From msuinfo!agate!howland.reston.ans.net!cs.utexas.edu!uunet!mnemosyne.cs.du.edu!nyx10!mpjohnso Wed Jan 26 22:53:02 1994
Newsgroups: sci.crypt
Path: msuinfo!agate!howland.reston.ans.net!cs.utexas.edu!uunet!mnemosyne.cs.du.edu!nyx10!mpjohnso
From: mpjohnso@nyx10.cs.du.edu (Michael Johnson)
Subject: Re: Exportable crypto algorithm needed
Message-ID: <1994Jan17.164638.13755@mnemosyne.cs.du.edu>
X-Disclaimer: Nyx is a public access Unix system run by the University
 	of Denver for the Denver community.  The University has neither
 	control over nor responsibility for the opinions of users.
Sender: usenet@mnemosyne.cs.du.edu (netnews admin account)
Organization: Nyx, Public Access Unix at U. of Denver Math/CS dept.
References: <940116.74076.ROY_GRIFFIN@delphi.com>
Date: Mon, 17 Jan 94 16:46:38 GMT
Lines: 32

ROY_GRIFFIN@delphi.com writes:

>I am designing some security into a product that will be sold in Mexico.
>I need a crypto algorithm that is exportable, cheap (preferably free)
>and will fit easily into a microcontroller. DES would do what I need but
>I don't want to have to deal with the export hastle. The security
>requirements are not all that stringent - just something to thwart the
>garden variety hacker. If you know of something that might do the trick
>I would appreciate a posting here. Thanks.
> 
IF you don't supply source code and IF you limit key size to exactly 40
bits (no cheating) and IF you take steps to thwart multiple encryption
(like maybe a known plaintext header), THEN MPJ2 is both exportable and
free.  Actually, if you always load all but 40 bits of the DES key with
a constant and provide that constant to the NSA, along with a way of 
recognizing your product's output, then you might be able to talk the
NSA into that, too.  More information on MPJ2 is available for ftp from
csn.org:mpj/I_will_not_export/?/mpj/mpj2* (read mpj/README.MPJ to find
out the ? directory name).  The NSA has already looked at MPJ2 and 
verbally indicated to me that it would approve a product meeting the
above conditions.  Be advised that unless you can strictly limit the
key size (MPJ2 is a variable length key algorithm optimized for keys
in the 128-256 bit range), then MPJ2 is way too strong to export.

If you don't have enough space in your microcontroller for the required
tables to encrypt with MPJ2 (at least 32K), then key length crippled
DES may be better.

                                        Mike Johnson
                                        mpj@csn.org
(aka mpjohnso@nyx.cs.du.edu)