[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: ITARs and the Export of Classes and Methods
At 6:44 AM 5/1/96, Bill Frantz wrote:
>At 11:49 AM 4/30/96 -0700, Timothy C. May wrote:
>>An interesting situation for the ITARs, if they try to restrict bignum
>>classes, for example. A class-based system, if done correctly (in whatever
>>language, e.g., C++ or Java), should have _most_ of the hard crypto work
>>already implemented in classes and methods (for bignums, modular
>>exponentiation, etc.), with the final crypto program much more easily
>>implemented and exported.
>
>Certain languages, e.g. Smalltalk, and I believe lisp and scheme, have
>bignums as a built-in type. (Or more specifically, their integer types are
>limited in size only by available memory.) I believe these languages are
>freely exportable.
As it happens, the three languages I am most familiar with and have on my
Macintosh at this moment are: Smalltalk, Scheme, and Mathematica. All
support bignums (arbitrarily long, limited only by local environment
considerations).
However, I seem to recall some "not exportable" stickers on at least the
Mathematica box. It's not handy, but I recollect one of those black
stickers one finds in such cases. (It might be that it contains functions
for FFTs, for example, or it might be something else....)
>Your problem stays here in the good ol' USA. You can't implement RSA
>directly in these languages (I assume RSA in perl has the same problem),
>because of the patent restrictions. Yet another reason to buy a T-shirt.
About implementing RSA in one of these languages, it's fine if it's done
for educational purposes, as Jim Bidzos told me a few years ago. RSA is a
programming example in a couple of Mathematica books, for example.
Implementing a system and deploying it (as a "system") changes things.
But I think we can all agree that we are moving toward a situation where
class libraries in languages implement a large fraction of a working
cryptographic system, and the pieces only need to be glued together.
It gets real hard to control the spread of crypto when this is the case.
(It's already hard, but it will get even harder.)
With Microsoft deciding to put a Java Virtual Machine in every copy of
Windows * shipped, along with similar deals of course already in the works
for other major environments, it seems to me that crypto developers should
build with this in mind.
The NSA must be going nuts thinking about this.
--Tim May
Boycott "Big Brother Inside" software!
We got computers, we're tapping phone lines, we know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May | Crypto Anarchy: encryption, digital money,
[email protected] 408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA | knowledge, reputations, information markets,
Licensed Ontologist | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."