Columbia crypto box

Trei, Peter ptrei at rsasecurity.com
Tue Feb 11 11:21:17 EST 2003


> Steven M. Bellovin[SMTP:smb at research.att.com] wrote:
> 
> 
> In message
> <F504A8CEE925D411AF4A00508B8BE90A04D4A5D7 at exna07.securitydynamics.co
> m>, "Trei, Peter" writes:
> 
> >> 
> >If I recall correctly (dee3: Can you help?) WEP is actually derived
> >from the encryption system used in the Apple Mobile Messaging 
> >System, a PCMCIA paging card made for the Newton in the mid-90s.
> >This used 40 bit RC4.
> >
> >Though only a few years have passed, it's difficult to remember now
> >what an encumberance the ITAR export regulations were. Essentially,
> >there was a (very short) list of ciphers and modes you could export.
> >40-bit RC4 was relatively easy to export. Anything better,or anything
> >which had not been already approved by the NSA, faced a bureaucratic
> >nightmare and huge delays if it was approved at all.
> >
> 
> The 40-bit issue is orthogonal to the other problems with WEP.  Look at 
> IBM's Commercial Data Masking Facility (CDMF), a way to degrade the 
> strength of DES from 56 bits to 40 bits, while still ensuring that 
> they didn't enable any less-expensive attack.
> 
> 		--Steve Bellovin, http://www.research.att.com/~smb (me)
> 		http://www.wilyhacker.com (2nd edition of "Firewalls" book)
> 
I totally agree that WEP has/had problems well beyond the export issue,
but that's not my point. A product which cannot be exported will not be 
developed, generally speaking.

I quote from AC2 (Schneier), page 615 (which was published in 1996):

"The State Department does not approve of the export of products with 
strong encryption, even those using DES. [...] The Software Publishers
Association (SPA) has been negotiating with the government to ease
export license restrictions. A 1992 agreement between them and the
State Department eased the export license rules for two algorithms,
RC2 and RC4, as long as the key size is 40 bits or less."

So, it doesn't matter how espionage-enabled CDMF was, if you 
wanted to export crypto for general use, you were stuck with 
RC2 or RC4. This situation eased slightly (to 56 bits) around 
1997, but did not reach today's conditions until 2000.  The 
AMMS system cited above dates to 1995.

(It feels weird to be citing Schneier as a historical document).

Peter Trei








---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com



More information about the cryptography mailing list