[103112] in Cypherpunks
Re: Questions for Magaziner?
daemon@ATHENA.MIT.EDU (Steve Mynott)
Sun Sep 20 11:02:44 1998
Date: Sun, 20 Sep 1998 15:42:27 +0100
From: Steve Mynott <stevem@tightrope.demon.co.uk>
To: Tom Weinstein <tomw@netscape.com>,
"Arnold G. Reinhold" <reinhold@world.std.com>
Cc: Robert Hettinga <rah@shipwright.com>, cypherpunks@cyberpass.net,
cryptography@c2.net, dcsb@ai.mit.edu
In-Reply-To: <36041E82.F4F072ED@netscape.com>; from Tom Weinstein on Sat, Sep 19, 1998 at 02:13:39PM -0700
Reply-To: Steve Mynott <stevem@tightrope.demon.co.uk>
On Sat, Sep 19, 1998 at 02:13:39PM -0700, Tom Weinstein wrote:
> > Arnold G. Reinhold wrote:
> >
> > One question I'd like asked is whether the US Gov will approve 56-bit RC-4
> > for export on the same terms as 56-bit DES. That would allow export
> > versions of web browsers to be upgraded painlessly, making international
> > e-commerce 64 thousand times more secure than existing 40-bit browsers.
> > (56-bit DES browsers would require every merchant to upgrade their SSL
> > servers and introduce a lot of unneeded complexity.)
>
> Actually, it wouldn't be any easier to deploy 56-bit RC4 than DES. Either
> would require roughly the same changes to both clients and servers.
Not easier technically but "easier" maybe politically.
Key length seems to be held (probably wrongly) as a rough measure
of crypto "strength" by journos and those in power.
40bit RC4 is weak. How strong would 56bit RC4 be?
--
pgp 1024/D9C69DF9 1997/10/14 steve mynott <steve@tightrope.demon.co.uk>
