More on fortifying Lotus Notes
David Parkinson
dparkins at alien.bt.co.uk
Mon, 07 Jun 1999 08:41:05 +0100
At 16:50 06/06/99 +0100, Ben Laurie wrote:
>That's a general requirement for export. Until recently, that is. 1024
>bit keys are now permitted. As are 56 bit symmetric keys.
According to my print out of the Dual-Use List, category 5, Part 2:
[...controlled items include...]
A "symmetric algorithm" employing a key length in excess of 56-bits;
An "Asymmetric algorithm" where the security of the algorithm is based
on.....Factorisation of Integers in excess of 512 bits (eg RSA).
i.e. 56-bit symmetric ok, 1024 RSA still a no-no.
However if we look at Note 3 (The Cryptography Note), we find there is
no mention of "asymmetric algorithms", just symmetric.
Could be read as "mass-market" products (such as Lotus Notes(?), Netscape,
IE5, Exchange) can employ 64-bit symmetric keys with RSA >512 bits?
David