Lucky Green wrote:
At 11:09 1/30/96, Charlie_Kaufman/Iris.IRIS@iris.com wrote:
p.s. re: the fact that it's 64 bits rather than 128. That was the limit on
key
size of the crypto software we licensed from a third party. That crypto software also limited us to 760 bit RSA keys.
I find this very interesting. RSA prohibits its licencees from using RSA software with truly secure keylenghts. What may have incenitvised them to take this bizzare position?
The problem is not with the license, but with the software. And not with the latest software, but with some antique software we started using a long time ago (before RSAREF was a twinkle in anyone's eye) when 760 bit RSA keys and 64 bit RC2/RC4 keys seemed impenetrable. Given that interoperability with the installed base is a higher priority than resistance to some theoretical attack, we can't increase key sizes until the market rolls over to the latest software. We do have plans to get there. --Charlie Kaufman (charlie_kaufman@iris.com) PGP fingerprint: 29 6F 4B E2 56 FF 36 2F AB 49 DF DF B9 4C BE E1
participants (1)
-
Charlie_Kaufman/Iris.IRIS@iris.com