From owner-freebsd-hackers Fri Aug 13 11:36:14 1999 Delivered-To: freebsd-hackers@freebsd.org Received: from quack.kfu.com (quack.kfu.com [170.1.70.2]) by hub.freebsd.org (Postfix) with ESMTP id E4EDE14F2B for ; Fri, 13 Aug 1999 11:36:11 -0700 (PDT) (envelope-from nsayer@quack.kfu.com) Received: from morpheus.kfu.com (morpheus.kfu.com [170.1.70.4]) by quack.kfu.com (8.9.2/8.8.5) with ESMTP id LAA58822; Fri, 13 Aug 1999 11:34:16 -0700 (PDT) Received: from quack.kfu.com by morpheus.kfu.com with ESMTP (8.9.2//ident-1.0) id LAA03752; Fri, 13 Aug 1999 11:34:16 -0700 (PDT) Message-ID: <37B46522.2AB2A956@quack.kfu.com> Date: Fri, 13 Aug 1999 11:34:10 -0700 From: Nick Sayer Reply-To: nsayer@freebsd.org X-Mailer: Mozilla 4.61 [en] (X11; U; FreeBSD 3.1-RELEASE i386) X-Accept-Language: en-GB, en-US, en MIME-Version: 1.0 To: Narvi Cc: freebsd-hackers@freebsd.org Subject: Re: SRA+IDEA Telnet References: Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg=sha1; boundary="------------ms62DF643A2A3FF2B150704328" Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG This is a cryptographically signed message in MIME format. --------------ms62DF643A2A3FF2B150704328 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Narvi wrote: > > How exactly do you plan to get this to the FreeBSD internationsl > server that has the crypto repository? The short answer is that I don't. Unfortunately the trick that PGP used of publishing it in a book and exporting that won't work anymore, because I believe the commerce department now says that source code printed in a book that can be scanned and OCRed is, in fact, "machine readable" and unexportable. I originally obtained SRA code from a University in Germany. I obtained my implementation of IDEA from PGP. In fact, I used idea.[ch] and #if 0'ed out stuff that's not needed. However, SRA is perfectly able to supply a compatable DES encryption key, so you can just add SRA to telnet and have SRA+DES. In fact, given that SRA isn't all that hard to break, one could argue that DES probably good enough (I hear it now -- if SRA isn't that hard to break, why bother? Answer: Because it's harder to break than plaintext. Factoring SRA would take a few days. Just watching for login: and password: takes nothing). I obtained the Makefiles for libtelnet, telnetd and telnet from the /usr/src/secure Attic and modified them so that they would enable encryption, authentication, SRA and DES (after adding SRA code, of course). I can discuss what I did with non-US citizens only in broad terms like the above. I can't assist and I can't provide source. The good news is that I believe the Bernstein case is headed finally for the Supreme Court and if all goes well source code may well be exempted from export regulations by deeming it protected speech. --------------ms62DF643A2A3FF2B150704328 Content-Type: application/x-pkcs7-signature; name="smime.p7s" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="smime.p7s" Content-Description: S/MIME Cryptographic Signature MIIKpwYJKoZIhvcNAQcCoIIKmDCCCpQCAQExCzAJBgUrDgMCGgUAMAsGCSqGSIb3DQEHAaCC CDMwggT9MIIEZqADAgECAhA9k/AV3oVH5b8fAYqgipwKMA0GCSqGSIb3DQEBBAUAMIHMMRcw FQYDVQQKEw5WZXJpU2lnbiwgSW5jLjEfMB0GA1UECxMWVmVyaVNpZ24gVHJ1c3QgTmV0d29y azFGMEQGA1UECxM9d3d3LnZlcmlzaWduLmNvbS9yZXBvc2l0b3J5L1JQQSBJbmNvcnAuIEJ5 IFJlZi4sTElBQi5MVEQoYyk5ODFIMEYGA1UEAxM/VmVyaVNpZ24gQ2xhc3MgMSBDQSBJbmRp dmlkdWFsIFN1YnNjcmliZXItUGVyc29uYSBOb3QgVmFsaWRhdGVkMB4XDTk5MDYyMTAwMDAw