Symmetric Cryptographic Algorithms
Articles and Tips: qna
01 May 1998
Q.
Which symmetric cryptographic algorithms does Novell support?
A.
Since PKIS doesn't use symmetric algorithms, this is not an issue for PKIS. NICI, on the other hand, supports RC2, RC4, DES, and 3DES, but not IDEA. We believe that our SSL server will support all of the algorithms that NICI supports (those listed above), as well as provide for secure and graded authentications in future releases for those who want this level of access control.
Constraints on the key lengths permitted for export depend on the details of licensing. Given that these things often change, the present understanding is that we will not be able to export more than 40-bit encryption, unless or until we file for a Key Management Infrastructure license exception which commits Novell to producing a key escrow version of the software. Key recovery is included in the initial version of PKIS.
Again, Novell is interested in any input on your need for the various forms of key recovery and key escrow, especially where a Key Recovery Center would be needed for foreign government approval (as a trade-off for allowing the exportation of up to #DES). On the other hand, if you have knowledge that you would not buy Novell products unless they had at least 56-bit DES, or even 3DES, it would also be very useful input, especially if you can provide particular information as to what non-US source they would use for such encryption. Please send input to the e-mail account listed below.
* Originally published in Novell AppNotes
Disclaimer
The origin of this information may be internal or external to Novell. While Novell makes all reasonable efforts to verify this information, Novell does not make explicit or implied claims to its validity.