USA and allowing encryption beyond the cracking capabilities of a 1st
year computer science student... ...hmmm
I remember how i did do big efforts to get vista ultimate bitlocker
to work.
On paper it sounds ok. AES 256 bits CBC.
The idea is : your usb stick has the encryption key and only that
thing has it.
So no one can decrypt the partition without that usb stick.
In case you forget to load that usb stick having the encryption key,
there is a general manner to unlock the machine by feeding it a long
code.
Looks great isn't it?
So far the paper...
But now the usual bug; the implementation that practical was allowed
by one those guys on the Perry-Sport mailing list.
Of course we don't want to tire ourselves too much typing too long
unlock codes...
That unlock code, stored at a different USB stick is 48 digits.
By the way 48 digits is how many bits?
Right, that's less than 48 * (log 10/log 2) = 160 bits.
So the problem for our first year student has been brought back from
256 to 160 bits already.
Not that it is a hobby mine, but one day i rebooted the machine and
had forgotten to put in the USB encryption stick.
By accident i mistyped the key. Windows then told me:
"you made a mistake somewhere in those 5 digits of the 48 digit
key, please retype them".
Doh.
So my guess is that soon i do not need to worry when by accident i
lose that USB stick...
Vincent
</EOF rant>
On Jun 19, 2008, at 2:41 AM, Perry E. Metzger wrote:
Jim Lux <[EMAIL PROTECTED]> writes:
In general, fundamental research is not subject to export
controls, so
if you frame your problem in terms of abstract mathematical problems,
you're not going to be treading on any toes. However, start
distributing it as "Jim Lux's superduper encryptor/password cracker,
now with 1024 bit capability!" and it's moved from fundamental
research to a product.
Under current rules, provided it is open source or generally available
to any buyer, you can distribute and export cryptographic code quite
freely. There are some minimal reporting requirements, but they're
barely worth mentioning.
That's the reason you can freely distribute things like Kerberos,
OpenSSL, pgp/gpg, etc.
Perry
--
Perry E. Metzger [EMAIL PROTECTED]
_______________________________________________
Beowulf mailing list, Beowulf@beowulf.org
To change your subscription (digest mode or unsubscribe) visit
http://www.beowulf.org/mailman/listinfo/beowulf
