[2278] in cryptography@c2.net mail archive
Re: exporting blowfish
daemon@ATHENA.MIT.EDU (Greg Rose)
Thu Mar 12 17:23:53 1998
To: michael shiplett <walrus@ans.net>
cc: cryptography@c2.net
In-reply-to: Your message of Thu, 12 Mar 1998 16:46:30 CDT.
<199803122146.QAA28736@fuseki.aa.ans.net>
Date: Fri, 13 Mar 1998 09:16:03 +1100
From: Greg Rose <ggr@qualcomm.com>
michael shiplett writes:
>In trying to get an license to export from the US, I was just told
>that the use of blowfish is limited not to 40-bits but to 32-bits. Has
>anyone else run into this?
I haven't run into this specific example, but it
doesn't surprise me at all. Blowfish has a large
key schedule overhead (by design). The 40 bit
limit was imposed to allow NSA brute-force attacks
to succeed at (what they think of as) reasonable
cost.
The other example I am aware of involved
computing a relatively large 256-byte involution
table based on the key. We don't yet have a
ruling about whether 40 bits will be acceptable
or not, but there is no guarantee that it will
be... except for RC4 which was worked into the
regulations specifically, you still need specific
one-time approval.
They might even allow 56-bit ROT-13, you never do
know... :-)
Greg.
Greg Rose INTERNET: ggr@qualcomm.com
QUALCOMM Australia VOICE: +61-2-9743 4646 FAX: +61-2-9736 3262
6 Kingston Avenue http://people.qualcomm.com/ggr/
Mortlake NSW 2137 B5 DF 66 95 89 68 1F C8 EF 29 FA 27 F2 2A 94 8F
