From: Ron Hoffman (rhoffman@stny.rr.com)
Date: 03/26/02-03:38:30 PM Z
Message-ID: <001501c1d50e$92cf4480$6501a8c0@STNY.RR.COM> From: "Ron Hoffman" <rhoffman@stny.rr.com> Subject: 128-bit CAST and US export controls Date: Tue, 26 Mar 2002 16:38:30 -0500 The CAST5-CBC encryption algorithm uses 128-bit keys and thus is subject to US export controls. My first thought was to fall back to 56-bit DES-CBC if 128-bit keys could not be used. However, there is really no way to inform the application that the default confidentiality algorithm is using 56-bit keys instead of 128-bit keys (I'm assuming that applications will specify GSS_C_QOP_DEFAULT when calling gss_wrap). This means security would be downgraded without the knowledge of the application, which really isn't a good idea. So now I'm thinking of not providing confidentiality services at all if 128-bit keys cannot be used. The application would be informed of this action because the GSS_C_CONF_FLAG would not be set in the return flags from gss_init_sec_context/gss_accept_sec_context and the confidentiality state would be set to 0 on return from gss_wrap. Does anybody have any thoughts on this? Should we fall back to DES-CBC if CAST5-CBC is not available? Or should we disable confidentiality services (given that CAST5-CBC is a mandatory algorithm)? Ron Hoffman (rhoffman@stny.rr.com)
This archive was generated by hypermail 2.1.2 : 03/04/05-01:49:37 AM Z CST