Newsgroups: sci.crypt
Path: cantaloupe.srv.cs.cmu.edu!crabapple.srv.cs.cmu.edu!bb3.andrew.cmu.edu!news.sei.cmu.edu!cis.ohio-state.edu!pacific.mps.ohio-state.edu!linac!uwm.edu!ux1.cso.uiuc.edu!moe.ksu.ksu.edu!hobbes.physics.uiowa.edu!news.uiowa.edu!news.weeg.uiowa.edu!lbrintle
From: lbrintle@news.weeg.uiowa.edu (Lee Brintle)
Subject: Re: Re-inventing Crypto Policy?  An EFF Statement
Message-ID: <1993Apr16.211508.17011@news.weeg.uiowa.edu>
Summary: 40-bit key-half is way too small
Organization: Project Panda, Inc.
References: <1993Apr16.204207.24564@eff.org>
Date: Fri, 16 Apr 1993 21:15:08 GMT
Lines: 23

In article <1993Apr16.204207.24564@eff.org> Danny Weitzner <djw@eff.org> 
writes:
>The 80-bit key will be divided between two escrow agents, each of whom
>hold 40-bits of each key. 

Presumably, the key split is so that no one group controls the privacy
of the key, and that it would be infeasible to illicitly gain access from
both agents.

However, if one agent wishes to break the crypto without the cooperation
of the other agent, a 40-bit key is not going to stand in the way of a
brute force attack.  If an agency (for example, the NSA) were to hold one
of the two key-halves, then I don't imagine they really need the other half of
the key to start listening in.

Or was that the point?   <grin>


(This is not to imply, at all, that I like the idea of the rest of the
system.)
-- 
Lee Brintle                    | ``And so, I leave you with this final word:
Director, Project Panda        |     twang.''
