LOL! The reason why the current eCash software uses 768 bit RSA and 3DES is
because that's what the original Ecash software used. You know, that
software that didn't meet market demand even back in 1995? (The software's
failure to meet market demand was unrelated to the crypto that was used. And
FYI, the 768 bit RSA was used for performance reasons). Which gets us to why
the current software use the same algorithms as the software from 5 years
ago: because it is essentially the same software.
What I don't fully understand is why the contents of a 5 year old press
release with minor changes in capitalization are now considered news. What
am I missing?
Thanks,
--Lucky Green <[EMAIL PROTECTED]>
> -----Original Message-----
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf
> Of Eric Murray
> Sent: Wednesday, February 16, 2000 10:59
> To: Multiple recipients of list
> Subject: Re: www.digicash.com
>
>
> On Wed, Feb 16, 2000 at 11:23:53AM -0600, William H. Geiger III wrote:
> >
> > from http://www.digicash.com/Company/
> >
> >
> > "eCash software uses digital signature technology based on
> > public key cryptography, to provide authentication,
> > non-repudiation, data integrity, and confidentiality. For the maximum
> > security available, eCash uses 768-bit RSA keys
> > with 3-DES. eCash is a very efficient protocol, which
> > enables key lengths to increase over time without unduly
> > impacting performance. eCash uses Secure Hash Algorithm
> > (SHA-1) for its cryptographic hash function. eCash owns
> > and uses a patented blind signature encoding algorithm that
> > allows banks to issue eCash, which can be sent from
> > consumer to merchant in complete privacy. As financial
> > institutions develop interoperable certificate authorities for issuing
> > digital certificates, eCash will apply standard bank digital
> certificates
> > to eCash payment protocols."
> >
> >
> > Website is still in the construction phase and only limited info there.
> > The 768-bit RSA keys seem a little small and I am not all that sure that
> > 3-DES is the best choice of symetric algorithms for this application.
>
>
> Those sound optimized for smartcard use.
> Single DES cores are pretty small and can be called 3 times
> to do 3DES. RSA keys take a lot of storage and smartcards
> are slow to do RSA (or they're more expensive). I'd prefer to
> see 1024 bit RSA also, but I can understand why they'd use 768.
> And that's way better than some other systems I'm seeing...
>
> --
> Eric Murray www.lne.com/~ericm ericm at the site lne.com PGP
> keyid:E03F65E5
>
>
>
