From: peng-chiew low <pclow@pc.jaring.my>
Date: Tue, 28 May 1996 03:25:43 +0800
To: dcsb@ai.mit.edu
Subject: Re: CyberCash just did it!
In-Reply-To: <31A8F226.33C@netconx.de>
Message-ID: <31A9E1AA.53B0@pc.jaring.my>
MIME-Version: 1.0
Content-Type: text/plain


Markus Guehrs wrote:
> Is anybody aware of the fact that CyberCashs credit card payment system
> (http://www.cybercash.com) is an almost 1:1 SET implementation. Since
> this system is now working and SET is still a draft I assume the SET
> authors got/took/copied many ideas from CyberCashs genius software
> system.

Out of curiousity I visited their site and I read the part of the security
section which I've pasted below. Is it true? After all that I've read about
the export issue and here Cybercash tells me they have got permission to
export strong crypto? Please note that I am not someone who is familiar with
the strength of crypto algo and any response to this post would be most helpful
to a newbie in this business. Thanks.

Quote from Cybercash's web page : 

http://www.cybercash.com/cybercash/wp/bankwp.html#security

 " CyberCash transactions are protected by a powerful and sophisticated
   system of encryption, combining DES private-key and RSA public-key 
   encryption technologies. In fact, CyberCash's 768-bit RSA key encryption
   capability is unique in that it is the most powerful encryption technology
   currently licensed by the United States government for export. CyberCash 
   also has been approved by the government for 1024-bit RSA key encryption,
   and will be providing that technology by the end of 1996. "