Re: A89: U.S. Encryption Laws


[Prev][Next][Index][Thread]

Re: A89: U.S. Encryption Laws




On Thu, 2 Dec 1999, Robin Kirkman wrote:
> nope, i've done a lot of ametuer crypto, and here's the info:
> the maximum legal cryptography level with a 2048bit key.
> the maximum legal exportable crypto is 56bit, which is a joke to crack.
>
> The ti89, therefore, cannot use 512bit encryption or it would be illegal
> to export it!
> --robin

Hm.  Are the apps actually encrypted?

Instead RSA could be used to make a digital signature on programs and the
calc would refuse to run them.  This wouldn't protect the programs from
being pirated (you can copy them but they won't run on another calc) but
it'd let the calculator be exported.

Or RSA could be coupled with a weaker algorithm.  This is what most of
RSA-using cryptoprograms use (like SSH and PGP).  But this would make it
impossible to actually run the programs from FLASH;  You'd have to first
decrypt them to RAM.  This would be pretty stupid.  

Plus if calculator actually decrypts something using RSA, it means that it
has the 'private key', so you could just disassemble the ROM to find it
out.  Authenticating digital signature needs only the 'public key' while
signing requires the 'private'.


As for the uncrackability:

http://www.rsasecurity.com/rsalabs/challenges/factoring/rsa155.html


	- Riba



Follow-Ups: References: