[Cryptography] On 40-bit encryption
yuhongbao_386 at hotmail.com
Sat Dec 20 20:11:19 EST 2014
Peter Trei <petertrei <at> gmail.com> writes:
> The USG response, within a few months, was to up the limit to 56 bits -
Actually, it was not that simple. They tried promoting "key escrow" etc
backdoors first, which Lotus Notes for example used. They even allowed 56-
bit encryption in 1997 provided that they promised by the end of 1998 to
support "key recovery" backdoors. Of course it failed, and they finally in
the year 1999 began allowed export of 56-bit crypto without any backdoors.
As a side note, it is interesting that the version of MS-CHAP(v2)/MPPE
which was originally thought to be 128-bit encryption turned out to be
only 56-bit encryption. I think this is partly because 56-bit encryption
was maximum exportable for only a year. The actual 40-bit and 56-bit
"exportable" versions has other attacks BTW.
More information about the cryptography