[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Keyed-MD5, ITAR, and HTTP-NG
To summarise: the consensus is that using keyed-MD5 for authentication is
ok under ITAR, but using it for confidentiality is out.
The reason I wanted to check is that I'm solidifying some of security
paramaters for HTTP-NG so we can add them to the test implementation
before the Dallas IETF. In addition to the slight problem of having half
the development team on the other side of the Atlantic, I want to make at
least a subset of the security schemes mandatory, and that means making
the core stuff exportable.
At the moment, I'm thinking of making the mandatory schemes be Keyed MD5
for authentication, and weakened RC4 with an IV for confidentiality, with
the added stipulation being that the user must be informed when key
weakening is being used. I may swap RC4 for DES; they're both public
domain, but RC4 is simpler. They're both shared key, but I don't make PK
The other pre-defined schemes I'm planning on getting at least speced are
3-DES and IDEA for confidetiality, SHA for hashing, and RSA & DH for
key exchange, signatures, and authentication. Certificate format is
currently X.509- PGP format will go in ASAP.
(defun modexpt (x y n) "computes (x^y) mod n"
(cond ((= y 0) 1) ((= y 1) (mod x n))
((evenp y) (mod (expt (modexpt x (/ y 2) n) 2) n))
(t (mod (* x (modexpt x (1- y) n)) n))))