Newsgroups: sci.crypt
Path: cantaloupe.srv.cs.cmu.edu!crabapple.srv.cs.cmu.edu!fs7.ece.cmu.edu!europa.eng.gtefsd.com!gatech!howland.reston.ans.net!zaphod.mps.ohio-state.edu!darwin.sura.net!haven.umd.edu!uunet!walter!qualcom.qualcomm.com!servo.qualcomm.com!karn
From: karn@servo.qualcomm.com (Phil Karn)
Subject: Re: Re-inventing Crypto Policy?  An EFF Statement
Message-ID: <1993Apr16.225044.4143@qualcomm.com>
Sender: news@qualcomm.com
Nntp-Posting-Host: servo.qualcomm.com
Reply-To: karn@chicago.qualcomm.com
Organization: Qualcomm, Inc
References: <1993Apr16.204207.24564@eff.org> <1993Apr16.211508.17011@news.weeg.uiowa.edu> <1qna0tINNf5p@rodan.UU.NET>
Date: Fri, 16 Apr 1993 22:50:44 GMT
Lines: 17

In article <1qna0tINNf5p@rodan.UU.NET>, avg@rodan.UU.NET (Vadim Antonov) writes:
|> I somehow started to doubt technical competence of the
|> people who designed the system.  Why on the Earth split the
|> 80-bit key in 40-bit parts to keep them in escrow separately
|> (having 40 bit and large volumes of data voice links produce
|> it should be relatively easy to break it) when they simply
|> could keep 80-bit sequences in N (N>=2) independent places
|> and then XOR all the partial keys to get the actual key (N-1
|> sequences should obviously be selected randomly and Nth is the
|> actual key XOR-ed with the random sequences).

Without real technical details, it's hard to answer this question. But
suppose they already *are* XORing the two 40-bit parts to produce only
40 bits of real key material? Maybe they're using the exportable version
of RC2...? :-)

PHil
