I have a couple of questions (well, actually more than 2) I would like
someone to answer.
1.- Are we ever going to have strong authentication here in Europe?. I say so
because the USA export restrictions.
2.- Let's suppose the following scenario: Some client sends some crypted-info
via Netscape browser to a Netscape Server with medium-grade encryption
(RC4-Export, 128 bit with 40 secret). A bored hacker happens to catch the
information. How long would it take him to crack the key (with today's tech)?
which are the chances that he got enough info to reveal the actual contents of
the communication?. To be more precise, the customer is sending information about
some e-shopping together with his credit-card number, is he ever going to know
the info the customer sent?.
3.- I see the difference between Authentication and Encryption, but I'm aware
that usually (as far as I know) RSA algorithms are used for the first one and
DES for the second one. Am I right?. How does Netscape's HTTPS and client to
protect the information (cause I think they just use the RSA-scheme)?
4.- Last one, and kind of phylosphical: Why doesn't the US want to export the
strong-grade encryption whatever?
Thanks a lot. Muchas Gracias.
Luis Israel Serrano Barge
Departamento de Sistemas de Información / Information Technology Department
Sol Meliá (http://www.solmelia.es)
email: israel .
Tlf: +34 (9)71 43 70 57 Fax: +34 (9)71 43 70 52