From: Bill Frantz <frantz@netcom.com>
To: Eric Cordian <cypherpunks@cyberpass.net
Message Hash: 5f28f534d6108a713df31242218768cafb9519fcde3983cdae6077bb621962cf
Message ID: <v0311070eb0d8be53e6a8@[207.94.249.133]>
Reply To: <199801061930.NAA09848@wire.insync.net>
UTC Datetime: 1998-01-07 08:50:54 UTC
Raw Date: Wed, 7 Jan 1998 16:50:54 +0800
From: Bill Frantz <frantz@netcom.com>
Date: Wed, 7 Jan 1998 16:50:54 +0800
To: Eric Cordian <cypherpunks@cyberpass.net
Subject: Re: Silly Shrinkwrapped Encryption
In-Reply-To: <199801061930.NAA09848@wire.insync.net>
Message-ID: <v0311070eb0d8be53e6a8@[207.94.249.133]>
MIME-Version: 1.0
Content-Type: text/plain
At 11:49 AM -0800 1/6/98, Eric Cordian wrote:
>I managed to find a document entitled "Security in Lotus Notes and the
>Internet" on the Web.
>
>It describes the weakening procedure as follows.
>
> "No matter which version of Notes you are using, encryption uses the
> full 64-bit key size. However, the International edition takes 24 bits
> of the key and encrypts it using an RSA public key for which the US
> National Security Agency holds the matching private key. This
> encrypted portion of the key is then sent with each message as an
> additional field, the workfactor reduction field. The net result of
> this is that an illegitimate hacker has to tackle 64-bit encryption,
> which is at or beyond the practical limit for current decryption
> technology and hardware. The US government, on the other hand, only
> has to break a 40-bit key space, which is much easier (2 to the power
> of 24 times easier, to be precise)."
It seems to me that if you step on the correct part of the message, you zap
the encrypted 24 bits, and cut NSA out of the loop. Of course the receiver
could notice and refuse to decrypt, which would require some software
hacking to defeat, but that is certainly doable.
-------------------------------------------------------------------------
Bill Frantz | One party wants to control | Periwinkle -- Consulting
(408)356-8506 | what you do in the bedroom,| 16345 Englewood Ave.
frantz@netcom.com | the other in the boardroom.| Los Gatos, CA 95032, USA
Return to January 1998
Return to ““William H. Geiger III” <whgiii@invweb.net>”