Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Posting-Version: version B 2.10.1 6/24/83; site cadvax
Path: utzoo!watmath!clyde!burl!ulysses!mhuxj!ihnp4!zehntel!hplabs!intelca!qantel!dual!amd!cae780!ubvax!megatest!cadvax!mab
From: mab@cadvax (Matt Bishop)
Newsgroups: net.crypt
Subject: Re: DES not available outside US?
Message-ID: <115@cadvax>
Date: Mon, 17-Sep-84 11:00:51 EDT
Article-I.D.: cadvax.115
Posted: Mon Sep 17 11:00:51 1984
Date-Received: Wed, 26-Sep-84 05:53:15 EDT
References: <21bdf834.1de6@apollo.uucp>
Organization: Megatest Corp., San Jose, CA
Lines: 51

These are just my opinions (except for the reference; that's a fact!)
If anyone knows anything more, I'd love to hear about it ...

> I am told that the Commerce Department forbids export of implementations
> of DES without license, because they don't want it to fall into enemy
> hands.  Is this true?

    I don't know, but I'd be surprised if the only reason anything was
forbidden to be exported is that it implemented the DES.  The algorithm is
available to the public; the reference is "Data Encryption Standard", FIPS
PUB 46, National Bureau of Standards, Washington, D.C.  (Jan. 1977).  It
seems pretty silly to ban export of an implementation if the algorithm is
not secret, UNLESS the reason for the banning of the implementation is
not related to the algorithm (as in being related to the technology of the
implementation.)

> Does this include the Unix routines setkey(),
> encrypt(), and crypt()?

Since UNIX is commercially available in Europe, I would guess there's no
problem here.  (Any of you in Europe care to confirm or deny that?) Besides,
this isn't a vanilla DES implementation (they perturb the E table as a function
of the salt.)

> The source code for these routines imply that
> the algorithm has already been published.  Has it?

Yes; see above.

> Is it the algorithm
> or the implementation that is banned?

As I say, if anything is banned, it's probably a specific implementation.

> How do various Unix vendors
> ship a working Unix system without DES?

Do they?  I don't know.  Anybody?

> - Jim Rees
> decvax!wivax!apollo!rees
> uw-beaver!apollo!rees
> jim@uw-beaver.arpa

-- 
	Peace,
					Matt Bishop

Don't look back -- they might be gaining!!!

decvax!decwrl!sun!megatest!mab		mab@megatest.UUCP@Shasta.ARPA