smb@ulysses.UUCP (Steven Bellovin) (09/17/84)
It is true that one cannot export crypt(3), or presumably other DES
implmentations, without a license. Curiously enough, during the debate
over whether or not DES was designed to be crackable by NSA, it was
pointed out that the key size chosen -- 56 bits, rather than the
original proposal of 112 -- was between the size that Commerce would
normally approve (<48 bits) and the size they'd block (>64 bits).
I confess I do not know why export is restricted. The details are
widely available, and the algorithm is clear enough that any halfway
competent COBOL programmer could implement it in a day or two. The
trick to effective use is probably to build the chips -- and the
countries that can do that can also devise encryption schemes of equal
strength. (For example, I pulled a random cryptology out of my bookcase
("Cipher Systems", by Beker and Piper), and found a complete description
of DES, including tables. Note that this book is published in the U.S.,
Canada, and the U.K. -- meaning that it's already beyond the reach of
the Department of Commerce.)
Hmm... There are rumors that once upon a time, the British shipped
obsolete cipher machines -- Enigmas! -- to their former colonies, so
that they could read traffic of interest. (Kahn, in "The
Codebreakers", reports allegations that the U.S. has pulled similar
stunts.) Given all of the allegations about how the NSA can crack DES,
maybe it's all a Tom Sayer-like stunt to entice folks to use it...mab@cadvax (Matt Bishop) (09/17/84)
These are just my opinions (except for the reference; that's a fact!) If anyone knows anything more, I'd love to hear about it ... > I am told that the Commerce Department forbids export of implementations > of DES without license, because they don't want it to fall into enemy > hands. Is this true? I don't know, but I'd be surprised if the only reason anything was forbidden to be exported is that it implemented the DES. The algorithm is available to the public; the reference is "Data Encryption Standard", FIPS PUB 46, National Bureau of Standards, Washington, D.C. (Jan. 1977). It seems pretty silly to ban export of an implementation if the algorithm is not secret, UNLESS the reason for the banning of the implementation is not related to the algorithm (as in being related to the technology of the implementation.) > Does this include the Unix routines setkey(), > encrypt(), and crypt()? Since UNIX is commercially available in Europe, I would guess there's no problem here. (Any of you in Europe care to confirm or deny that?) Besides, this isn't a vanilla DES implementation (they perturb the E table as a function of the salt.) > The source code for these routines imply that > the algorithm has already been published. Has it? Yes; see above. > Is it the algorithm > or the implementation that is banned? As I say, if anything is banned, it's probably a specific implementation. > How do various Unix vendors > ship a working Unix system without DES? Do they? I don't know. Anybody? > - Jim Rees > decvax!wivax!apollo!rees > uw-beaver!apollo!rees > jim@uw-beaver.arpa -- Peace, Matt Bishop Don't look back -- they might be gaining!!! decvax!decwrl!sun!megatest!mab mab@megatest.UUCP@Shasta.ARPA
jcp@brl-tgr.ARPA (Joe Pistritto <jcp>) (09/19/84)
You bet! In fact, if you order a System V distribution outside the US you don't get any of the DES routines, but get replacements based on some other algorithm. Its highly illegal to ship that stuff out of the country. And yes, its because they don't want the encryption technology getting into enemy hands. (I suppose it would make life too difficult for the spooks...) Although I CANT IMAGINE that no one in Russia can write a DES algorithm... -JCP-
earlw@pesnta.UUCP (Earl Wallace) (09/21/84)
How many "Soviets" have access to the entire UNIX* source? Think it is
impossible for AT&T to hire a Soviet spy to work on the UNIX* source? I
don't think the spy is going to put his/her profession on the resume. Or
for that matter, what about any major University out there -- just send your
spy to get a degree and have access to all sorts of goodies! Forget trying
to keep the DES out of Soviet hands, they already have it. The only good
that would come out of not shipping the DES routines overseas is to keep the
good guy honest because the bad guy will always find a way around the barrier.
--
Earl Wallace
UUCP: ..!{ihnp4, ucbvax!hplabs, ucbvax!twg}!pesnta!earlw
PHONE: (408) 727-5540 x230
USMAIL: Perkin-Elmer Corp., Santa Clara, Calif. 95054gwyn@brl-tgr.ARPA (Doug Gwyn <gwyn>) (09/21/84)
I think the foofaraw over exporting DES software/hardware is due primarily to bureaucratic rule enforcement, rather than realistic evaluation of the risk of this one PARTICULAR encryption scheme. If NSA can't crack a long stream of DES-encrypted text, then they are not as good as they used to be. Doubling the key size should make the length of text required go up by a factor of something like 4 to 8, which does not help much. The nonsense about arrays of thousands of DES chips is absurd; one should use cleverness in preference to brute force.
outer@utcsrgv.UUCP (Richard Outerbridge) (09/26/84)
Important Clarification: There are *no* export restrictions on DES material exported to *Canada* from the United States (this from the Office of Munitions Control in Washington). Going the other way, there are no export controls *at all* on cryptographic material (per se) exported from Canada to the United States (this from External Affairs in Ottawa). The U.S. exemption is an explicit exception, whereas very few Canadian export controls effect the United States at all. I agree the restriction on software is silly, it's obviously aimed at hardware implementations. As presented in the standard (hence as supplied with UNIX) the software is pretty useless for practical purposes anyway. One last point: the algorithm *has* been adopted as a software standard, and in that form is properly called the DEA. -- Richard Outerbridge <outer@utcsrgv.UUCP> 416 978 2742 Payload Deliveries: N 41 39'36", W 79 23'42", Elev. 106.47m.
chrisr@hcradm.UUCP (Chris Retterath) (09/27/84)
The UNITY/VMS system from HCR was recently brought up to System V release 2
standards. When ed(1) was first ported (a few months ago) we thought there
was something wrong with it lacking encryption -- further digging exposed
the export control problems.
Of course, being a Canadian company, the U.S. Department of Commerce
doesn't affect us -- our European and Far East customers will be getting
the crypt stuff ported in our existing system. Less anyone cry 'foul',
remember we are currently shipping crypt all over the world -- a switch
to release 2 of System V is not a good reason to stop.
( Actually, some Canadians do run into trouble with U.S. export
laws. All part of being a good ally, I guess. )
--
Chris Retterath
{decvax,utcsrgv,utzoo}!hcr!hcradm!chrisr
also available: ....!cygnus!chrisouter@utcsrgv.UUCP (Richard Outerbridge) (09/28/84)
Well Chris, I don't know, but I *thought* that the export of all cryptographic devices and technical data in any material form not already in the public domain was controlled to *all* countries except the United States. DES is obviously in the public domain - but I don't know about UNIX crypt(1) or crypt(3). Has HCR ever checked this out with External Affairs? -- Richard Outerbridge <outer@utcsrgv.UUCP> 416 978 2742 Payload Deliveries: N 41 39'36", W 79 23'42", Elev. 106.47m.