[Cryptography] On 40-bit encryption

Yuhong Bao yuhongbao_386 at hotmail.com
Sat Dec 20 20:11:19 EST 2014

Peter Trei <petertrei <at> gmail.com> writes:
> The USG response, within a few months, was to up the limit to 56 bits - 
single DES.
Actually, it was not that simple. They tried promoting "key escrow" etc 
backdoors first, which Lotus Notes for example used. They even allowed 56-
bit encryption in 1997 provided that they promised by the end of 1998 to 
support "key recovery" backdoors. Of course it failed, and they finally in 
the year 1999 began allowed export of 56-bit crypto without any backdoors.

As a side note, it is interesting that the version of MS-CHAP(v2)/MPPE 
which was originally thought to be 128-bit encryption turned out to be 
only 56-bit encryption. I think this is partly because 56-bit encryption 
was maximum exportable for only a year. The actual 40-bit and 56-bit 
"exportable" versions has other attacks BTW.

More information about the cryptography mailing list