Date: Mon, 19 Jun 1995 16:31:20 -0400 From: Garrett Wollman <wollman@halloran-eldar.lcs.mit.edu> To: Poul-Henning Kamp <phk@freefall.cdrom.com> Cc: current@FreeBSD.org Subject: Re: Crypto code - an architectural proposal. Message-ID: <9506192031.AA09366@halloran-eldar.lcs.mit.edu> In-Reply-To: <199506192018.NAA08709@freefall.cdrom.com> References: <199506192012.WAA00163@grumble.grondar.za> <199506192018.NAA08709@freefall.cdrom.com>
next in thread | previous in thread | raw e-mail | index | archive | help
<<On Mon, 19 Jun 1995 13:18:34 -0700 (PDT), Poul-Henning Kamp <phk@freefall.cdrom.com> said: >> If the state department has a problem (or potential problem) with the >> crypt(3) in libdescrypt, why is there _no_ problem with the MD5 crypt(3)? >> They are functionally equivalent. Was the MD5 version even vetted? > MD5 cannot decrypt. It's more than that; the same is true of the DES crypt(). The significant difference between the two is that the DES crypt() is based on real encryption software which has been specially broken, whereas MD5 was designed from the ground up as a one-way hash function, and is thus not even potantially subject to export controls. (At least until the State Department learns that any one-way hash function can be used for encryption with a little effort.) -GAWollman -- Garrett A. Wollman | Shashish is simple, it's discreet, it's brief. ... wollman@lcs.mit.edu | Shashish is the bonding of hearts in spite of distance. Opinions not those of| It is a bond more powerful than absence. We like people MIT, LCS, ANA, or NSA| who like Shashish. - Claude McKenzie + Florent Vollant
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?9506192031.AA09366>