Today at the RSA conference IBM/Lotus announced that they have Commerce
approval to ship a "differential work factor reduction" 64 bit
encryption. It will be part of their Lotus Release 4 which is
It will operate as follows:
it will use 64 bit which will be what would need to be compromised
however, 24 bits will be bound to 40 bits... the 24 bits are
encrypted with a Government public key, effectively leaving the
key length not know to the government remains at 40 bit.
This is a compromise solution to offer strong encryption to overseas
clients while meeting Commerce department limitations. It is an
interim measure until the expected easing of export restrictions.
This solution will be flexible and scales to any key/escrow
requirements. For example, if 80 bit keys become the vogue, then 40
bits would be encrypted with the government public key rather than
24, thereby leaving 40 bits unknown to government watchers.
This type of approach should be implementable and exportable by other
| Public Key Infrastructures
Wayne W. Godbehere | - an architecture for
Director - Secure Services | privacy, integrity, and
Bell Sygma Systems Management | authentication
Toronto, Ontario | Ph: 416-285-9968 x.224
Opinions expressed do not necessarily reflect those of my employers