[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Infosecurity News blurb on Notes



>From the March/April 1996 issue.

Lotus accepts escrow
      
In a compromise to obtain export permission, Lotus Development Copr. has 
agreed to escrow 24 bits of the 64-bit encryption keys used in the new 
release of Lotus Notes.  The U.S. government allows export of unescrowed 
40-bit key strings.

Under the Lotus plan, U.S. agents will be able to access the escrowed 
portion of the key but would still have to decrypt the rest to obtain a 
clear-text message.  Althought the NSA has not said it can decrypt 
40-bit DES encryption, many postuylate that it can.

[end excerpt]

Postulate??? And I thought Notes used RC4?  Pretty bad for a security 
journal.
      

      Weld Pond   -  [email protected]   -   http://www.l0pht.com/~weld
      L  0  p  h  t    H  e  a  v  y    I  n  d  u  s  t  r  i  e  s          
      Technical archives for the people  -  Bio/Electro/Crypto/Radio