1996-06-04 - Re: CWD: “Jacking in from the “One that Got Away” Port

Header Data

From: Gary Howland <gary@systemics.com>
To: Declan McCullagh <declan@well.com>
Message Hash: 7f6a368075709e7c53b01376fcc3c7cc2d21ad4a23ec6acb5096f61382a2e083
Message ID: <31B3F920.31DFF4F5@systemics.com>
Reply To: <v01510105add95b2fda0a@[204.62.128.229]>
UTC Datetime: 1996-06-04 12:57:22 UTC
Raw Date: Tue, 4 Jun 1996 20:57:22 +0800

Raw message

From: Gary Howland <gary@systemics.com>
Date: Tue, 4 Jun 1996 20:57:22 +0800
To: Declan McCullagh <declan@well.com>
Subject: Re: CWD: "Jacking in from the "One that Got Away" Port
In-Reply-To: <v01510105add95b2fda0a@[204.62.128.229]>
Message-ID: <31B3F920.31DFF4F5@systemics.com>
MIME-Version: 1.0
Content-Type: text/plain


> Current U.S. laws prohibit the
>   export of any encryption device with a key length longer than 40-bits,
>   or roughly the equivalent of  Captain Crunch decoder ring. For hardcore
>   math types, I'm told that a 1024-bit key length is 10 to the 296th
>   power more difficult to break than 40 bits.

No comment.

 
>   Bizdos seems to have found crypto's magic bullet;  a legit way to
>   essentially give the finger to U.S. export laws for crypto product.

Really?


>   In fact, it's a crime even to put a program like PGP on your laptop and
>   go overseas.   The State Department calls that "exporting."

Golly day!


>   After setting up his Japanese unit, he hired a crack team
>   of Japanese crypto experts who essentially "reverse engineered" the
>   company's own U.S. crypto product, according to Kurt Stammberger, RSA
>   director of technology marketing.

Hot dang!


>   It was a brilliant move.   Bizdos
>   can't be slammed by the State Department for violating crypto export
>   laws because, well, he didn't export a damn thing, except some U.S.
>   greenbacks, which of course, could have gone to U.S. cryptographers,
>   but let's not quibble about jobs.
 
>   Anyone want to kick around the subject of global competitiveness?
>
>   What's happened here is the Japanese have now trumped the entire world
>   on the crypto market.   What's more, Clinton's brain-dead allegiance to
>   the FBI, et al., has now allowed the Japanese government, which still
>   owns a large share of NTT, which owns a minority share of RSA's
>   Japanese subsidiary, to have a lock on the world's strongest encryption
>   technology.   Can you say "Remember the VCR"  or "Remember the
>   Semiconductor" or how about "Thanks, Bill.  We're fucked."

Yes, the guvmint is really stupid, huh?


Remind me not to subscribe to cyberwire ...


Serious point - what are the chances that the key generator has been
tampered with? (assuming the generation is done within the chipset).


Gary
--
pub  1024/C001D00D 1996/01/22  Gary Howland <gary@systemics.com>
Key fingerprint =  0C FB 60 61 4D 3B 24 7D  1C 89 1D BE 1F EE 09 06





Thread