[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: GAK cracking?



On Mon, 3 Feb 1997, [email protected] wrote:

> Just days after a U.S. graduate student cracked the most powerful
> computer encryption system allowed out of the country, the Commerce
> Department announced it would allow three companies to export an
> even stronger system. 

[snip]

> Companies said products with just 40-bit long keys, the old limit, 
> were too easy to crack. The approvals came just days after Ian Goldberg, a 
> graduate student at the University of California, cracked a message 
> encoded with a software key 40-bits long. 
> 
> The government did not name the companies given permission to export 
> stronger, 56-bit programs, but Glenwood, Md.,-based Trusted 
> Information Systems acknowledged that it was one of the three. 

Why does it not surprise me that TIS gets permission to export 56-bit (DES?) ?
They do key recovery (is it GAK?) They brag about government consulting. The
clients they will admit to having are listed on:
http://www.tis.com/docs/products/consulting/govt/govcon.html
and, purely unsubstantiated rumors here, but I've heard (seen) TIS, NSA, FBI 
and other  "friends" of ours all together in the same paragraph. Conspiracy?
Maybe... This is both good and bad.... yes, longer codes are now exportable,
but only to / by certain people?

I notice that the new cipher length is 56 bit...same size as DES? hopefully
that's just a coincidence (yeah, right) or maybe somebody's starting to see
the real world where people download pirate cryptosystems and says "so let's
export bigger ones and make a buck off it, too..." (yeah, right)


PLUR
chris
--
Chris Kuethe <[email protected]> LPGV Electronics and Controls
        <[email protected]> http://www.ualberta.ca/~ckuethe/
RSA in 2 lines of PERL lives at http://www.dcs.ex.ac.uk/~aba/rsa/          
print pack"C*",split/\D+/,`echo "16iII*o\U@{$/=$z;[(pop,pop,unpack"H*",<>   
)]}\EsMsKsN0[lN*1lK[d2%Sa2/d0<X+d*lMLa^*lN%0]dsXx++lMlN/dsM0<J]dsJxp"|dc`