[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
No Subject
Press Release
Pretty Good Privacy Receives Government Approval to Export
Strong Encryption
SAN MATEO, Calif., May 28, 1997 -- Pretty Good Privacy, Inc.
(www.pgp.com), the world leader in digital privacy and security
software, today announced that the U.S. Department of Commerce
has approved the export of Pretty Good Privacy's encryption
software to the overseas offices of the largest companies in the
United States. This makes Pretty Good Privacy the only U.S.
company currently authorized to export strong encryption
technology not requiring key recovery to foreign subsidiaries
and branches of the largest American companies.
Click here to view the list of approved companies.
The approval allows Pretty Good Privacy to export strong,
128-bit encryption without a requirement that the exported
products contain key recovery features or other back doors that
enable government access to keys. More than one-half of the
Fortune 100 already use PGP domestically to secure their
corporate data and communications.
"Now we are able to export strong encryption technology to the
overseas offices of more than 100 of the largest companies in
America, without compromising the integrity of the product or
the strength of the encryption," said Phil Dunkelberger,
President of Pretty Good Privacy, Inc. "We worked closely with
the State Department when they controlled the export of
encryption, and are now working with the Commerce Department.
And we have never had a license application denied."
The license allows export of strong encryption technology,
without government access to keys, to the overseas subsidiaries
and branch offices of more than 100 of the largest American
companies, provided that the offices are not located in
embargoed countries, namely Cuba, Iran, Iraq, Libya, North
Korea, Sudan or Syria.
"As far as we know, Pretty Good Privacy, Inc. is now the only
company that has U.S. government approval to sell strong
encryption to the worldwide subsidiaries and branch offices of
such a large number of U.S. corporations, without having to
compromise on the strength of the encryption or add schemes
designed to provide government access to keys," said Robert H.
Kohn, vice president and general counsel of Pretty Good Privacy.
"Pretty Good Privacy still opposes export controls on
cryptographic software, but this license is a major step toward
meeting the global security needs of American companies."
The U.S. government restricts the export of encryption using key
lengths in excess of 40 bits. However, 40-bit cryptography is
considered "weak," because it can be broken in just a few hours.
Generally, the U.S. government will grant export licenses for up
to 56-bit encryption if companies commit to develop methods for
government access to keys. For anything over 56 bits, actual
methods for government access must be in place.
Pretty Good Privacy's license permits the export of 128-bit or
"strong" encryption, without any requirement of a key recovery
mechanism that enables government access to the data. A message
encrypted with 128-bit PGP software is
309,485,009,821,341,068,724,781,056 times more difficult to
break than a message encrypted using 40-bit technology. In fact,
according to estimates published by the U.S. government, it
would take an estimated 12 million times the age of the
universe, on average, to break a single 128-bit message
encrypted with PGP.
"Pretty Good Privacy, Inc. has been working diligently to ensure
compliance with the export control laws. Clearly, the Commerce
Department recognizes the needs of reputable American companies
to protect their intellectual property and other sensitive
business information using strong cryptography," said Roszel C.
Thomsen II, partner at the law firm of Thomsen and Burke LLP.
"User demand for strong cryptography is growing worldwide," said
Marc Rotenberg, director of Electronic Privacy Information
Center, and a leading privacy-rights advocate. "This is just one
more example of the need to remove obstacles to the export of
the best products the U.S. can provide."
Companies that are approved for the export of Pretty Good
Privacy's strong encryption should contact Pretty Good Privacy's
sales office at 415.572.0430 or visit the company's web site at
www.pgp.com. Companies that are not currently on the list of
licenses obtained by Pretty Good Privacy, but would like to gain
approval to use strong encryption in their branch offices and
subsidiaries around the world, should also contact Pretty Good
Privacy at 415.572.0430 for information about how to be included
in future government-approved export licenses for PGP.
About Pretty Good Privacy, Inc.
Pretty Good Privacy (www.pgp.com), founded in March 1996, is the
leading provider of digital-privacy products for private
communications and the secure storage of data for businesses and
individuals. Pretty Good Privacy's original encryption software
for email applications (PGP) was distributed as freeware in 1991
by Phil Zimmermann, Chief Technical Officer and Founder of
Pretty Good Privacy, and allowed individuals, for the first
time, to send information without risk of interception. With
millions of users, it has since become the world leader in email
encryption and the de facto standard for Internet mail
encryption. Over one half of the Fortune 100 companies use PGP.
In order to provide only the strongest encryption software,
Pretty Good Privacy publishes all of its encryption source code
and algorithms for extensive peer review and public scrutiny.
The company can be reached at 415.572.0430; http://www.pgp.com.
For more information, please contact Mike Nelson, Pretty Good
Privacy's Director of Corporate Communications, at 415.524.6203.