On Sun, Sep 18, 2005, amineh salehi wrote: > hello every one > I have some question about 40 bits key, please reply me if you know the > answer. > 1.in applications that use openssl, the session keys are 40 bit or 128 bit? > 2.how can 40 bits key be changed to 128 bits in this application( for example > IE & Mozilla) > 3.if i can use openssl for application what is the size of key(secure size)? > 4.in USA & Caneda how can they use the keys with nonexport key size? > I'm very very thank you for your attention.
You don't really say what protocol, application or what kind of key so I'll assume you mean SSL/TLS, between a web browser and an OpenSSL server and the symmetric algorithm key. When a broswer connects to a server using SSL/TLS the server is given a list of the supported ciphersuites in order of preference. The server then (normally) selects the highest preference cipher it is configured to use. That's the default behaviour: this can be modified. The actual symmetric key size used thus depends on the browser. It will typically be 128 bits (for the RC4 algorithm) or can be as much as 256 bits if AES is supported. All modern browsers will support at least 128 bit symmetric keys. Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Funding needed! Details on homepage. Homepage: http://www.drh-consultancy.demon.co.uk ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
