[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Lotus Notes



Lucky Green wrote:
> 
> At 11:09 1/30/96, Charlie_Kaufman/[email protected] wrote:
> 
> >p.s. re: the fact that it's 64 bits rather than 128. That was the limit on 
key
> >size of the crypto software we licensed from a third party. That crypto
> >software also limited us to 760 bit RSA keys.
> 
> I find this very interesting. RSA prohibits its licencees from using RSA
> software with truly secure keylenghts. What may have incenitvised them to
> take this bizzare position?

The problem is not with the license, but with the software. And not with the 
latest software, but with some antique software we started using a long time 
ago (before RSAREF was a twinkle in anyone's eye) when 760 bit RSA keys and 64 
bit RC2/RC4 keys seemed impenetrable. Given that interoperability with the 
installed base is a higher priority than resistance to some theoretical attack, 
we can't increase key sizes until the market rolls over to the latest software. 
We do have plans to get there.

  --Charlie Kaufman
  ([email protected])
  PGP fingerprint: 29 6F 4B E2 56 FF 36 2F   AB 49 DF DF B9 4C BE E1