Silly Shrinkwrapped Encryption
Eric Cordian
emc at wire.insync.net
Tue Jan 6 11:53:41 PST 1998
To follow up my prior message...
I managed to find a document entitled "Security in Lotus Notes and the
Internet" on the Web.
It describes the weakening procedure as follows.
"No matter which version of Notes you are using, encryption uses the
full 64-bit key size. However, the International edition takes 24 bits
of the key and encrypts it using an RSA public key for which the US
National Security Agency holds the matching private key. This
encrypted portion of the key is then sent with each message as an
additional field, the workfactor reduction field. The net result of
this is that an illegitimate hacker has to tackle 64-bit encryption,
which is at or beyond the practical limit for current decryption
technology and hardware. The US government, on the other hand, only
has to break a 40-bit key space, which is much easier (2 to the power
of 24 times easier, to be precise)."
Would anyone care to extract the modulus and exponent for the NSA's
Lotus Notes helper key and post it to this newsgroup?
--
Eric Michael Cordian 0+
O:.T:.O:. Mathematical Munitions Division
"Do What Thou Wilt Shall Be The Whole Of The Law"
More information about the cypherpunks-legacy
mailing list