[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Thoughts on 15 day CJ crypto

To: [email protected]
Subject: Re: Thoughts on 15 day CJ crypto
From: [email protected] (Eric Hughes)
Date: Sat, 17 Dec 1994 15:40:32 -0800
In-Reply-To: <[email protected]> (message from Hal on Sat, 17 Dec 1994 12:58:21 -0800)
Sender: [email protected]

   From: Hal <[email protected]>

   Maybe it would be wise when using limited-length
   session keys to use larger encryption exponents just to confound an
   exhaustive search of the session key space.  

It would, but remember that you're generally going to be generating
those keys with the application that will be using them eventually.
One could write a spoofer, perhaps, to generate you're own keys, but
most people won't be using it.

   I think it is surprising
   if there is no limitation on encryption exponent size for these
   exportable key systems, assuming that is the strategy the government is
   using.

Consider the position from the viewpoint of the NSA.  Suppose that the
hypothesis is correct, and session keys encrypted with short exponents
are used to verify candidates.  You haven't told anybody this is the
reason for the particulars of the restrictions.

So, do you, the NSA, write the restriction into the regulation?  Or do
you rely on the fact that the developer will optimize public keys for
speed?

The first strategy reveals tactics.  The second carries some risk.

Eric

References:
- Re: Thoughts on 15 day CJ crypto
  - From: Hal <[email protected]>

Prev by Date: Re: Time to exhaustively break 40-bit RC4?
Next by Date: Re: "Any of the mailers that you can use on a shell are oxen"
Prev by thread: Re: Thoughts on 15 day CJ crypto
Next by thread: Re: Thoughts on 15 day CJ crypto
Index(es):
- Date
- Thread