From: Bill Stewart <stewarts@ix.netcom.com>
To: trei@process.com
Message Hash: 434a12fbb2ac1fb9cf8ca8efb7089c43aa257434218acddb692db654b88e36f3
Message ID: <199509080700.AAA23137@ix3.ix.netcom.com>
Reply To: N/A
UTC Datetime: 1995-09-08 07:00:48 UTC
Raw Date: Fri, 8 Sep 95 00:00:48 PDT
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Fri, 8 Sep 95 00:00:48 PDT
To: trei@process.com
Subject: Re: Notes from NIS&T Key Escrow Export conference.
Message-ID: <199509080700.AAA23137@ix3.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain
At 11:26 AM 9/7/95 -6, Peter Trei wrote:
>"If keys are escrowed, what purpose does a 64 bit limit serve?"
A 64 bit limit serves lots of purposes, like letting the NSA crack stuff;
I suspect escrow is being used as an excuse to get big vendors to
standardize on wimpy 64-bit crypto as much as anything else.
>Secondarily, I observe that this apparently precludes the use of OTP.
Not to the devious (though the devious may not be able to get export approval)
After all, you could escrow a _lot_ of 32-bit OTPs :-)
(yeah, I know, the requirement that you identify which escrowed key is being
used makes that less than useful, unless the final standard comes out with
clear, unambiguous language which fails to cover all cases and can
therefore be abused - that's one problem with the current "ask the NSA" rule.)
#---
# Thanks; Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---
Return to September 1995
Return to “Bill Stewart <stewarts@ix.netcom.com>”
1995-09-08 (Fri, 8 Sep 95 00:00:48 PDT) - Re: Notes from NIS&T Key Escrow Export conference. - Bill Stewart <stewarts@ix.netcom.com>