[ISN] US Crypto policy hurting American business...

From: mea culpa (jerichoat_private)
Date: Wed Jun 10 1998 - 15:36:26 PDT

  • Next message: mea culpa: "[ISN] NA to acquire Dr Solomon... Strong Crypto Kills?"

    Forwarded From: Anton J Aylward <anton@the-wire.com>
    
    >From http://www.westcoast.com/newsdigest/isn_may97.htm
    
    British Firms Throw Down Encryption Gauntlet 
    
    UK Web Limited and C2Net Software have teamed up and released an
    encryption package called SafePassage Web Proxy. The package, which
    supports 128- and 168-bit proxy encryption, is claimed to steamroller
    current US encryption legislation that limits encryption exports to a
    maximum of 56-bits. 
    
    "This product, developed entirely outside the United States, provides full
    strength, non-escrowed cryptography for users of any standard web
    browser," explained Sameer Parekh, C2Net's president. 
    
    According to C2Net, current versions of browsers such as Netscape
    Navigator and Microsoft Internet Explorer are exported from the US and are
    forced by government to use weak encryption. This weak encryption, the
    company claims, has been repeatedly broken by online groups such as the
    'Cypherpunks'. 
    
    C2Net claims that, without the protection offered by strong encryption,
    any communication over the Internet may be read by eavesdroppers as it
    travels to its destination. Strong encryption, the company claims, is
    required to protect any sensitive data such as bank account, trade secrets
    or sensitive personal information. 
    
    "We don't believe in using codes so weak that foreign governments,
    criminals or bored college students can break them," Parekh said, adding
    that the company opposes plans to put all of a user's cryptography keys in
    a few places, "where they can be sold to the highest bidder." 
    
    "Companies like HP and IBM, bowing to government pressure, have been
    promoting 'key recovery' plans that would require centralised key storage
    and easy government access to or abuse of cryptography keys," he noted. 
    
    According to Parekh, this will only create "fat, tempting targets" for
    hackers and spies, that are still restricted to relatively short key
    lengths. 
    
    SafePassage is an add-on product that will work with any standard web
    browser. Acting as an intermediary, or proxy, it intercepts outgoing
    secure connections and transforms them so that they use full-strength
    cryptography. It is billed as supporting secure connections using strong
    cryptography for any browser that supports standard secure socket layer
    (SSL) tunnelling, a feature normally used by firewall software. The
    package currently runs on Windows 3.1, Windows 95 and Windows NT. 
    
    Evaluation versions of SafePassage may be downloaded at no cost from UK
    Web's site at http://stronghold.ukweb.com/safepassage. A single user
    licence for the software is 32. Prices for volume licensing start at 650
    for 50 users. 
    
    
    -o-
    Subscribe: mail majordomoat_private with "subscribe isn".
    Today's ISN Sponsor: Repent Security Incorporated [www.repsec.com]
    



    This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 12:55:40 PDT