17 Dec
2003
17 Dec
'03
11:17 p.m.
On Wed Mar 27, 1996, Perry E. Metzger wrote: Adam Shostack writes: > | Adam Shostack writes: > | > Well, if Leahy passes, DCE is exportable. DCE is exported today, although without the ability to encrypt application traffic. Authentication and message integrity are in the export version. They are attacks against Diffie-Hellman. I don't know if DCE uses D-H in a similar manner. The main problem was too small a (fixed) modulus. DCE RPC uses Kerberos V5 to establish DES session keys. Dave