Re: Export restrictions ruled unconstitutional

Robert S. Thau (rst@ai.mit.edu)
Fri, 7 May 1999 08:33:11 -0400 (EDT)


Robert Harley writes:
> The decision doesn't affect binaries as far as I can tell. Wouldn't
> it be amusing if in the near future the only way to export software
> with strong security and privacy features from the U.S. was to ship
> the source code?

That is apparently the case already in quite a few countries, as a
result of the much-discussed addition of crypto to the rules for the
Wassenaar arms-control arrangement --- crypto was added to the
schedules, but with a specific exemption for "public domain" software
--- a legal term of art which means, in this context, not what it
means in coypright law, but actually something moderately close to
"open source".

As a sidelight, Neal ("Snowcrash") Stephenson's new book,
Cryptonomicon, is a novel which just happens to have, in an appendix,
what is claimed by the developer (Bruce Schneier, who wrote the
standard text on the subject) to be a military-grade secure cipher
which allows users to encrypt messages of nontrivial length using no
equipment other than, of all things, a pack of cards --- in
particular, no electronics of any kind. (The deck must include two
jokers, which are visually disinct; the text of the book also includes
an implementation of the cipher as a Perl script).

The algorithm ("Solitaire") is also featured on the home page of
Schneier's consulting outfit, www.counterpane.com. However, the
security analysis is not there yet, so use with caution until there's
been some real peer review.

rst