[4407] in cryptography@c2.net mail archive
Re: 1024 bit RSA exportable?
daemon@ATHENA.MIT.EDU (Jim Gillogly)
Tue Mar 30 15:24:30 1999
Date: Tue, 30 Mar 1999 12:10:44 -0800
From: Jim Gillogly <jim@acm.org>
Reply-To: jim@acm.org
To: cryptography@c2.net
Eric Rescorla wrote:
> I'm trying to sort out what the situation is for RSA exportability
> under the new regulations. Obviously, we can use DES, but
> are we still restricted to 512 bit RSA keys. What's the story?
Obviously? You can apply for an export license, and if you pass
the one-time technical review you can use DES and (with mass market
software) up to 1024-bit RSA, according to the Federal Register
stuff at http://www.bxa.doc.gov/Encryption/1231ERC.htm . Search
on "public key algorithm". But the real answer is always that BXA
wants you to apply for an export license, saying what you want to
export and whom you want to receive it, and that it can't be modified
by the end-user (I don't think they ask you to prove that it can't
be modified, and I've been told they're not so stupid that they believe
this is a satisfiable condition) and they'll tell you whether they'll
give you the license.
An example of filling in the license app on their site shows them
using 1024-bit RSA for key exchange. It doesn't say whether such a
hypothetical application would be approved. :-P See the fact sheet
on "Helpful hints when applying for ..."
--
Jim Gillogly
Sterday, 8 Astron S.R. 1999, 19:57
12.19.6.1.3, 5 Akbal 16 Cumku, Fifth Lord of Night
