From: "E. ALLEN SMITH" <EALLENSMITH@ocelot.Rutgers.EDU>
Date: Sun, 14 Apr 1996 14:46:04 +0800
To: jk@digit.ee
Subject: Re: RC4 on FPGAs (Was: Bank transactions on Internet)
Message-ID: <01I3IG4C9C0E8Y51D0@mbcl.rutgers.edu>
MIME-Version: 1.0
Content-Type: text/plain


From: =?ISO-8859-1?Q?J=FCri_Kaljundi?= <jk@digit.ee>

>Once someone gets this kind of cracking device ready, I think it would be
>nice to make the information freely available, or start selling these for
>nominal price.

>This would also make an interesting device connected to Internet. In case
>of fast device people could use it either for free or pay using ecash for
>using it, and crack their SSL sessions. May be Netscape or Microsoft or
>someone else (may be even Community Connexion :) lobbying the government
>for allowing export of strong encryption could sponsor it. It should not
>be so expencive. Much more useful than amazing fish-cam or coke machine on
>Internet.

	It would make it kind of difficult to argue that 40-bit encryption
was anything near the required level, yes. Of course, I'd advise setting it
up _outside_ the US or any other country with a habit of disliking
cryptography - otherwise they'd just find some excuse or another to shut it
down. For instance, you'd probably have to set it up if it were in the US to
check where a request was from, in order to not violate some arcane ITAR rule
or another.
	-Allen