Date: Tue, 15 Oct 1996 01:30:08 -0500 (CDT) From: Jeremy Nelson <nelson@acronet.net> To: freebsd-chat@freebsd.org Subject: Exportability of MD5, general case Message-ID: <199610150630.BAA29200@nemesis.acronet.net>
next in thread | raw e-mail | index | archive | help
(I sent this question to this list, because i know this list is for generally off-topic discussions, and this didnt seem to be appropriate to any other list. Thanks.) I know that FreeBSD uses MD5 because it can be exported, but I am not 100% sure to what extent MD5 can be used and still be exported. To describe my situation, I am working with a program (irc client), that traditionally has used an XOR-with-ascii-text algorithm for encryption. It hasnt been represented as anything other than being nominally secure (it would be too much hassle to decrypt it on the fly, given the neature of irc). My idea was to use MD5, to generate a 128-bit hash value (much like what PGP does) out of the ascii-text password, and then do the XOR encryption with that 128-bit value. My question is, is the legality of exporting MD5 limited only to how one uses MD5 or is it legal to do anything with the value returned by the MD5 functions? Would my idea be illegal to export? Or is the XOR encryption algorithm fundamentally insecure (which is not a big problem, im only looking for a nominal increase in security, not a massive increase), that the government doesnt consider it to be dangerous? Thanks for any advice you might offer. Jeremy Nelson
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199610150630.BAA29200>