On Mon, 3 Feb 1997, tmcghan@gill-simpson.com wrote:
Just days after a U.S. graduate student cracked the most powerful computer encryption system allowed out of the country, the Commerce Department announced it would allow three companies to export an even stronger system.
[snip]
Companies said products with just 40-bit long keys, the old limit, were too easy to crack. The approvals came just days after Ian Goldberg, a graduate student at the University of California, cracked a message encoded with a software key 40-bits long.
The government did not name the companies given permission to export stronger, 56-bit programs, but Glenwood, Md.,-based Trusted Information Systems acknowledged that it was one of the three.
Why does it not surprise me that TIS gets permission to export 56-bit (DES?) ? They do key recovery (is it GAK?) They brag about government consulting. The clients they will admit to having are listed on: http://www.tis.com/docs/products/consulting/govt/govcon.html and, purely unsubstantiated rumors here, but I've heard (seen) TIS, NSA, FBI and other "friends" of ours all together in the same paragraph. Conspiracy? Maybe... This is both good and bad.... yes, longer codes are now exportable, but only to / by certain people? I notice that the new cipher length is 56 bit...same size as DES? hopefully that's just a coincidence (yeah, right) or maybe somebody's starting to see the real world where people download pirate cryptosystems and says "so let's export bigger ones and make a buck off it, too..." (yeah, right) PLUR chris -- Chris Kuethe <ckuethe@gpu.srv.ualberta.ca> LPGV Electronics and Controls <c100305@wolfcreek.cs.ualberta.ca> http://www.ualberta.ca/~ckuethe/ RSA in 2 lines of PERL lives at http://www.dcs.ex.ac.uk/~aba/rsa/ print pack"C*",split/\D+/,`echo "16iII*o\U@{$/=$z;[(pop,pop,unpack"H*",<> )]}\EsMsKsN0[lN*1lK[d2%Sa2/d0<X+d*lMLa^*lN%0]dsXx++lMlN/dsM0<J]dsJxp"|dc`