Date: Mon, 19 Jun 95 16:23:47 MDT From: terry@cs.weber.edu (Terry Lambert) To: mark@grondar.za (Mark Murray) Cc: phk@freefall.cdrom.com, wollman@halloran-eldar.lcs.mit.edu, rgrimes@gndrsh.aac.dev.com, current@FreeBSD.org Subject: Re: Crypto code - an architectural proposal. Message-ID: <9506192223.AA22483@cs.weber.edu> In-Reply-To: <199506192042.WAA00321@grumble.grondar.za> from "Mark Murray" at Jun 19, 95 10:42:39 pm
next in thread | previous in thread | raw e-mail | index | archive | help
> > > If the state department has a problem (or potential problem) with the > > > crypt(3) in libdescrypt, why is there _no_ problem with the MD5 crypt(3)? > > > They are functionally equivalent. Was the MD5 version even vetted? > > > > MD5 cannot decrypt. > > I thought that was the point of crypt(3). "One-way trapdoor algorithm"? Crypt can be used to build a encipher/decipher system to transmit encrypted data into and out of the US without the US authorities being able to monitor it in [potentially] sufficient time to act on the data contained therein. For instance, orders from Iraq/Iran/Libya to assemble munitions from included plans and use them on a target in the US. This is arguably in the same category as the gun control legislation in the US, since there is an implied assumption that a criminal will only obtain his gun or his cryptosystem through legal means for fear of the penalty (ignoring the fact that they will be facing the penalty for the crime they would commit using the "contraband" materials, and is thus prohibition is not a deterrent). The MD5 algorithm is not itself a crypto-system: it's a non-reversible checksum (or at least is effectively so). The point is that you can use MD5 checksums to compare data on which the checksums are computed without the data being revealed by publishing a particular checksum. The crypt(3) algorithm can be used to (effective) provide a non-reversible *hash* value. If this were the only use to which it could be put, then it, too, would be exportable. This is why it's relatively easy to get an export license for crypt based binary software statically linked and stripped to hide the function parts and only linked with utilities which use it for hashing. Terry Lambert terry@cs.weber.edu --- Any opinions in this posting are my own and not those of my present or previous employers.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?9506192223.AA22483>