Subject: Re: NFS file handles are guessable.
To: der Mouse <mouse@rodents.montreal.qc.ca>
From: Rafal Boni <rkboni@concentric.net>
List: tech-security
Date: 03/31/1997 23:17:13
In message <199704010338.WAA22427@Twig.Rodents.Montreal.QC.CA>, you write: 

-> >>> Will this be "exportable"?
-> >> There does not appear to be any text in the current crypto
-> >> regulations which specifically control the export of random number
-> >> generators.
-> 
-> Question: what's the difference between a stream cipher and a
-> cryptographic-strength random number generator?
-> 
-> Answer: not much.

	Algorithmically, yes.  However, if the PRNG is designed in such a way
	that makes it hard for you to use it as a stream cipher (ie, use of
	a one-way function that makes it hard to "work upstream") the ITAR
	folks may be nicer to you when you want to export it (after all, 
	the 4.4BSD-derived OS'es now ship DES in the non-US libcrypt, with
	the difference being that the domestic libcrypt performs decryption
	while the export one does a "return (1); /* always fail */").

--rafal

(Actually, I'm in awe that the NSA let the CSRG and descendants export even
 that... Berzerkeley must have been owed some favors 8-)

----
Rafal Boni                                                rkboni@concentric.net