From: Bill Sommerfeld <sommerfeld@orchard.medford.ma.us>
Date: Tue, 24 Oct 95 19:48:20 PDT
To: "baldwin" (Robert W. Baldwin) <baldwin@rsa.com>
Subject: Re: 80 bit security from 40 bit exportable products
In-Reply-To: <9509248145.AA814557096@snail.rsa.com>
Message-ID: <199510250243.CAA00966@orchard.medford.ma.us>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

> For example, a web client might fetch an S-HTTP page over an SSL
> protected link via a firewall that supports IPsec tunnels.  That's
> three 40 bit keys protecting the data over the internet link (of
> course, this may not be equivalent to a 120 bit cipher, that depends
> on the details of the cipher systems and independence of the key
> setups).

C'mon Bob.. how long has it been since you picked a lock? :-)

Given the likely presence of known or verifiable plaintext at each
nesting level, a three-deep nesting of 40-bit ciphers like this
probably increases the strength to about, ohh, a 42 bit cipher.

						- Bill


-----BEGIN PGP SIGNATURE-----
Version: 2.6.1

iQCVAwUBMI2kGrT+rHlVUGpxAQEKzwP+N7TlofhbYgHXycj7KCdpLhXFzZpnqlCB
ce/3ng9e4zN9G+lX/zpEeH/muhVkKFOwpaadYBKrn7Mu63dT0guCFNlApo9AMagU
xcLHex5AsKM3tWCayiTN5TP14bxEx2jSR54jSJIKsfulkpYRK0LYGj/fc5mSH8iP
r9qXBCrp7xA=
=QtVF
-----END PGP SIGNATURE-----