[12509] in cryptography@c2.net mail archive
RE: Columbia crypto box
daemon@ATHENA.MIT.EDU (Trei, Peter)
Tue Feb 11 11:01:24 2003
X-Original-To: cryptography@wasabisystems.com
X-Original-To: cryptography@wasabisystems.com
From: "Trei, Peter" <ptrei@rsasecurity.com>
To: "Steven M. Bellovin" <smb@research.att.com>,
daw@mozart.cs.berkeley.edu,
"'Arnold G. Reinhold'" <reinhold@world.std.com>
Cc: cryptography@wasabisystems.com
Date: Tue, 11 Feb 2003 10:25:57 -0500
> Arnold G. Reinhold[SMTP:reinhold@world.std.com] wrote:
>
> It's worth remembering that the original WEP used 40 bit keys. For
> some time, RC4 with 40 bit keys was the only crypto system that could
> be exported without a license. It's hard for me to believe that
> export concerns were not the primary factor in the initial choice of
> RC4.
>
> Arnold Reinhold
>
>
If I recall correctly (dee3: Can you help?) WEP is actually derived
from the encryption system used in the Apple Mobile Messaging
System, a PCMCIA paging card made for the Newton in the mid-90s.
This used 40 bit RC4.
Though only a few years have passed, it's difficult to remember now
what an encumberance the ITAR export regulations were. Essentially,
there was a (very short) list of ciphers and modes you could export.
40-bit RC4 was relatively easy to export. Anything better,or anything
which had not been already approved by the NSA, faced a bureaucratic
nightmare and huge delays if it was approved at all.
Peter Trei
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@wasabisystems.com
