|
Governmental Regulations |
|
The new U.S. regulations are based on the Wassenaar Arrangement Revision of 1998, where exports without license of 56 bit DES and similar products are allowed after a technical review, just like encryption commodities and software with key lengths of 64-bits or less which meet the mass market requirements. For more information see: http://www.wassenaar.org/
Seven states stay excluded from the new freedom. These are states like Libya, Iraq, Iran, North Korea and Cuba, altogether states seen as terrorist supporting. No encryption tools may be exported into those countries.
This is, what happened in the USA, whereas in Germany the issue of a cryptography-law is still on the agenda. Until now, in Germany, everyone can decide by her-/himself, whether she/he wants to encrypt electronic messages or not. Some organizations fear that this could get changed soon. Therefore an urgent action was organized in February 2000 to demonstrate the government that people want the freedom to decide on their own. One governmental argument is that only very few people actually use cryptography. Therefore the urgent action is organized as a campaign for using it more frequently.
For more information on this see: http://www.heise.de/ct/97/04/032/ http://www.fitug.de/ulf/krypto/verbot.html#welt
Other European countries have more liberate laws on cryptography, like France. Austria doesn't have any restrictions at all, probably because of a governmental lack of interest more than accepting freedom. The (former) restrictions in the bigger countries influenced and hindered developments for safer key-systems, e.g. the key-length was held down extraordinarily.
"Due to the suspicious nature of crypto users I have a feeling DES will be with us forever, we will just keep adding keys and cycles (...). There is a parallel between designing electronic commerce infrastructure today that uses weak cryptography (i.e. 40 or 56 bit keys) and, say, designing air traffic control systems in the '60s using two digit year fields. (...) Just because you can retire before it all blows up doesn't make it any less irresponsible." (Arnold G. Reinhold)
The Chinese State Encryption Management Commission (SEMC) announced in March 2000 that only strong encryption tools will have to be registered in the future. Which sounds so nice on first sight, does not mean a lot in reality: any kind of useful encryption technique, like the PGP, stay under governmental control.
The restrictions and prohibitions for cryptography are part of the states' wish to acquire more control - in the name of the battle against criminality, probably? Due to the emerging organized criminality the governments want to obtain more freedom of control over citizens. Organizations like the NSA appear as the leaders of such demands. What about civil rights or Human Rights?
|
|
cryptology
also called "the study of code". It includes both, cryptography and cryptoanalysis
|
|
|