From: owner-cypherpunks@toad.com
Date: Sat, 2 Mar 1996 06:32:19 +0800
Subject: No Subject
Message-ID: <QQaffd09642.199603012219@relay3.UU.NET>
MIME-Version: 1.0
Content-Type: text/plain


Jonathon Fletcher writes:
>   Can anyone tell me anything about a product called "Entrust", by Nortel
> (Northern Telecom). The notes talk about the software using DES ("which
> employs a 56-bit key") so I guess it's single DES, not triple DES. It also
> mentions a proprietary algorithm called CAST. 
> 
>   Is this worthy of further investigation, or is it suspect ? What is 
> CAST, and would it be classed as snake oil ?

I asked one of the NorTel sales reps. about this at the RSA conference. As
I recall, CAST is an espionage-enabled version of DES -- i.e. 16 of the key
bits are sent in the clear, or have a fixed value, or something along those
lines. The guy I spoke to didn't know the technical details.

Of course, maybe we should consider 56-bit DES espionage-enabled at this 
point too ! 

>   Please cc to me in mail

(done)

-Lewis