[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

No Subject



Jonathon Fletcher writes:
>   Can anyone tell me anything about a product called "Entrust", by Nortel
> (Northern Telecom). The notes talk about the software using DES ("which
> employs a 56-bit key") so I guess it's single DES, not triple DES. It also
> mentions a proprietary algorithm called CAST. 
> 
>   Is this worthy of further investigation, or is it suspect ? What is 
> CAST, and would it be classed as snake oil ?

I asked one of the NorTel sales reps. about this at the RSA conference. As
I recall, CAST is an espionage-enabled version of DES -- i.e. 16 of the key
bits are sent in the clear, or have a fixed value, or something along those
lines. The guy I spoke to didn't know the technical details.

Of course, maybe we should consider 56-bit DES espionage-enabled at this 
point too ! 

>   Please cc to me in mail

(done)

-Lewis