clinton's PGP key before and the modification, we see the following.

Before:

:public key packet:
	version 4, algo 17, created 911880517, expires 0
	pkey[0]: [1024 bits]
	pkey[1]: [160 bits]
	pkey[2]: [1024 bits]
	pkey[3]: [1022 bits]
:trust packet: flag=00
:user ID packet: "William Clinton "
:trust packet: flag=01
:signature packet: algo 17, keyid 033755EEF66E22F0
	version 4, created 911880517, md5len 0, sigclass 10
	digest algo 2, begin of digest 94 cc
	hashed subpkt 2 len 5 (sig created 1998-11-24)
	hashed subpkt 11 len 4 (pref-sym-algos: 3 2 1)
	subpkt 16 len 9 (issuer key ID 033755EEF66E22F0)
	data: [160 bits]
	data: [160 bits]
:trust packet: flag=60
:public sub key packet:
	version 4, algo 16, created 911880518, expires 0
	pkey[0]: [4096 bits]
	pkey[1]: [2 bits]
	pkey[2]: [4096 bits]
:trust packet: flag=00
:signature packet: algo 17, keyid 033755EEF66E22F0
	version 4, created 911880518, md5len 0, sigclass 18
	digest algo 2, begin of digest 93 d0
	hashed subpkt 2 len 5 (sig created 1998-11-24)
	subpkt 16 len 9 (issuer key ID 033755EEF66E22F0)
	data: [160 bits]
	data: [160 bits]
:trust packet: flag=60

After:

:public key packet:
	version 4, algo 17, created 911880517, expires 0
	pkey[0]: [1024 bits]
	pkey[1]: [160 bits]
	pkey[2]: [1024 bits]
	pkey[3]: [1022 bits]
:trust packet: flag=00
:user ID packet: "William Clinton "
:trust packet: flag=01
:signature packet: algo 17, keyid 033755EEF66E22F0
	version 4, created 911880517, md5len 0, sigclass 10
	digest algo 2, begin of digest 94 cc
	hashed subpkt 2 len 5 (sig created 1998-11-24)
	hashed subpkt 11 len 4 (pref-sym-algos: 3 2 1)
	subpkt 10 len 23 (additional recipient request)
	subpkt 16 len 9 (issuer key ID 033755EEF66E22F0)
	data: [160 bits]
	data: [160 bits]
:trust packet: flag=60
:public sub key packet:
	version 4, algo 16, created 911880518, expires 0
	pkey[0]: [4096 bits]
	pkey[1]: [2 bits]
	pkey[2]: [4096 bits]
:trust packet: flag=00
:signature packet: algo 17, keyid 033755EEF66E22F0
	version 4, created 911880518, md5len 0, sigclass 18
	digest algo 2, begin of digest 93 d0
	hashed subpkt 2 len 5 (sig created 1998-11-24)
	subpkt 16 len 9 (issuer key ID 033755EEF66E22F0)
	data: [160 bits]
	data: [160 bits]
:trust packet: flag=60

Notice that a new line has appeared in the signature packet:

subpkt 10 len 23 (additional recipient request) 

That additional recipient is the FBI Bomb Data Center. Too bad Mr. Clinton!

How Did This Mess Happen?

PGP was created by Phil Zimmerman to bring strong cryptography to the masses. It became especially popular after the US government's original "Clipper Chip" proposal(s) to put a backdoor for government monitoring purposes into encryption communication software. Improving PGP turned into a grassroots project to create and distribute an email privacy program that did not have any backdoors.

Then PGP became big business. Corporate America adopted PGP for communication purposes. Network Associates purchased Phil Zimmerman's original company. And the issue of backdoor keys returned. Instead of an additional decryption key (ADK) for the secret police, it was an ADK for the company security officer. After all, company email was company property, and one would still need to read customer mail even if a disgruntled employee left without giving up the secret key that was normally used for decryption.

But suppose you don't want any ADKs. Then they shouldn't affect you. But, as we saw in Bill Clinton's case above, they do. Because some versions of the PGP program are trying to deal with the monstrous management problem of having additional decryption keys, and in so doing manage to sacrifice the security of those who wanted nothing to do with them.

In a later article, I will suggest ways to deal with the PGP hole.

____________________

Reference

"Key-Experiments, How PGP Deals With Manipulated Keys, An Experimental Approach" by Ralf Senderek, August 2000 (http://senderek.de/security/key-experiments.html).

J. Orlin Grabbe is the author of International Financial Markets, and is an internationally recognized derivatives expert who has recently branched out into cryptology, banking security, and digital cash. His home page is located at http://orlingrabbe.com. He currently resides in Costa Rica.

-30-

from The Laissez Faire City Times, Vol 4, No 35, August 28, 2000