Re: final word on exportable algorithms

From: Rob Teixeira [MVP] (RobTeixeira_at_@msn.com)
Date: 07/28/04

  • Next message: Joe Kaplan \(MVP - ADSI\): "Re: .NET App cannot connect to Apache SSL server" 
    Date: Tue, 27 Jul 2004 18:47:02 -0400

    There should be no problem not at all.
    The MS Base Cryptographic Service Provider (that the standard RSA class
    implementation is based on) is compatible with export limitations (unless
    you export it to a country the US has sanctions with, that is).
    I think you are confusing the issue of symmetric key lengths with asymmetric
    key lengths.
    DES is a symmetric cipher, and there is a cap on symmetric cipher key
    lengths of 56 to 128 bits, depending on which document you are looking at,
    and various other factors. However, RSA is an asymmetric (public/private
    key) cipher. Asymmetric key lengths can't exceed 512 bit last time i
    checked. And as an aside, the "secure" recommendation is at least 1024 bits
    for an RSA key, so if it were up to me, I'd use the largest possible key
    (512).

    -Rob Teixeira [MVP]

    "EP" <ep@newsgrouponly.com> wrote in message
    news:%23K7ZtM4cEHA.688@TK2MSFTNGP11.phx.gbl...
    > I'm trying to build an exportable secure system and am having a hard time
    > finding the definitive answer on export laws. Can't find it on msdn and
    > everything I come accross on the net is from '96-'97
    >
    > I want to use an asymmetric RSA public/private handshake to establish a
    > weaker 40-bit key for conversation (will be doing this on a message-based
    > architecture).
    >
    > So, I go to use RSA encryption for the handshake.. But is RSA limited to
    384
    > bit minimum? At least the RSACryptoServiceProvider is. If I cannot use
    RSA
    > for exportable systems, what private/public asymmetric algorithms are
    > exportable?
    >
    > Can someone confirm the current exportable algorithms? I know I can use
    > 40-bit DES once I've established the session but what can I use for the
    > handshake?
    >
    >

  • Next message: Joe Kaplan \(MVP - ADSI\): "Re: .NET App cannot connect to Apache SSL server"

    Relevant Pages

    • final word on exportable algorithms
      ... I'm trying to build an exportable secure system and am having a hard time ... I go to use RSA encryption for the handshake.. ... what private/public asymmetric algorithms are ...
      (microsoft.public.dotnet.security)
    • Re: final word on exportable algorithms
      ... > I'm trying to build an exportable secure system and am having a hard time ... I go to use RSA encryption for the handshake.. ... what private/public asymmetric algorithms are ...
      (microsoft.public.dotnet.security)
    • Re: Is 3DES more secure than 384 bit RSA?
      ... >> not the same algorithm. ... >3DES is a symmetric cipher. ... >RSA is an asymmetric cipher. ... >> I can use either but like the idea that I can distribute RSA Public Keys ...
      (sci.crypt)
    • Re: multi time pad to seed other cypher
      ... Lets say you have a symmetric cipher with a 256 bit key. ... the pad, to transmit the key. ... Obviously this method depends on the security of the symmetric cipher. ... But it cuts out any insecurity in the RSA part. ...
      (sci.crypt)