[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

BIO-MUNITION: gifs of perl-RSA tattoo




People have been reading the list for a while will be familiar with
this piece of perl code used as a non-exportable, supposedly ITAR
controlled .sig:


#!/bin/perl -s-- -export-a-crypto-system-sig -RSA-3-lines-PERL
$m=unpack(H.$w,$m."\0"x$w),$_=`echo "16do$w 2+4Oi0$d*-^1[d2%Sa
2/d0<X+d*La1=z\U$n%0]SX$k"[$m*]\EszlXx++p|dc`,s/^.|\W//g,print
pack('H*',$_)while read(STDIN,$m,($w=2*$d-1+length($n)&~1)/2)


which is an implementation of RSA encryption in perl optimised for
size.

A lot of list bandwidth a while back was consumed with discussion of
the T-shirt versions of this .sig.  More info on the .sig, and T-shirt at:

.sig:		http://www.dcs.ex.ac.uk/~aba/rsa/
t-shirts:	http://www.obscura.com/~shirt/

Update wrt the idea of using the .sig for a tattoo:

Richard White <[email protected]> had his wife (who is a tattoo
artist) put a tatto of this code on his forearm.

Gif of the Richard's tattoo now available here:

	http://www.dcs.ex.ac.uk/~aba/rsa/tattoo.html

This means that he may, technically, qualify as a munitions on the
USML, and as a result not be allowed to show the tattoo to a foreign
national in the US, nor leave the US.

Note it says _technically_ above, as there was much discussion on the
list re the shirts as to whether the shirt actually would ever be
classified as a munition due to the impracticality of using a shirt as
a distribution media, and silliness factor.  We shall see wrt the
shirt when and if Raph recieves a determination from his CJR for the
shirt.  (I would note that someone posted a while ago that they did
manage to get the barcode to scan, on I think one of Joel Furr's
shirts).  Also the secondary claim about whether or not ITAR
stipulates that a software item can be shown to a foreign national in
the US seems open to debate (some say ITAR strictly interpreted does
say this, others say not).

Also something about the anti-ITAR fight recently which was an eye
opener for me was that I took a look at Phil Karn's export page to do
with his ongoing battle against ITAR as applied to crypto, with the
Applied Crypto disk/book case:

	http://www.qualcomm.com/people/pkarn/export/

In his court transcripts there is a declaration by Phil Zimmermann in
connection with the Applied Crypto case, however he (PRZ) also
mentions the unofficial progress on his PGP source code book published
by MIT press.

PRZs declaration from bottom of:

	http://www.qualcomm.com/people/pkarn/export/zimm.html

> 10. I believe that the commodity jurisdiction request referred on page
> 28 of the Justice filing is the one which was filed by MIT Press for
> my book, PGP: Source Code and Internals. I am further informally
> advised that the National Security Agency has considered the Request
> and recommended that the book be controlled for export under the ITAR
> and that the Department of Commerce has recommended that it not be
> subject to ITAR controls.

Wow!  If this informal info is confirmed as the NSAs determination, it
will have interesting ramifications for the distinction between paper
based publications and electronic.  It will also reinforce Phil Karn's
use of the charge of "arbitrary, [and] capricious" enforcement on the
part of the NSA/ODTC, as the CJR for Applied Crypto in print form was
successful.

Adam