ietf-openpgp
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: Symmetric Algorithm

1997-10-29 07:56:05
from [Sam Simpson] [Permanent Link] 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

All algorithms within PGP (CAST,IDEA & 3DES) have keys >40 bits and
are thus unexportable from the US.  What stops people from producing
the programs outside of the US (Hint: nothing!).  This is supposed to
be a standard being defined, not a program hence export issues
shouldn't be considered.

If export restricions were a consideration then the assymetric
algorithms (RSA/DH) will also never get export licenses at their
current lengths.

- -----------------------------------------------------------------
Sam Simpson, Network Administrator & M.Sc. Info Security Student
E-Mail: ssimpson(_at_)hertreg(_dot_)ac(_dot_)uk

Home Tel/Fax: +44 (0)1438 726069     Work Tel: +44 (0)1992 479490

PGP DSS/DH key (1024 DSS/3072 DH):            Key ID:  0x433FDB4F 
  Fingerprint: EC90 207C 6392 3ED0 02A6  7D6C ED2D CBC1 433F DB4F
PGP 2048-bit RSA key:                         Key ID:  0x560D21A9
  Fingerprint: 5230 1896 D999 A4F0  1F31 937E F311 D469
- -----------------------------------------------------------------

On 29 October 1997 13:44, WengFatt Fong 
[SMTP:wffong(_at_)ca(_dot_)ibm(_dot_)com]
wrote:

Making Triple-DES a MUST will render this unusable outside of North

America.

Triple-DES requires a US Export licence.

Weng Fatt  Fong


owner-ietf-open-pgp(_at_)imc(_dot_)org on 28/10/97 11:58:21 PM
Please respond to uri(_at_)watson(_dot_)ibm(_dot_)com @ internet
To: jon(_at_)pgp(_dot_)com @ internet
cc: ietf-open-pgp(_at_)imc(_dot_)org @ internet
Subject: Re: Symmetric Algorithm


Jon Callas says:

There are presently three symmetric algorithms used in PGP. They

are IDEA,

Triple-DES, and CAST5..........

(1) Which algorithm is the MUST algorithm?


I say - Triple-DES as the most proved, the most reliable and the
most "free".


(2) Should there be more than one MUST algorithm, and if so, which

ones?

Please note that arguing for IDEA being a MUST algorithm could

lead to the

standard getting bogged down.


Due to its patented nature and some other things I strongly urge to
make IDEA "SHOULD" at most. [Yes, I'm aware of what's the main
algorithm in PGP-2.x.]


(3) Should any remaining algorithms from the original suite be

SHOULD or

MAY?


People apparently like CAST - and it looks promising. I'd make it

SHOULD.



(4) What other algorithm(s) do you want to see as MAY algorithms?


I'd make SEAL and DES/SK "MAY". I realize that there are many nice
algorithms - but how many can (and should :-) we put in?
SEAL is the fastest (but patented), and DES/SK gives
you the benefits of 3DES without the expense of 48 rounds.


My votes:
(1) Triple-DES (because it's less controversial than CAST5).


I'm with you.


(2) No, only one MUST algorithm.


I'm with you.


(3) I'd like to see both CAST5 and IDEA as SHOULD algorithms.


I prefer CAST (due to it's free nature).


(4) I have no preferences, but ones mentioned to me are Blowfish

and

SAFER128.


Here we differ somewhat... My vote is for DES/SK (and for obvious

reason :-).

--
Regards,
Uri  uri(_at_)watson(_dot_)ibm(_dot_)com
-=-=-=-=-=-=-
<Disclaimer>




-----BEGIN PGP SIGNATURE-----
Version: PGP for Business Security 5.5

iQA/AwUBNFdOuO0ty8FDP9tPEQLh5wCgmQ1eSFlkMCrtXhdXBnJQB1G8gPwAnAvs
AXIuR/1F4uGr56cFb8T5zVV3
=1SP8
-----END PGP SIGNATURE-----
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Documentation of Alternatives (was Re: What this WG is doing), Lutz Donnerhacke
Next by Date:  Software implementig Hierarchical trust, Salvatore Nesta
Previous by Thread:  Re: Symmetric Algorithm, Uri Blumenthal
Next by Thread:  re: Symmetric Algorithm, A. Padgett Peterson P.E. Information Security
Indexes:  [Date] [Thread] [Top] [All Lists]