From: “Deranged Mutant” <WlkngOwl@unix.asb.com>
To: frantz@netcom.com (Bill Frantz)
Message Hash: 7096e7b73e6a8359a6ac5ef898a687f9bf3e49d52f3487591fd96fbe571a7d59
Message ID: <199607310938.FAA19959@unix.asb.com>
Reply To: N/A
UTC Datetime: 1996-07-31 12:39:16 UTC
Raw Date: Wed, 31 Jul 1996 20:39:16 +0800
From: "Deranged Mutant" <WlkngOwl@unix.asb.com>
Date: Wed, 31 Jul 1996 20:39:16 +0800
To: frantz@netcom.com (Bill Frantz)
Subject: Re: Paranoid Musings
Message-ID: <199607310938.FAA19959@unix.asb.com>
MIME-Version: 1.0
Content-Type: text/plain
On 30 Jul 96 at 11:13, Bill Frantz wrote:
[..]
> (1) Now everyone knows that 40 bit RC4 is weak, but just how weak is it?
Differentiate between the cipher and the key-initialization. There
may be a flaw in how the key is set up that can make brute-force
searches easier. Known plaintext of a few headers may also help in
guessing the s-box state, even if partially: combined with flaws in
the key, this could be exploited, especially if one has a lot of
experience and computing power handy.
[..]
> (2) What did Microsoft give up to export its crypto API?
>
> Well, if you were a TLA, what would you want. I think I would want an
> agreement to be able to insert my own code in that vendor's products. Then
> I would be able to have widely distributed Trojan horses signed by the
> vendor. I would have the opportunity to significantly weaken standardized
> crypto systems installed world wide.
Risky. Code can always be reverse engineered. If a flaw is
exploited in too-strong an algorithm (3DES and 4k-bit RSA keys, for
instance) to prosecute various people, somebody might notice. If US
companies seem to magically have proprietary info from foreign
companies, this would also be a sign of suspicion. I think the
C[r]API will be used as a form of mandating GAK instead.
Rob
>
>
> Conspiracy theorists, start your mailers.
>
>
> -------------------------------------------------------------------------
> Bill Frantz | Cave ab homine unius lebri | Periwinkle -- Consulting
> (408)356-8506 | [Beware the man of one | 16345 Englewood Ave.
> frantz@netcom.com | book] - Anonymous Latin | Los Gatos, CA 95032, USA
>
>
>
>
---
No-frills sig.
Befriend my mail filter by sending a message with the subject "send help"
Key-ID: 5D3F2E99 1996/04/22 wlkngowl@unix.asb.com (root@magneto)
AB1F4831 1993/05/10 Deranged Mutant <wlkngowl@unix.asb.com>
Send a message with the subject "send pgp-key" for a copy of my key.
Return to July 1996
Return to ““Deranged Mutant” <WlkngOwl@unix.asb.com>”
1996-07-31 (Wed, 31 Jul 1996 20:39:16 +0800) - Re: Paranoid Musings - “Deranged Mutant” <WlkngOwl@unix.asb.com>