From owner-freebsd-security Sun May 2 23:14:33 1999 Delivered-To: freebsd-security@freebsd.org Received: from fledge.watson.org (fledge.watson.org [204.156.12.50]) by hub.freebsd.org (Postfix) with ESMTP id 862C41500B for ; Sun, 2 May 1999 23:14:29 -0700 (PDT) (envelope-from robert@cyrus.watson.org) Received: from fledge.watson.org (robert@fledge.pr.watson.org [192.0.2.3]) by fledge.watson.org (8.8.8/8.8.8) with SMTP id CAA17176; Mon, 3 May 1999 02:11:02 -0400 (EDT) (envelope-from robert@cyrus.watson.org) Date: Mon, 3 May 1999 02:11:02 -0400 (EDT) From: Robert Watson X-Sender: robert@fledge.watson.org Reply-To: Robert Watson To: 0x1c Cc: "Harry M. Leitzell" , Poul-Henning Kamp , The Tech-Admin Dude , Brian Beaulieu , freebsd-security@FreeBSD.ORG Subject: Re: Blowfish/Twofish In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org I don't believe so, as long as they are not just crypto algorithms. I.e., I believe our DES hashing is not exportable, whereas our MD5 hashing is. In a sense, it's all a matter of perspective on how you use an algorithm. It's all just mathematics, right? Sort of like you can't patent mathematical formulas, but you can patent algorithms. :) So SHA-1 support for FreeBSD would be quite exportable, I'd imagine, and would probably make a worthwhile addition. I don't see Blowfish as a great addition other than the interoperability concerns expressed previously. Far more important, in my mind, is making the IPsec/IPv6 code part of the base distribution. If I really want your password, I'll sniff it or trojan a binary once I have root, something that I already have to have to get your password file in almost all cases. On Mon, 3 May 1999, 0x1c wrote: > On a similar note, is there any restriction on one-way hashing algorithms? > I forget. > > Nick > > On Sat, 1 May 1999, Harry M. Leitzell wrote: > > > I am unaware of the restriction laws placed upon the US in terms of > > encryption. Could someone clarify them for me? > > > > 1) If Robert were to write code on a machine that is in a foreign > > country, would it have been considered exported? (Xterm on a cs.hut.fi > > machine for example to code in) Even if he is in the US while doing so? > > > > 2) Can we still do the moving by paper to another country and > > scanning it in? Is that legitimate or been deemed illegal? > > > > 3) If I write a disk encryptor that sits on the MBR and transfer the > > disk out of country, is that a no-no? > > > > Thanks > > > > On Sat, 1 May 1999, Robert Watson wrote: > > > > > > > > So I'd gladly write this code, as well as do a number of other > > > crypto-related things, but I'm inside the US. Someone outside the US will > > > have to take this initiative, I'm afraid. > > > > > > I'd recommend against using Blowfish--go for Twofish. > > > > > > On Sat, 1 May 1999, Poul-Henning Kamp wrote: > > > > > > > In message , The Tech-Admin Du > > > > de writes: > > > > > > > > >This is something i've wanted to know for a long time :).. It should adopt > > > > >the passwd.conf settings from OpenBSD with selection of encryption, ratio, > > > > >etc.. OpenBSD has a very good feature with that and it would be great if > > > > >FreeBSD adopted it! :-) > > > > > > > > Make patches > > > > send-pr > > > > > > > > -- > > > > Poul-Henning Kamp FreeBSD coreteam member > > > > phk@FreeBSD.ORG "Real hackers run -current on their laptop." > > > > FreeBSD -- It will take a long time before progress goes too far! > > > > > > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > > > with "unsubscribe freebsd-security" in the body of the message > > > > > > > > > > > > > Robert N Watson > > > > > > robert@fledge.watson.org http://www.watson.org/~robert/ > > > PGP key fingerprint: AF B5 5F FF A6 4A 79 37 ED 5F 55 E9 58 04 6A B1 > > > > > > Carnegie Mellon University http://www.cmu.edu/ > > > TIS Labs at Network Associates, Inc. http://www.tis.com/ > > > Safeport Network Services http://www.safeport.com/ > > > > > > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > > with "unsubscribe freebsd-security" in the body of the message > > > > > > > [-=--=-=--=-=--=-=--=-=--=-=--=-=--=-=--=-=--=-=--=-=--=-=--=-] > > Harry M. Leitzell - Harry_M_Leitzell@cmu.edu > > Carnegie Mellon University > > Finger for PGP Public Key > > [-=--=-=--=-=--=-=--=-=--=-=--=-=--=-=--=-=--=-=--=-=--=-=--=-] > > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe freebsd-security" in the body of the message > > > > -- > Therefore those skilled at the unorthodox are as infinite as heaven and > earth, inexhaustible as the great rivers. -- Sun Tzu, The Art of War > > Robert N Watson robert@fledge.watson.org http://www.watson.org/~robert/ PGP key fingerprint: AF B5 5F FF A6 4A 79 37 ED 5F 55 E9 58 04 6A B1 Carnegie Mellon University http://www.cmu.edu/ TIS Labs at Network Associates, Inc. http://www.tis.com/ Safeport Network Services http://www.safeport.com/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message