[648] in cryptography@c2.net mail archive
Re: U.S. Broker goes 40-bit only
daemon@ATHENA.MIT.EDU (Adam Shostack)
Wed Apr 30 10:20:46 1997
From: Adam Shostack <adam@homeport.org>
In-Reply-To: <199704292213.PAA16312@jefferson.hidden.net> from Anonymous at "Apr 29, 97 03:13:25 pm"
To: cryptography@c2.net
Date: Tue, 29 Apr 1997 20:32:31 -0400 (EDT)
If anonymous would like to drop me an note telling me if
they've terminated their account, I'd appriciate it. (Relates to the
question about 40 bit session cracking I asked the other day.)
Adam
Anonymous wrote:
| >From: "Service3" <service@etrade.com>
| >Subject: Re: Weakened web security
| *************************************************************
|
| E*TRADE SECURITIES
|
| *************************************************************
| Dear <snip>:
|
| Thank you for your e-mail message, and your comments.
|
| We are looking into reestablishing the handshaking capability for
| 128-bit encryption. I do not have a time table for when that will take
| place.
|
| However, we beg to differ with your view that the 40-bit encryption is
| "insecure". Since our security system uses one-time pads, it would be
| extremely difficult for anyone to decode a single packet, much less an
| entire transmission series. We have yet to have a single security
| breach at E*Trade, and even if there was, we are insured fully for
| such a situation. We are fully confident that our customers are as
| safe and secure as we can make them.
|
|
| If you have any additional questions or comments, please e-mail us at
| service@etrade.com, or, if you would prefer, please feel free to call
| a Customer Service Representative, Monday through Friday, 8:00am to
| 12:00am Midnight (Eastern Time), toll-free, at 1-800-STOCKS5
| (1-800-786-2575).
|
| Sincerely,
|
| <snip>
| E*Trade Customer Service
|
|
--
"It is seldom that liberty of any kind is lost all at once."
-Hume
