1998-01-06 - Silly Shrinkwrapped Encryption

Header Data

From: Eric Cordian <emc@wire.insync.net>
To: cypherpunks@cyberpass.net
Message Hash: d8c5dacf329bf34b7744fb608d690318e3d87a1fac35029663347f4f18e4328a
Message ID: <199801061930.NAA09848@wire.insync.net>
Reply To: N/A
UTC Datetime: 1998-01-06 19:35:58 UTC
Raw Date: Wed, 7 Jan 1998 03:35:58 +0800

Raw message

From: Eric Cordian <emc@wire.insync.net>
Date: Wed, 7 Jan 1998 03:35:58 +0800
To: cypherpunks@cyberpass.net
Subject: Silly Shrinkwrapped Encryption
Message-ID: <199801061930.NAA09848@wire.insync.net>
MIME-Version: 1.0
Content-Type: text/plain



Could someone poke through Lotus Notes with a debugger and see exactly how
this "giving 24 bits to the government" is implemented? 

Most commercial software simply introduces redundancy in order to limit
the keyspace to 40 bits, regardless of the advertised length of the key. 
This claim that they deliver 64 bits of key to the customer seems a bit
bogus. 

Of course, they could have done something clever, like generating a
completely random 64 bit key, and then encrypting 24 bits of it with a
giant government-owned RSA public key, and including this additional
information with each message.  However, it seems unlikely that they would
employ such strong encryption for message recovery, while offering only 64
bits for message encryption. 

Is Lotus Notes encryption documented anywhere?  Are the differences
between the export and domestic versions disclosed to overseas customers?

--
Eric Michael Cordian 0+
O:.T:.O:. Mathematical Munitions Division
"Do What Thou Wilt Shall Be The Whole Of The Law"

Thread

• Return to January 1998

• Return to “Adam Back <aba@dcs.ex.ac.uk>”
• Return to “Bill Frantz <frantz@netcom.com>”
• Return to “Eric Cordian <emc@wire.insync.net>”
• Return to “Ian Sparkes <isparkes@q9f47.dmst02.telekom.de>”
• Return to “Lucky Green <shamrock@cypherpunks.to>”
• Return to “Tim May <tcmay@got.net>”

• Return to ““William H. Geiger III” <whgiii@invweb.net>”

• 1998-01-06 (Wed, 7 Jan 1998 03:35:58 +0800) - Silly Shrinkwrapped Encryption - Eric Cordian <emc@wire.insync.net>
  • 1998-01-06 (Wed, 7 Jan 1998 03:53:41 +0800) - Re: Silly Shrinkwrapped Encryption - Eric Cordian <emc@wire.insync.net>
  • 1998-01-06 (Wed, 7 Jan 1998 04:50:48 +0800) - Ray Ozzie and the Lotus Notes “40 + 24” GAK Hack - Tim May <tcmay@got.net>
  • 1998-01-07 (Wed, 7 Jan 1998 16:50:54 +0800) - Re: Silly Shrinkwrapped Encryption - Bill Frantz <frantz@netcom.com>
    • 1998-01-07 (Wed, 7 Jan 1998 23:22:28 +0800) - Re: Silly Shrinkwrapped Encryption - Eric Cordian <emc@wire.insync.net>
    • 1998-01-07 (Thu, 8 Jan 1998 02:44:53 +0800) - Re: Silly Shrinkwrapped Encryption - “William H. Geiger III” <whgiii@invweb.net>
    • 1998-01-08 (Thu, 8 Jan 1998 08:37:42 +0800) - Re: Silly Shrinkwrapped Encryption - Adam Back <aba@dcs.ex.ac.uk>
    • 1998-01-08 (Thu, 8 Jan 1998 14:03:03 +0800) - Re: Silly Shrinkwrapped Encryption - Bill Frantz <frantz@netcom.com>
      • 1998-01-09 (Fri, 9 Jan 1998 08:28:43 +0800) - Re: Silly Shrinkwrapped Encryption - Lucky Green <shamrock@cypherpunks.to>
      • 1998-01-09 (Fri, 9 Jan 1998 17:56:08 +0800) - Re: Silly Shrinkwrapped Encryption - Ian Sparkes <isparkes@q9f47.dmst02.telekom.de>