Xref: utzoo comp.unix.internals:1723 sci.crypt:4030
Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!sdd.hp.com!think.com!barmar
From: barmar@think.com (Barry Margolin)
Newsgroups: comp.unix.internals,sci.crypt
Subject: Re: DES export regulations.  And what to do about it!
Message-ID: <1991Jan3.232017.15364@Think.COM>
Date: 3 Jan 91 23:20:17 GMT
References: <1548@inews.intel.com> <1991Jan3.173546.9809@dramba.neis.oz> <14511@hoptoad.uucp>
Sender: news@Think.COM
Organization: Thinking Machines Corporation, Cambridge MA, USA
Lines: 36

In article <14511@hoptoad.uucp> gnu@hoptoad.uucp (John Gilmore) writes:
>People can endlessly debate the small points of the rules; I want to
>understand the big ones.  WHY SHOULD PRIVACY TECHNOLOGY BE ILLEGAL?
>Why does the US government think that privacy is something neither its
>subjects, nor the citizens of other countries, should have?

There are a couple of reasons.  First of all, it's high-tech, and there are
export regulations on most of our higher technologies.  I think the purpose
of this is to try to make sure we maintain the lead in *applications* of
high technology; for instance, we can maintain the lead in weather
simulation, which generally requires supercomputers, by making it hard for
foreigners to get supercomputers.  Also, smuggling high-tech devices to
enemy nations is frequently done by pretending to be a purchaser from a
friendly nation.

As far as DES in particular is concerned, the NSA is extremely (read
"overly") paranoid about foreigners getting our encryption technology.  A
few years ago the NSA tried to get all research on cryptology declared
"unclassified but sensitive."  This would have required all papers on
cryptology to be sent to the NSA for approval to publish, and foreigners
would generally not be allowed to attend conferences on cryptology.
It's not clear whether they're worried about foreigners learning how to
break our codes or use codes that we can't break; it's probably some of
both.

The academic community went up in arms about those restrictions, and I
think the NSA eventually gave up.  However, they did manage to get the
Commerce Dept to restrict export of encryption mechanisms, and this has
stuck.  Since no large companies depend heavily on such devices for their
income, there wasn't enough complaint to prevent it.

--
Barry Margolin, Thinking Machines Corp.

barmar@think.com
{uunet,harvard}!think!barmar