[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[iaik-ssl] SSL Export Ciphers

A ciphersuite like the standard DES ciphersuite is not exportable,
because although the symmetric key is only 56 bits it can potentially use
RSA keys larger than 1024 bits (there are also some other differences).

Therefore, a few new ciphersuites have been defined particularly to be
compatible with those export laws. We support them in iSaSiLk 3.0, they
have EXPORT1024 in their name. They are currently specified in an
internet draft and supported in Netscape Navigator versions since 4.6.


 Andreas Sterbenz              mailto:Andreas.Sterbenz@iaik.tu-graz.ac.at

-----Ursprüngliche Nachricht-----
Von: Polar Humenn <polar@adiron.com>
An: IAIK SSL <iaik-ssl@iaik.tu-graz.ac.at>
Gesendet: Donnerstag, 16. September 1999 17:38
Betreff: Re: [iaik-ssl] client demo error

> A question about export cipher suites:
> Since the US Export has up the limit to 56 bit symetric keys and 1024
> asymetric keys, I need to know what cipher suites are good for export
> the US.
> The cipher suites with EXPORT in the name, all imply 40 bit keys.
> We know 3DES is not exportable, but what key length does DES, RC2, RC4
> cipher suites use?
> What about NETSCAPE and FORTESSA, I imagine that these do not fall into
> the realm of exportable.
> Thanks,
> -Polar