Loren Pechtel wrote:Note that this is a real-world threat vector. Hidden flaws in random number generators can be used to decode secure communications, and why in the old days you couldn't export crypto with too big a key space.
tlb wrote:Just checking to see if we are on the same page.
It was my understanding that it was illegal to export a a cryto-system with too large a key, because too large a key meant that NSA would not be able to decrypt messages using that system in any reasonable amount of time.
Is that what you are saying, because it sounds like you said that too large a key made it easier to exploit flaws in pseudorandom number generators?
ThinksMarkedly wrote:He's saying that in the old days, too large keys were not allowed in exports because it would make it too hard for the NSA to crack. That's why the DES was using 56-bit keys back in the 1990s. I think ROT13 is more secure than that...
Loren Pechtel wrote:I'm comparing a flawed key generator to the restricted key space that was all that was allowed to be exported. Whether it's deliberate or accidental has nothing to do with the lack of difficulty in cracking it.
tlb wrote:I simply do not understand your point, because whether something is allowed to be exported is a legal issue and generally is related to the difficult of decryption. That is: the more difficult to decrypt, then the more restrictions on export.
ThinksMarkedly wrote:Loren can answer what he meant, but what I understood and meant myself was comparing a flawed RNG to the limitations that existed before 1996 (and those that still do if you don't register or isn't Open Source). I'm old enough that my first crypto application was PGPi: the international version of PGP, which was exported from the US by printing a book, which enjoyed First Amendment protections, and OCR-scanning it elsewhere(*).
The problem isn't legality, it's the effect: a limited key space makes brute-force attacking the the possible solutions much, much easier.
(*) DVD Jon later printed the encryption keys for DVDs on T-shirts and that enjoyed similar protections. IIRC, there were also songs of someone singing them...
I have included more of the conversation, because at the very beginning he stated that large key spaces were illegal to export because flaws in the random number generator made them easy to decrypt.
I then stated my understanding of why large key spaces were illegal to export and you basically restated what I said and attributed it to him.
Now we have your current statement:
1) legality was very much the question, because the law would not have been set up the way it was if big key spaces were easy to decrypt.
2) a flawed RNG is NOT comparable to the limitations that existed before 1996 and in fact is irrelevant to the discussion of what cryptographic software can be exported without restriction. (functionally a flawed RNG makes the key space equivalent to that of a smaller key, but the law does not not provide an exception for such flaws)
I am aware of various free speech fights that eventually got the law changed, but there still are restrictions on the export of strong cryptographic software and those have nothing to due with possible flaws in a random number generator. Take a look at this article:
NORTHWESTERN JOURNAL OF TECHNOLOGY AND INTELLECTUAL PROPERTY 2013
Here is the relevant portion:
The export of encryption products from the United States is regulated by a variety of governmental agencies. The primary regulator of encryption exports is the Commerce Department's Bureau of Industry and Security (BIS), which administers the Export Administration Regulations (EAR). The EAR govern the export of any dual-use commodities, including encryption systems.
Encryption products are regulated under Category 5, Part 2 of the EAR. Generally, if an item to be exported uses or contains cryptography, is not designed for medical end use, and does not limit the use of cryptography to intellectual property or copyright protection functions (as with a DVD), then the item is regulated under Category 5, Part 2. The regulations governing cryptography export have been relaxed in recent years, but still require exporters to determine for themselves the licenses and other documentation required for their software exports, taking into account the software to be exported, the person or entity to whom the software is being sold, and additional factors.
The first factor exporters must consider is the attributes of the software to be exported. One primary consideration is key length: Category 5, Part 2 specifies that encryption systems with key lengths of 56 bits or less for symmetric systems, or 512 bits or less for asymmetric systems, can be exported without restriction; however, those key lengths represent weak encryption, and strong encryption systems, which must use longer keys, face export restrictions. Furthermore, there is an exemption for so-called "mass market" encryption products; if an encryption product is generally available to the public, for home or personal use, without continuing support by the supplier (e.g., a personal email security program), then its export is not restricted by this section. A final important exemption is for products "when accompanying their user for the user's personal use or as tools of the trade . . ."; this allows users to, for example, travel with laptops and mobile phones that contain encryption capabilities (as essentially all do).