A Short History of the GNU Privacy Guard
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
It's been a decade now that the very first version of the
GNU Privacy
Guard [0] has been released. This very first version was
not yet
known under the name of GnuPG but dubbed "g10" as
a reference on the
German constitution article on freedom of telecommunication
(Grundgesetz Artikel 10) and as a pun on the G-10 law which
allows the
secret services to bypass these constitutional guaranteed
freedoms.
Version 0.0.0 released on December 20th 1997 [1], was a
barely working
replacement of PGP avoiding all patented algorithm by using
Elgamal
and Blowfish instead of RSA and IDEA. It was prominently
marked as a
test version but nevertheless included most of the features
of the
current GnuPG. The data format however was not compatible
with
OpenPGP but oriented towards the PGP 2 format with a few
extensions
(e.g. to allow streaming of data). The OpenPGP working
group was
founded back in fall 1997 and I learned a bit to late about
it to
build "g10" according to the then existing draft.
For copyright
reasons it was practically not possible to reverse engineer
the format
used by PGP-5, so the establishment of the OpenPGP WG was
the right
thing at the right time.
Before talking about GnuPG we need to go some more years
back in
history: To help political activists Phil Zimmermann
published a
software called Pretty Good Privacy (PGP) in 1991. PGP was
designed
as an easy to use encryption tool with no backdoors and
disclosed
source code. PGP was indeed intended to be
cryptographically strong
and not just pretty good; however it had a couple of inital
bugs, most
of all a home designed cipher algorithm. With the
availability of the
source code a community of hackers (Branko Lankester, Colin
Plumb,
Derek Atkins, Hal Finney, Peter Gutmann and others) helped
him to fix
these flaws and a get a solid version 2 out.
Soon after that the trouble started. As in many counties
the use or
export of cryptographic devices and software was also
strongly
restricted in the USA. Only weak cryptography was generally
allowed.
PGP was much stronger and due to the Usenet and the
availability of
FTP servers and BBSs, PGP accidently leaked out of the
country and
soon Phil was sued for unlicensed munitions export. Those
export
control laws were not quite up to the age of software with
the funny
effect that exporting the software in printed form seemed
not to be
restricted. MIT Press thus published a book with the PGP
source code
which was then scanned outside the USA to form the base of
PGP-2i ("i"
for international). Since then that version was used
widely.
The criminal investigations against Phil ended in 1996 and
he founded
PGP Inc to write PGP-5. The first public release was done
in spring
1997. The same year at the 39th IETF meeting at Munich in
August Phil
Zimmermann and Jon Callas asked the IETF to setup a working
group to
publish a standard for the protocol used by PGP-5 under the
name
OpenPGP. The main drive behind this was to allow widespread
use of
strong encryption even if at some point the new company
would decide
to stop selling and supporting PGP. As it turned out PGP
Inc was
acquired by Network Associates just a few months later and
in 2002
this company actually ceased support and development of PGP
(though
the PGP product was later continued by the new PGP
Corporation).
Also often claimed to be Free Software, PGP has never
fulfilled the
requirements for it: PGP-5 is straight proprietary software;
the
availability of the source code alonedoes not make it free.
PGP-2 has
certain restrictions on commercial use [2] and thus puts
restrictions
on the software which makes it also non-free. Another
problem with
PGP-2 is that it requires the use of the patented RSA and
IDEA
algorithms. The patent on RSA was only valid in the USA but
the
patent on IDEA was and is still valid [3] in most
countries.
Although the GNU project listed a requirement for a PGP
replacement
for some years on its task list, it was not possible to
start
implementing it as long as patents on all public key
algorithms were
valid. That changed when in April 1997 the basic patent on
public key
algorithms expired (the Diffie-Hellman US patent 4200770)
and finally
in August when the broader Hellman-Merkle patent (4218582)
expired.
A month later, at the Individual-Network Betriebstagung at
Aachen [4],
Richard Stallman continued his talk with a BoF session where
he asked
the European hackers to start implementing public key
software. The
arms trafficker laws of the USA prohibited the GNU project
to write
such software in their country or even by US citizens
working abroad.
Thus he told the European hackers that they are in the
unique position
to help the GNU with crypto software.
Being tired of writing SMGL conversion software and without
a current
fun project, I soon found my self hacking on PGP-2 parsing
code based
on the description in RFC-1991 and the pgformat.txt file.
As this
turned out to be easy I continued and finally came up with
code to
decrypt and create PGP-2 data. After I told the GNU towers
that I
will take up the PGP replacement implementation I spent the
rest of
the year replacing IDEA by Blowfish, RSA by Elgamal,
implementing
streaming encryption, adding some key management and getting
the code
into a reasonable shape.
There used to be a plan for a free version of Secure Shell
called PSST
(later known as LSH) with a somewhat populated mailing
lists
maintained by Martin Hamilton. Martin was the so kind to
setup a
mailing list for g10 too and announced it on that list.
This way we
got the first subscribers. Eventually I made the first
tarball, put
it up to ftp.guug.de, the FTP server of the German Unix User
Group,
and wrote an announcement [5].