MFoXDTAwMDYyMDIzNTk1OVowggEYMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjEfMB0GA1UE CxMWVmVyaVNpZ24gVHJ1c3QgTmV0d29yazFGMEQGA1UECxM9d3d3LnZlcmlzaWduLmNvbS9y ZXBvc2l0b3J5L1JQQSBJbmNvcnAuIGJ5IFJlZi4sTElBQi5MVEQoYyk5ODEeMBwGA1UECxMV UGVyc29uYSBOb3QgVmFsaWRhdGVkMTMwMQYDVQQLEypEaWdpdGFsIElEIENsYXNzIDEgLSBO ZXRzY2FwZSBGdWxsIFNlcnZpY2UxGjAYBgNVBAMUEU5pY2hvbGFzIFcuIFNheWVyMSMwIQYJ KoZIhvcNAQkBFhRuc2F5ZXJAcXVhY2sua2Z1LmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAw gYkCgYEAwZ76sB91nFO45ERwMDwTiQLzF9SS68cGUY8LoVgVUY2R/8DfXJhBxDOEDXfM0pJj dtz4h6VTcP4LBP4R9eeanpz9rFhAuTHppFEM7mrz5ak+RNTYszlNJxFd/dm7Rlz9rgVCobHQ sh2Asg06t/l7CTgcY4yd78SxUGwNjW/kveECAwEAAaOCAY8wggGLMAkGA1UdEwQCMAAwgawG A1UdIASBpDCBoTCBngYLYIZIAYb4RQEHAQEwgY4wKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3 LnZlcmlzaWduLmNvbS9DUFMwYgYIKwYBBQUHAgIwVjAVFg5WZXJpU2lnbiwgSW5jLjADAgEB Gj1WZXJpU2lnbidzIENQUyBpbmNvcnAuIGJ5IHJlZmVyZW5jZSBsaWFiLiBsdGQuIChjKTk3 IFZlcmlTaWduMBEGCWCGSAGG+EIBAQQEAwIHgDCBhgYKYIZIAYb4RQEGAwR4FnZkNDY1MmJk NjNmMjA0NzAyOTI5ODc2M2M5ZDJmMjc1MDY5YzczNTliZWQxYjA1OWRhNzViYzRiYzk3MDE3 NDdkYTVkM2YyMTQxYmVhYzIzZWMyZmQ4MjBiYWI2ZGY1ZDcxMTQ5OWZhMWJjNDRmNWYzZWE0 NTBjMDMGA1UdHwQsMCowKKAmoCSGImh0dHA6Ly9jcmwudmVyaXNpZ24uY29tL2NsYXNzMS5j cmwwDQYJKoZIhvcNAQEEBQADgYEAUMq/Dtjh6qzf8sdDNxW6iDnN25VDyZMFgmfb0Epnh3Zi o/zeedJO4zm2/pvvLo8WiEsTTHdBimi3qn7eKaeA46EI9bev8Le2113//twTZhFWoKI1hebz /qTs7U/zLGM9zRD6cs2IagFPOVlRH65AoSo4MXgFu+HU/aUw1fpzbXIwggMuMIICl6ADAgEC AhEA0nYujRQMPX2yqCVdr+4NdTANBgkqhkiG9w0BAQIFADBfMQswCQYDVQQGEwJVUzEXMBUG A1UEChMOVmVyaVNpZ24sIEluYy4xNzA1BgNVBAsTLkNsYXNzIDEgUHVibGljIFByaW1hcnkg Q2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNOTgwNTEyMDAwMDAwWhcNMDgwNTEyMjM1OTU5 WjCBzDEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlTaWduIFRydXN0 IE5ldHdvcmsxRjBEBgNVBAsTPXd3dy52ZXJpc2lnbi5jb20vcmVwb3NpdG9yeS9SUEEgSW5j b3JwLiBCeSBSZWYuLExJQUIuTFREKGMpOTgxSDBGBgNVBAMTP1ZlcmlTaWduIENsYXNzIDEg Q0EgSW5kaXZpZHVhbCBTdWJzY3JpYmVyLVBlcnNvbmEgTm90IFZhbGlkYXRlZDCBnzANBgkq hkiG9w0BAQEFAAOBjQAwgYkCgYEAu1pEigQWu1X9A3qKLZRPFXg2uA1Ksm+cVL+86Hcqnbnw aLuV2TFBcHqBS7lIE1YtxwjhhEKrwKKSq0RcqkLwgg4C6S/7wju7vsknCl22sDZCM7VuVIhP h0q/Gdr5FegPh7Yc48zGmo5/aiSS4/zgZbqnsX7vyds3ashKyAkG5JkCAwEAAaN8MHowEQYJ YIZIAYb4QgEBBAQDAgEGMEcGA1UdIARAMD4wPAYLYIZIAYb4RQEHAQEwLTArBggrBgEFBQcC ARYfd3d3LnZlcmlzaWduLmNvbS9yZXBvc2l0b3J5L1JQQTAPBgNVHRMECDAGAQH/AgEAMAsG A1UdDwQEAwIBBjANBgkqhkiG9w0BAQIFAAOBgQCIuDc73dqUNwCtqp/hgQFxHpJqbS/28Z3T ymQ43BuYDAeGW4UVag+5SYWklfEXfWe0fy0s3ZpCnsM+tI6q5QsG3vJWKvozx74Z11NMw73I 4xe1pElCY+zCphcPXVgaSTyQXFWjZSAA/Rgg5V+CprGoksVYasGNAzzrw80FopCubjGCAjww ggI4AgEBMIHhMIHMMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjEfMB0GA1UECxMWVmVyaVNp Z24gVHJ1c3QgTmV0d29yazFGMEQGA1UECxM9d3d3LnZlcmlzaWduLmNvbS9yZXBvc2l0b3J5 L1JQQSBJbmNvcnAuIEJ5IFJlZi4sTElBQi5MVEQoYyk5ODFIMEYGA1UEAxM/VmVyaVNpZ24g Q2xhc3MgMSBDQSBJbmRpdmlkdWFsIFN1YnNjcmliZXItUGVyc29uYSBOb3QgVmFsaWRhdGVk AhA9k/AV3oVH5b8fAYqgipwKMAkGBSsOAwIaBQCggbEwGAYJKoZIhvcNAQkDMQsGCSqGSIb3 DQEHATAcBgkqhkiG9w0BCQUxDxcNOTkwODEzMTgzNDEyWjAjBgkqhkiG9w0BCQQxFgQU71c3 srcDi9qhNOHPMwQZb9q2cwYwUgYJKoZIhvcNAQkPMUUwQzAKBggqhkiG9w0DBzAOBggqhkiG 9w0DAgICAIAwBwYFKw4DAgcwDQYIKoZIhvcNAwICAUAwDQYIKoZIhvcNAwICASgwDQYJKoZI hvcNAQEBBQAEgYAjrVa5wtklgrAIWH+v0TJj87mYg/1D/J3YifEHsYjsWF32L1GfKmWKTDtE ll0+f54V6OTo8PwOj5yz+4NmX5/NTV1iytPwpyecppOO5AQ5dn/dC7s+Ca/XP6HautWaTqE8 u8IkXcYif3x6SW8tOCSGKymS+wg5BOMaqlYLwdFFlg== --------------ms62DF643A2A3FF2B150704328-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message