From: stewarts@ix.netcom.com
To: Surya Koneru <surya@premenos.com>
Message Hash: 533bd0e4fe5959a4c583e0aec2104c88d068efe139051711088ca1777df8215d
Message ID: <199609040252.TAA11495@toad.com>
Reply To: N/A
UTC Datetime: 1996-09-04 05:27:56 UTC
Raw Date: Wed, 4 Sep 1996 13:27:56 +0800
From: stewarts@ix.netcom.com
Date: Wed, 4 Sep 1996 13:27:56 +0800
To: Surya Koneru <surya@premenos.com>
Subject: Re: rc2 export limits..
Message-ID: <199609040252.TAA11495@toad.com>
MIME-Version: 1.0
Content-Type: text/plain
At 10:33 AM 9/3/96 -0700, you wrote:
>Hi, Does anyone know the export limit for RC2 Key size ?
As with any other crypto system, the rule is "you need to
get the NSA's permission, which they'll give if they feel like",
rather than any well-defined rule you can depend on.
However, the usual guidelines for systems like RC2 and RC4 is
40-bit keys, and RSA keys up to 512 bits for encrypting
session keys and 1024 bits for signatures, plus you have to
structure the code so people can't easily modify it or
use it to triple-encrypt in ways that make the triple-encrypted
version stronger than 40 bits.
Also, if you're using Real RC2, you may need permission from
RSA Data Systems, Inc.. If you're just using the algorithm that
came out on the net that looks suspiciously like RC2, you may or may not.
# Thanks; Bill
# Bill Stewart, +1-415-442-2215 stewarts@ix.netcom.com
# <A HREF="http://idiom.com/~wcs">
# You can get PGP software outside the US at ftp.ox.ac.uk/pub/crypto
Return to September 1996
Return to “stewarts@ix.netcom.com”
1996-09-04 (Wed, 4 Sep 1996 13:27:56 +0800) - Re: rc2 export limits.. - stewarts@ix.netcom.com