[587] in cryptography@c2.net mail archive
Re: 56 bit crypto exportable?
daemon@ATHENA.MIT.EDU (Adam Shostack)
Sat Apr 19 14:32:56 1997
From: Adam Shostack <adam@homeport.org>
In-Reply-To: <199704171659.LAA22838@dfw-ix4.ix.netcom.com> from "tamaster@technologist.com" at "Apr 17, 97 11:59:26 am"
To: tamaster@technologist.com
Date: Sat, 19 Apr 1997 10:51:39 -0500 (EST)
Cc: cryptography@c2.net
V-One uses a challenge response mechanism with previously exchanged
long lived secret keys (done via RSA) to generate session keys. My
suspicion is that they're logging those session keys into a database
somewhere, and making it easy to get the key to a given session.
Adam
tamaster@technologist.com wrote:
| The original release of this announcement from PRNewswire has an
| additional paragraph of some interest:
|
| > Previous approvals for encryption export allowed the
| > use of strong encryption (over 40-bit) only with
| > inclusion of a trusted third party having access to the
| > keys. The approval given V-ONE not only clears the
| > way for customers overseas to install 56-bit
| > SmartGate encryption immediately. The Department
| > of Commerce also assured V-ONE that customers
| > using its Trusted First Party key management
| > infrastructure (KMI) solution will be permitted to
| > increase key length as much as desired.
|
| If this is true, would this indicate a mechanism by which support
| for replacement of the session encryption is provided? Or are we
| merely talking about the PK encryption key length (while still
| using single DES for the session crypto). It looked to me to be
| a rather misleading placement of this sentence in the context of
| the statement refering to the 56-bit session encryption key length.
|
| It is also stated in the release posted on their web site:
|
| http://www.v-one.com/html/body_comm.html
|
| ___________________________________________________________________________
| "The light will find those who understand kharma, and those who DO NOT,
| will only find the darkness. What goes around, comes around, BABY!"
|
--
"It is seldom that liberty of any kind is lost all at once."
-Hume
