|
Subject: |
ITAR braindamage |
|
From: |
Marcus J Ranum <mjr @
iwi .
com> |
|
Organization: |
Information Works! Inc, Baltimore, MD |
|
Date: |
Thu, 6 Jul 1995 13:21:43 -0400 (EDT) |
|
To: |
firewalls @
greatcircle .
com |
|
Coredump: |
Infocalypse Now!!! |
|
Phone: |
410-889-8569 |
|
Reply-to: |
mjr @
iwi .
com |
|
Url: |
<A HREF="http://iwi.com/mjr/mjr-top.htm">mjr's web page</A> |
Ted Doty writes:
>purposes only). As far as I can tell, there are no restrictions on Digital
>Signature functions, provided they cannot be used to encrypt - this allows
>MD5 and DSS.
What's crazy, of course, is that most modern cryptosystems (that
we know about!) are built around functions that are difficult to invert.
That really *IS* the cryptosystem. MD5, in order to be a good hashing
function, is difficult to invert.
It's trivial to turn a strong cryptographic hashing function
into a strong encryption system. A simple example would be taking a
key, and running it through MD5. Then you run the first 64 bits of
/dev/zero through it, yielding a 64 bit hash code. Xor that with the
first 64 bits of the file and transmit them. Take the next 64 bits
of the file, re-run the previous 64 bit hash through MD5 and keep
Xoring and hashing. That's not as strong a way of doing it some (like
feistel net ciphers) but it's pretty strong.
With respect to ITAR, the emperor truly has no clothes.
mjr.
Follow-Ups:
|
|
