[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Verifying RC4

To: cypherpunks
Subject: Verifying RC4
From: gnu
Date: Sat, 19 Nov 94 03:04:09 -0800
In-Reply-To: <[email protected]>
Sender: [email protected]

> "RC4" as used herein, is used to identify an apparently reverse-engineered
> algorithm recently posted to sci.crypt that claimed it was compatible with
> the RC4 sold by RSA Data Security, Inc. (RSADSI) and/or Public Key Partners
> (PKP).  Although the reaction of RSADSI and the press indicates that the two
> algorithms are the same, I could have missed something.

I suggest that someone apply for expedited export permission for some
small piece of software that uses the "apparent reverse-engineered
RC4".  Tell them that you want to export crypto software containing
RC4 on the 7-day plan.  The State Department will send you a set of
test-vectors which you can use to prove that you're really using the
real RC4.  If you pass, and are given export permission, then I guess
the rev-eng version is the real thing.  Be sure your keys are 40 bits
or less (only for purposes of the test export; I don't recommend short
keys for any other purpose).

Full bureaucratic details are at ftp://ftp.cygnus.com/pub/export/cjr.kit.
Search for "test vector".  This info is also reachable from my Web
page on crypto export, http://www.cygnus.com/~gnu/export.html.

Please email me a full copy of any CJ that you submit, so I can add it
to the Web page (along with the eventual response from the gov't).

	John Gilmore

Prev by Date: Re: I Like ASCII, not MIME and Other Fancy Crap
Next by Date: Re: I Like ASCII, not MIME and Other Fancy Crap
Prev by thread: Foreign Transactions & The Pistol Whip Test
Next by thread: Re: pointers to IETF drafts
Index(es):
- Date
- Thread