Thank you Lars & Ken.

For Lars I have in the past had more or less the same experience in the past
in regards to porting/using encryption on the HP3000.

But, I am still going to try for a commercially workable product for this
platform as well as being cross-platform compatible.

To Ken, thank you. I have a neighbor who works in an admin. capacity for
HCFA and I have been trying to locate further specs than what he could
provide.

This gives me something to start with, even though I am leery of dealing
with the 160+ Elliptical Curve systems. For nothing else, I am not
interested in getting that acquainted with the local USA Justice department
and their representatives.

An idea or argument may be that since the Fed's mandate this then would this
not be entrapment?

A levity for thought.

Tom


"Ken Hirsch" <[log in to unmask]> wrote in message
news:9430790stj@enews2.newsguy.com...
> Gavin Scott <[log in to unmask]> wrote:
> > Thomas writes:
> > > So being, I have take ownership of a 928 with the purposes of creating
a
> > > commercially available 128 minimum standards and hope to have
> > > something out later this year.
> >
> > Should not be too hard.
> >
> > > My former client needs 128 bit, with a public key, to meet HCFA
> standards.
> >
> > This is a rather imprecise specification of your requirements.  For
> example,
> > I'm aware of no public key algorithms for which 128 bits is a secure key
> > size.  Are you aware of how public key cryptography is typically used?
>
> There are (usually) two encryption algorithms used with public-key
> encryption.  The public keys are used to exchange random keys that are
used
> for just one session or one file.  If the inner key is too short, the
> message can still be decoded by brute force.   The government has always
> allowed 40-bit SSL to be exported, but has been picky about 128-bit SSL.
>
> The HCFA Internet security policy is outlined at
> http://www.hcfa.gov/security/isecplcy.htm
>
>