[4410] in cryptography@c2.net mail archive
Re: 1024 bit RSA exportable?
daemon@ATHENA.MIT.EDU (Bill Frantz)
Wed Mar 31 09:58:31 1999
In-Reply-To: <199903301926.LAA06667@romeo.rtfm.com>
Date: Tue, 30 Mar 1999 20:05:06 -0700
To: Eric Rescorla <ekr@rtfm.com>, cryptography@c2.net
From: Bill Frantz <frantz@netcom.com>
At 12:26 PM -0700 3/30/99, Eric Rescorla wrote:
>I'm trying to sort out what the situation is for RSA exportability
>under the new regulations. Obviously, we can use DES, but
>are we still restricted to 512 bit RSA keys. What's the story?
The way I read it, if you are using RSA for authentication, there are no
export restrictions (except perhaps the awful 5 nations). You do not need
to get a license.
If the RSA is being used to encrypt a symetric key for privacy, then it is
limited to 512 bits, the symetric key is limited to 64 bits, and you need
to get a license. (Jim Gillogly says 1024 is now the limit in this
situation.)
YMMV, IANAL
-------------------------------------------------------------------------
Bill Frantz | Macintosh: Didn't do every-| Periwinkle -- Consulting
(408)356-8506 | thing right, but did know | 16345 Englewood Ave.
frantz@netcom.com | the century would end. | Los Gatos, CA 95032, USA
