I just downloaded idea.c.gz and the detached signature file. But, I couldn;t verify the signature even though I have imported the GnuPG public key from www.gnupg.org. So, has the key on their web site been replaced by some hacker?