Date: Sat, 30 May 1998 11:33:49 +1000 (EST) From: "Daniel O'Callaghan" <danny@panda.hilink.com.au> To: Steve Reid <sreid@alpha.sea-to-sky.net> Cc: freebsd-security@FreeBSD.ORG Subject: Re: MD5 v. DES? Message-ID: <Pine.BSF.3.91.980530105610.411J-100000@panda.hilink.com.au> In-Reply-To: <Pine.LNX.3.95.iB1.0.980529124539.9369A-100000@alpha.sea-to-sky.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, 29 May 1998, Steve Reid wrote: > MD5 also has the benefit of being exportable, whereas DES is subject to > restrictions in many countries because it was designed for encryption. In source code, yes. It is, in fact, legal to export programs and .o files which perform a DES-based hashing such as the standard Unix password scheme. Hence, if you buy a commercial Unix OS outside the USA, you get DES style passwords, but you can't get the source, and the vendor leaves out the programs which do data-privacy encryption. The reason that hashing is exportable is that it is only useful for identification and integrity, not privacy. MD5 is a hashing-only algorithm, and so can be freely exported from the USA. DES-hashing source can't be exported because it is trivial to turn it into DES-privacy code. Danny To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.91.980530105610.411J-100000>