Path: gmdzi!unido!fauern!ira.uka.de!sol.ctr.columbia.edu!spool.mu.edu!
mips!zaphod.mps.ohiostate.edu!unix.cis.pitt.edu!dsinc!netnews.upenn.edu!
msuinfo!news
From: rior...@clvax1.cl.msu.edu (Mark Riordan)
Newsgroups: sci.crypt
Subject: rpem: Privacy Enhanced Mail/public key program
MessageID: <1991May16.031811.28382@msuinfo.cl.msu.edu>
Date: 16 May 91 03:18:11 GMT
Sender: ne...@msuinfo.cl.msu.edu
Organization: Michigan State University
Lines: 66
Announcing the initial release of "rpem", a mostly public domain
Privacy Enhanced Mail system incorporating a public key encryption system.
"rpem" is a program that encrypts messages and encodes the result
into a printable form suitable for inclusion into mail messages.
(Of course, unencoding and decryption are also provided.)
In general, adherence to RFCs 11131115 is attempted, but complete
adherence is not possible because a different public key scheme is used.
Possibly of greatest interest to sci.crypt readers is the public
key encryption code that comes with rpem. In fact, this project's goal was
initially to provide simply the public key functions; the privacy
enhanced mail program was a "demo" program that got out of hand.
The public key encryption algorithm used in rpem is Rabin's:
ciphertext = plaintext^2 mod pq (p, q are primes)
The public component of the key is pq, and the private component
is p and q. Rabin's algorithm is probably slower (on decryption) and less
aesthetically pleasing than RSA, for instance, but it's in the
public domain. Also, unlike RSA, breaking Rabin's scheme is provably
as hard as factoring a product of two primes.
A crude means of registering public keys via email to and anonymous
FTP from dcssparc.cl.msu.edu is provided. This is not meant as a
serious answer to the problem of public key distribution.
rpem is distributed in source form via anonymous FTP from
dcssparc.cl.msu.edu (35.8.1.6). Following the model of MIT Project
Athena's Kerberos distribution, there are two files:
pub/crypt/rpem.tar.Z for recipients in the USA, and
pub/crypt/rpem_export.tar.Z for all others.
If you are outside the USA, retrieve the latter file only.
It includes everything in rpem.tar.Z but "des.c".
Export of this software from the United States of America is
assumed to require a specific license from the United States
Government. It is the responsibility of any person or
organization contemplating export to obtain such a license
before exporting.
Most of the code in the distribution was written by me, but the
project would not have been possible without valuable contributions
by Bennet Yee, Marc Ringuette, Arjen Lenstra, Michael Rabin, and Phil Karn.
These people should not be held responsible for any shortcomings in the
product.
Nearly all of the code is in the public domain; a few routines
are distributed under GNUlike restrictions.
The source code is entirely in C. Some pains have been taken to
make it portable; rpem has been ported to PCs running OS/2 and PCDOS,
and a number of Unix boxes, including Sun 3, Sun 4, NeXT, HP 9000/3xx,
IBM RT, Silicon Graphics, VAX, DECstation, and Convex. If you port
the code to another platform, please tell me what it took and send
me the output from "make benchmark".
I expect to make enhancements to this package, especially in the
area of digital signatures. Hence, if you want a more polished product,
I recommend waiting until later this summer. However, I have been putting off
distribution of the package long enough. Besides, I want to take
a break for about a month to work on another project.
I'm not a genuine cryptographic expert. Send comments, criticisms,
and suggestions for improvement to:
Mark Riordan Michigan State University rior...@clvax1.cl.msu.edu
Path: gmdzi!unido!math.fuberlin.de!ira.uka.de!sol.ctr.columbia.edu!
samsung!usc!rpi!batcomputer!cornell!rochester!pt.cs.cmu.edu!
daisy.learning.cs.cmu.edu!mnr
From: m...@daisy.learning.cs.cmu.edu (Marc Ringuette)
Newsgroups: sci.crypt
Subject: Re: rpem: Privacy Enhanced Mail/public key program
MessageID: <13066@pt.cs.cmu.edu>
Date: 16 May 91 13:43:54 GMT
Organization: CarnegieMellon University, CS/RI
Lines: 47
Here's my personal recommendation for actually trying out the rpem program,
and email security in general. It's nifty to see it work, and you may get
some bugs out of your thinking about how to go about being secure. I'd be
happy to exchange secure mail with you using rpem.
I've put my public key in my .signature, and I encourage any of you to do so.
I really think it's great to have the _option_ to communicate securely, and
I'm interested in seeing the wider Internet community tune in to this
technology at some point.
There are some interesting issues that come up, under the general heading of
"how to have privacy and security on the net," and more work to be done.
Clearly the next big one is key distribution. Just putting a public key in
your .signature is fine for preventing eavesdropping, but you're still
vulnerable to tampering. A secure key server fixes that, but you have to
trust the server. I don't have the perfect solution...maybe a dozen secure
servers that you can check against each other?
Other issues are
 Traffic analysis / anonymous mail / electronic cash. David Chaum's work
is interesting, and we could implement some of it.
 Secure netnews (in the sense that I can be sure I'm reading what everyone
else is). If we had this, we could just post our public keys to the net.
One suggestion: a subset of us signs the news we read, and posts the
signatures.
 What procedures do we give someone who wants to be secure? Eventually
we have to make this easy to do.
Send me mail (securely, of course) if you're interested, so I know who's out
there. Meanwhile, sci.crypt is a good place to discuss this.
  