Right the next day Peter Gutmann offered to allow the use of
his
random number code for systems without a /dev/random. This
eventually
helped a lot to make GnuPG portable to many platforms. The
next two
months were filled with code updates and a lengthly
discussion on the
name; we finally settled for Anand Kumria's suggestion of
GnuPG and
made the first release under this name (gnupg-0.2.8) on Feb
24 [6].
Just a few days later an experimental version with support
for Windows
was released. (That release also fixed an alignment problem
on Alpha
boxes which was detected due to kernel log files filling up
the hard
disk and an admin asking whether they really need to be
backed up. 
In July 1998 the first more or less OpenPGP draft compliant
version
was released. Matthew Skala had contributed Twofish code
done cleanly
From=20scratch (Twofish was at that time a promising AES
candidate and
suggested by Schneier as a Blowfish replacement; however we
had some
copyright concerns with the reference code). Michael Roth
contributed
a Triple-DES implementation later the year and thus
completed the
required set of OpenPGP algorithms. Over the next year the
usual
problems were solved, features discussed, complaints noticed
and
support for gpg in various other software was introduced by
their
respective authors.
Finally, on September 7, 1999 the current code was released
as version
1.0.0 with the major update of including Mike Ashley's GNU
Privacy
Handbook [7]. A year later the RSA patent was to expire on
September
20; the patent holder placed the patent into the public
domain 3 weeks
earlier and thus we could release 1.0.3 with RSA support
already on
September 18. One of the major obstacles on widespread use
public
cryptography had gone (far too late of course).
Also in 1999 the German government decided that strong
encryption will
not be regulated in any way and that its use is recommended
for
everyone. To publicly support this statement the Ministry
of
Economics funded the porting of GnuPG and related software
to
Microsoft Windows [8]. The US government was not keen to
see that and
tried to urge the German government to revise the decision
to allow
unregulated distribution of crypto software [9]. That did
not work
out and to the end the USA had no other way than to weaken
their own
export rules.
Although we still develop GnuPG using servers located in
Europe the
new US export controls eventually allowed US hackers to
contribute to
GnuPG development. In 2001 David Shaw joined the project
and since
then he is one of the most active GnuPG hackers and the
co-maintainer.
It's now a long time since GnuPG could be managed as a fun
project and
thus I now spend most of my professional life maintaining
and extending
GnuPG. In 2001 I founded g10 Code, a Free Software company
for the
development and support of GnuPG and related software. The
most known
project is probably GnuPG-2 which started under the name
NewPG as part
of the broader Aegypten project. The main goal of Aegypten
was to
provide support for S/MIME under GNU/Linux and integrate
that cleanly
with other mail clients, most notably KMail. Although
having been
actively used since 2004, we released 2.0.0 only one years
ago.
It was not that much fun writing X.509/CMS (commonly named
S/MIME)
software compared to the elegant and very interoperable
OpenPGP
protocol. Having mastered that we meanwhile achieved to
provide a
software which is really useful and works nicely with almost
any other
S/MIME implementation. It also turned out that we could
port GnuPG-2
to Windows - despite my original claim that a modern POSIX
platform
will be needed for GnuPG-2. This development also showed
that it is
viable to develop Free Software as a business.
With the new tools and from a user's perspective S/MIME and
OpenPGP
will soon not make much of a difference anymore. However I
had to
smile when I today read a report on the last RSA Europe
conference
where a quick poll during a talk showed that OpenPGP is the
mostly
used encryption protocol.
Recall that GnuPG is just one tool; there are numerous other
tools out
to solve related privacy problems. Kudos to all who worked
on writing
and deploying privacy tools over all these years!
Happy Hacking,
Werner
[0] http://www/gnupg.org
[1] ftp://ftp.gnupg.org/gcrypt/historic/g10-0.0.0.tar.gz
[2] from pgpdoc2.txt: "Finally, if you want to turn PGP
into a
commercial product and make money selling it, then we
must agree
on a way for me to also make money on it. [...] Under
no
circumstances may PGP be distributed without the PGP
documentation, including this PGP User's Guide."
[3] "valid" is meant in the sense the patent
holders use it and does
not imply that I regard patents on software a valid
concept. See
http://www.fsfeurope.org/projects/swpat/background.en.
html .
[4] http://www
.dascon.de/IN-BT97/programm.html
[5] http://lists.gnupg.org/pipermail/gnupg-dev
el/1997-December/014131.html
There are just a few mails in December mainly discussing
patent things.
[6] http://lists.gnupg.org/pipermail/gnupg-dev
el/1998-February/014208.html
[7] http://lists.gnupg.org/pipermail/gnupg-announc
e/1999q3/000037.html
[8] http://partners.nytimes.com/library/tech
/99/11/cyber/articles/19encrypt=
.html
[9] http:
//www.heise.de/tp/r4/artikel/5/5124/1.html
=2D-=20
Die Gedanken sind frei. Auschnahme regelt ein
Bundeschgesetz.
_______________________________________________
Gnupg-announce mailing list
Gnupg-announce gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-announce
|