So as a follow on question...what kind of hardware does it take to break the weak and strong versions of Bogus Notes? Is it possible that NSA or Echelon have the ability to decode a large number of such messages?
And if the amount of hardware needed to break the strong version is significantly greater than that required to break the weak version, then the government's attempts to restrict any proliferation or use of the stronger version could make sense, from their standpoint. But as was said before, this may have been discussed here previously. >From: "David Howe" <[EMAIL PROTECTED]> >To: "Email List: Cypherpunks" <[EMAIL PROTECTED]> >Subject: Re: Echelon-like... >Date: Thu, 10 Oct 2002 20:01:12 +0100 > > >> "I assume everyone knows the little arrangement that lotus > >> reached with the NSA over its encrypted secure email?" > > I'm new here, so do tell if I am wrong. Are you referring to the two >levels > > of Encryption available in Bogus Notes? >More or less, yes. Lotus knew nobody would buy a 40 bit version of their >crypto, so there is a two-level encryption all right, but not along >those lines - in the export version, some of the session key is >encrypted using a PKI "work reduction factor" key in the message header; >this section of header is important, as lotus gateways won't accept >messages that have had it disturbed. by decoding this block, the NSA >have the actual keysize they need to block reduced to the legal export >level of 40 bits; one government found this out *after* rolling it out >to all their billing and contract negotiation departments... belgum or >sweden by memory . Lotus thought it would be ok if only the NSA (and >other US government orgs) could break the key, rather than letting >everyone have an equal chance (and indeed, letting their customers know >their crypto was still only 40 bit vs USA intel agencies) >Still, even the domestic version was only 64 bits, which is painfully >small even by the standards of the day. certainly, even "strong" lotus >could have been crackable by the NSA, who after all own their own fab >plant to make custom VLSI cracking chips. _________________________________________________________________ MSN Photos is the easiest way to share and print your photos: http://photos.msn.com/support/worldwide.aspx