 Marc Ringuette  Cucumber Science Dept.  What does a blonde say when 
 m...@cs.cmu.edu  Cranberry Melon Univ.  you blow in his/her ear? __ 
 4122683728  Pittsburgh, PA 15213  "Thanks for the refill." \/ 
  
User: m...@DAISY.LEARNING.CS.CMU.EDU
RabinModulus:
UaCUDY+bd7EvAtkaZ9S1fRz7LO/MONro+pVvD/tNS52wf3tJZp4dcOKmEYNlhZh6

 I use the "rpem" public domain public key email system, with the above key. 
 Clip and save! For info on rpem, send mail to rior...@clvax1.cl.msu.edu. 
 To get it, ftp from dcssparc.cl.msu.edu, file pub/crypt/rpem.tar.Z (in USA).

Path: gmdzi!unido!mcsun!uunet!zaphod.mps.ohiostate.edu!think.com!yale!
mintaka!bloombeacon!bloompicayune.mit.edu!athena.mit.edu!jim
From: j...@chirality.rsa.com (Jim Bidzos)
Newsgroups: sci.crypt
Subject: Re: rpem: Privacy Enhanced Mail/public key program
MessageID: <JIM.91May16101804@chirality.rsa.com>
Date: 16 May 91 14:18:04 GMT
References: <1991May16.031811.28382@msuinfo.cl.msu.edu>
Sender: ne...@athena.mit.edu (News system)
Organization: RSA Data Security, Inc.
Lines: 53
InReplyTo: riordanmr@clvax1.cl.msu.edu's message of 16 May 91 03:18:11 GMT
The author of the following message does not have direct Internet
access. Paper mail will follow to Mark Riordan and Michigan State
University.

May 16, 1991
Dear Mr. Riordan,
We refer to your posting to sci.crypt of May 16, 1991:
> Announcing the initial release of "rpem", a mostly public domain
> Privacy Enhanced Mail program incorporating a public key encryption system
> The public key encryption algorithm used in rpem is Rabin's:
> ciphertext = plaintext^2 mod pq (p, q are primes)
> The public component of the key is pq, and the private component
> is p and q. Rabin's algorithm is probably slower (on decryption) and less
> aesthetically pleasing than RSA, for instance, but it's in the
> public domain. Also, unlike RSA, breaking Rabin's scheme is provably
> as hard as factoring a product of two primes.
The Massachusetts Institute of Technology and the Board of
Trustees of the Leland Stanford Junior University have granted Public
Key Partners exclusive sublicensing rights to the following patents
registered in the United States, and all of their corresponding
foreign patents:
Cryptographic Apparatus and Method
("DiffieHellman") .......................... No. 4,200,770
Public Key Cryptographic Apparatus
and Method ("HellmanMerkle") ............... No. 4,218,582
Cryptographic Communications System and
Method ("RSA") .............................. No. 4,405,829
Exponential Cryptographic Apparatus
and Method ("HellmanPohlig") ............... No. 4,424,414
These patents cover most known methods of practicing the art
of publickey cryptography, including the system commonly known as
"Rabin," which is NOT, contrary to your claim, public domain, and is
covered by at least two of the patents listed above.
WE HEREBY PLACE YOU AND ALL USERS OF YOUR IMPLEMENTATION OF
PUBLIC KEY, ON NOTICE THAT THEY ARE INFRINGING ON THESE PATENTS AND WE
RESERVE ALL OF OUR RIGHTS AND REMEDIES AT LAW.
Yours,
Public Key Partners
Robert B. Fougner, Esq.
Director of Licensing
