[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Silly Shrinkwrapped Encryption
To follow up my prior message...
I managed to find a document entitled "Security in Lotus Notes and the
Internet" on the Web.
It describes the weakening procedure as follows.
"No matter which version of Notes you are using, encryption uses the
full 64-bit key size. However, the International edition takes 24 bits
of the key and encrypts it using an RSA public key for which the US
National Security Agency holds the matching private key. This
encrypted portion of the key is then sent with each message as an
additional field, the workfactor reduction field. The net result of
this is that an illegitimate hacker has to tackle 64-bit encryption,
which is at or beyond the practical limit for current decryption
technology and hardware. The US government, on the other hand, only
has to break a 40-bit key space, which is much easier (2 to the power
of 24 times easier, to be precise)."
Would anyone care to extract the modulus and exponent for the NSA's
Lotus Notes helper key and post it to this newsgroup?
--
Eric Michael Cordian 0+
O:.T:.O:. Mathematical Munitions Division
"Do What Thou Wilt Shall Be The Whole Of The Law"