HPE Community
Operating System - HP-UX
1755764 Members
2781 Online
108838 Solutions
New Discussion юеВ

Export Commodity Classification Number (ECCN)

 
SOLVED
Go to solution
David DiBiase
Frequent Advisor

тАО08-29-2006 01:32 AM

тАО08-29-2006 01:32 AM

Export Commodity Classification Number (ECCN)


We have an application that uses crypt to hide passwords for external devices and systems that we connect to. My company now wants to sell this software outside the US and have requested that I identify encryption algorithms and modes as well as protocols that we use. Because I just use the facilities that HP-UX provides, where might I find documentation on algorithms and protocols??

I hope I am on the right track here??
0 Kudos
3 REPLIES 3
Peter Godron
Honored Contributor

тАО08-29-2006 01:46 AM

тАО08-29-2006 01:46 AM

Solution

Re: Export Commodity Classification Number (ECCN)

David,
from hp-site:
"crypt implements a one-rotor machine designed along the lines of the German Enigma, but with a 256-element rotor. Methods of attack on such machines are widely known; thus crypt provides minimal security."

Search the docs.hp.com site for crypt and/or have a look at the code.
e.g.
http://docs.hp.com/en/B3921-90010/crypt.1.html
0 Kudos
spex
Honored Contributor

тАО08-29-2006 01:50 AM

тАО08-29-2006 01:50 AM

Re: Export Commodity Classification Number (ECCN)

Hi,

From 'man crypt':

crypt(1) crypt(1)

NAME
crypt - encode/decode files

SYNOPSIS
crypt [password]

DESCRIPTION
crypt reads from the standard input and writes on the standard output.
password is a key that selects a particular transformation. If no
password is given, crypt demands a key from the terminal and turns off
printing while the key is being typed in. crypt encrypts and decrypts
with the same key:

crypt key cypher
crypt key
The latter command decrypts the file and prints the clear version.

Files encrypted by crypt are compatible with those treated by the ed
editor in encryption mode (see ed(1)).

Security of encrypted files depends on three factors: the fundamental
method must be hard to solve; direct search of the key space must be
infeasible; ``sneak paths'' by which keys or clear text can become
visible must be minimized.

crypt implements a one-rotor machine designed along the lines of the
German Enigma, but with a 256-element rotor. Methods of attack on
such machines are known, but not widely; moreover the amount of work
required is likely to be large.

The transformation of a key into the internal settings of the machine
is deliberately designed to be expensive; i.e., to take a substantial
fraction of a second to compute. However, if keys are restricted to,
for example, three lowercase letters, then encrypted files can be read
by expending only a substantial fraction of five minutes of machine
time.

Since the key is an argument to the crypt command, it is potentially
visible to users executing the ps or a derivative (see ps(1)). The
choice of keys and key security are the most vulnerable aspect of
crypt.


PCS
0 Kudos
David DiBiase
Frequent Advisor

тАО09-01-2006 01:23 AM

тАО09-01-2006 01:23 AM

Re: Export Commodity Classification Number (ECCN)

thanks for the help
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.