[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Re[2]: PGP


>      The International Version of PGP is a slightly modified algorithm with 
>      fewer bits.

No. This is not true at all. The international PGP Version has the same
algorithms with the same number of bits. There is completely no difference
between the algortihms used. In facte the International Version was capable
to build Larger Keys than the american one.

The Reason for this is that RSA in america requires all to use RSAREF
library for non-commercial use. There is a european rewrite of this RSA lib.
Because it is a rewrite there are no copyright problems with the lib.
Because it is not in america u r free to use RSA, cause the RSA patent is
only (if at all) valid in the states.

The Block chifre used in PGP (IDEA) is developed in Swiss and uses 128Bit in
the international and american Version.

>      Currently, it is illegal under the Data Encryption and 
>      Privacy Act (modified) of 1995 to export encryption programs which use 
>      56+ bits outside the United States.

IMHO is the limit 40Bits for Block chifres. Anyway, it IS illegal to export
PPG from the sates (even if that is totally nonsense, since the encrypting
algorithms are developed in the free world.)

>      1) encrypt with key 1
>      2) decrypt with key 2
>      3) encrypt with key 3

For most existing encryption algorithms there is no proof that will show you
that u r realy more secure with that.

>      Wish everyone all the luck in the world to crack that.  Even a machine 
>      capable of a billion processes per second would have to have a million 
>      such processers in order to break even 30bit keys in less time than 
>      the universe is old!

Of course the algorithm which uses 3x30 Bits is considered an algorithm with
90bits and illegal to export, too.

BTW: afaik is the RSA License valid on US therretory not for US citizens.
This is just like even in the states german citizens have to drive like US
Law says.

a) it is illegal to use PGP-i without RSAref in the states due to RSA Inc.
   beeing the patent holder for RSA and requires to use RSAref.

b) is is illegal to use PGP outside of USA, due to the copyright of RSAI on

c) it is illeagl to export PGP from US, due to ITAR rules.

d) it IS should be legal to use PGP-i with RSAREF in the states. Just 

e) ASCON ZH has the (even in europe) valid patent on IDEA and can charge
fees for commercial PGP usage (in the staes and in europe). AFAIK the will
not yet charge fees in Europe, since there is no commercial Distributor in
Europe and they don't want to mess with small money amounts of thousands of
commercial endusers.

  (OO)      -- Bernd_Eckenfels@Wittumstrasse13.76646Bruchsal.de --
 ( .. )  ecki@{inka.de,linux.de,debian.org} http://home.pages.de/~eckes/
  o--o     *plush*  2048/93600EFD  eckes@irc  +4972573817  BE5-RIPE
(O____O)       If privacy is outlawed only Outlaws have privacy

TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-user-REQUEST@lists.debian.org . Trouble? e-mail to Bruce@Pixar.com

Reply to: