From: Bruce Schneier <schneier@counterpane.com>
Date: Tue, 6 Jan 1998 11:04:29 +0800
To: cypherpunks@cyberpass.net
Subject: Re: Comparing PGP to Symantec's Secret Stuff
In-Reply-To: <v03007800b0bc0c9a7689@[198.115.179.81]>
Message-ID: <199801060259.UAA26681@mixer.visi.com>
MIME-Version: 1.0
Content-Type: text/plain



At 08:56 PM 12/16/97 -0800, Bill Frantz wrote:
>At 3:01 AM -0800 12/16/97, Vin McLellan wrote:
>>   Norton Secret Stuff secures the data using the 32-bit Blowfish
>>encryption algorithm -- which is why it's approved for unrestricted export
>>outside the US by the U.S. government.
>
>This is the first I've heard of a Blowfish based produce being approved for
>export.  Since Blowfish has about 9 bits worth of protection against brute
>force searches in its key schedule, this is about a 41 bit approval.  Does
>anyone know of an export permit for a version of Blowfish with a key longer
>than 32 bits?

Blowfish with a 32-bit key has been approved for export before.  The 
argument is that the long key setup time makes 32-bit Blowfish as weak
as 40-bit anything else.  I don't particularly agree, but there you have it.

Bruce
**********************************************************************
Bruce Schneier, President, Counterpane Systems     Phone: 612-823-1098
101 E Minnehaha Parkway, Minneapolis,MN  55419       Fax: 612-823-1590
                                            http://www.counterpane.com