[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Silly Shrinkwrapped Encryption




Could someone poke through Lotus Notes with a debugger and see exactly how
this "giving 24 bits to the government" is implemented? 

Most commercial software simply introduces redundancy in order to limit
the keyspace to 40 bits, regardless of the advertised length of the key. 
This claim that they deliver 64 bits of key to the customer seems a bit
bogus. 

Of course, they could have done something clever, like generating a
completely random 64 bit key, and then encrypting 24 bits of it with a
giant government-owned RSA public key, and including this additional
information with each message.  However, it seems unlikely that they would
employ such strong encryption for message recovery, while offering only 64
bits for message encryption. 

Is Lotus Notes encryption documented anywhere?  Are the differences
between the export and domestic versions disclosed to overseas customers?

--
Eric Michael Cordian 0+
O:.T:.O:. Mathematical Munitions Division
"Do What Thou Wilt Shall Be The Whole Of The Law"