1995-11-11 - Re: Lotus Notes RSA Implementation Question

Header Data

From: Bill Stewart <stewarts@ix.netcom.com>
To: cypherpunks@toad.com
Message Hash: f6e8139a341bb148fd888fecd95a6e9b6eb83168eecc0931184167734c81d500
Message ID: <199511110908.BAA16275@ix12.ix.netcom.com>
Reply To: N/A
UTC Datetime: 1995-11-11 09:07:22 UTC
Raw Date: Sat, 11 Nov 95 01:07:22 PST

Raw message

From: Bill Stewart <stewarts@ix.netcom.com>
Date: Sat, 11 Nov 95 01:07:22 PST
To: cypherpunks@toad.com
Subject: Re: Lotus Notes RSA Implementation Question
Message-ID: <199511110908.BAA16275@ix12.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 06:13 AM 11/11/95 GMT, bglassle@kaiwan.com wrote:
>>Notes V3 (the one currently deployed) uses 512 bit RSA keys in both the USA
>>and exportable versions. Notes V4 (currently in Beta) uses 512 bit RSA
keys for
>>encryption in the exportable version and bigger keys for signatures in all
>>versions and for encryption in the USA version.
>
>I would assume since they are using a key size >40 bit, it is used for
>authentication only, not for data encrytion, that would skirt the ITAR
>regs.  If fact according to the docs, there is no data encryption when
>connecting to an international version server, regardless of the
>client version.

RSA keys get to have more bits than symmetric-key encryption, because they're
easier to crack and you typically use them for different things.
The permitted length seems to usually be 512 bits for RSA and 40 bits for
decent-quality symmetric cyphers (as opposed to easy-to-crack proprietary
cyphers, which may be longer if they're wimpy and the NSA's in a good mood.)
Your mileage may vary, of course. 

>My understanding was that the problems exposed with RC4 that you
>mentioned, were with the particular implemenation by Netscape.  

There were two different problems found.  The first was a straightforward
brute-force crack on 40-bit RC4 (RC4 lets you choose key length...)
While it did have known plaintext near the beginning of the message,
having it _anywhere_ makes it crackable, with a bit more work.
The second problem was a Netscape-specific use of low-quality random
numbers to pick the RC4 keys.  But the first crack was the real thing.
#--
#				Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0663 Pager/Voicemail 1-408-787-1281







Thread