Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Path: utzoo!mnetor!uunet!husc6!mit-eddie!genrad!decvax!ucbvax!ulysses!smb
From: smb@ulysses.homer.nj.att.com (Steven Bellovin)
Newsgroups: sci.crypt
Subject: Re: An interesting message from SECURITY-DIGEST@RUTGERS
Message-ID: <3087@ulysses.homer.nj.att.com>
Date: Sun, 11-Oct-87 17:50:14 EDT
Article-I.D.: ulysses.3087
Posted: Sun Oct 11 17:50:14 1987
Date-Received: Tue, 13-Oct-87 00:17:10 EDT
References: <7449@reed.UUCP> <8746@utzoo.UUCP>
Organization: AT&T Bell Laboratories, Murray Hill
Lines: 10
Keywords: NSA, DES, STU-III

> ... (It IS a federal law that
> no cipher may be used for international traffic that NSA can't break...

I know of no such law.  However, I've read of a ruling which may (or may
not) have a similar impact in practice if not in theory.  That is, the
Export Control regulations prohibit export of cryptographic equipment with
a key length greater than >64 bits, but permit such export if the key
length is less than 48 bits.  This was pointed out during the debate
over whether or not NSA sandbagged DES, since the key length was reduced
to 56 bits from the original 112.