Export of cryptography from the United States

Last updated
Export-restricted RSA encryption source code printed on a T-shirt made the T-shirt an export-restricted munition, as a freedom of speech protest against U.S. encryption export restrictions (Back side). Changes in the export law means that it is no longer illegal to export this T-shirt from the U.S., or for U.S. citizens to show it to foreigners. Munitions T-shirt (front).jpg
Export-restricted RSA encryption source code printed on a T-shirt made the T-shirt an export-restricted munition, as a freedom of speech protest against U.S. encryption export restrictions (Back side). Changes in the export law means that it is no longer illegal to export this T-shirt from the U.S., or for U.S. citizens to show it to foreigners.

The export of cryptography from the United States to other countries has experienced various levels of restrictions over time. [2] World War II illustrated that code-breaking and cryptography can play an integral part in national security and the ability to prosecute war. Changes in technology and the preservation of free speech have been competing factors in the regulation and constraint of cryptographic technologies for export.

Contents

History

Cold War era

In the early days of the Cold War, the U.S. and its allies developed an elaborate series of export control regulations designed to prevent a wide range of Western technology from falling into the hands of others, particularly the Eastern bloc. All export of technology classed as 'critical' required a license. CoCom was organized to coordinate Western export controls.

Two types of technology were protected: technology associated only with weapons of war ("munitions") and dual use technology, which also had commercial applications. In the U.S., dual use technology export was controlled by the Department of Commerce, while munitions were controlled by the State Department. Since in the immediate post WWII period the market for cryptography was almost entirely military, the encryption technology (techniques as well as equipment and, after computers began to play a larger role in modern life, crypto software) was included as "Category XI - Miscellaneous Articles" and later "Category XIII - Auxiliary Military Equipment" item into the United States Munitions List on November 17, 1954. The multinational control of the export of cryptography on the Western side of the cold war divide was done via the mechanisms of CoCom.

By the 1960s, however, financial organizations were beginning to require strong commercial encryption on the rapidly growing field of wired money transfer. The U.S. Government's introduction of the Data Encryption Standard in 1975 meant that commercial uses of high quality encryption would become common, and serious problems of export control began to arise. Generally these were dealt with through case-by-case export license request proceedings brought by computer manufacturers, such as IBM, and by their large corporate customers.

PC era

Netscape Navigator Install Disk stating "Not For export" Netscape Navigator 1.1 for Macintosh Install Disk.jpg
Netscape Navigator Install Disk stating "Not For export"

Encryption export controls became a matter of public concern with the introduction of the personal computer. Phil Zimmermann's PGP encryption software and its distribution on the Internet in 1991 was the first major 'individual level' challenge to controls on export of cryptography. The growth of electronic commerce in the 1990s created additional pressure for reduced restrictions. VideoCipher II also used DES to scramble satellite TV audio.

In 1989, non-encryption use of cryptography (such as access control and message authentication) was removed from export control with a Commodity Jurisdiction. In 1992, an exception was formally added in the USML for non-encryption use of cryptography (and satellite TV descramblers) and a deal between NSA and the Software Publishers Association made 40-bit RC2 and RC4 encryption easily exportable using a Commodity Jurisdiction with special "7-day" and "15-day" review processes (which transferred control from the State Department to the Commerce Department). At this stage Western governments had, in practice, a split personality when it came to encryption; policy was made by the military cryptanalysts, who were solely concerned with preventing their 'enemies' acquiring secrets, but that policy was then communicated to commerce by officials whose job was to support industry.

Shortly afterward, Netscape's SSL technology was widely adopted as a method for protecting credit card transactions using public key cryptography. Netscape developed two versions of its web browser. The "U.S. edition" supported full size (typically 1024-bit or larger) RSA public keys in combination with full size symmetric keys (secret keys) (128-bit RC4 or 3DES in SSL 3.0 and TLS 1.0). The "International Edition" had its effective key lengths reduced to 512 bits and 40 bits respectively (RSA_EXPORT with 40-bit RC2 or RC4 in SSL 3.0 and TLS 1.0). [3] Acquiring the 'U.S. domestic' version turned out to be sufficient hassle that most computer users, even in the U.S., ended up with the 'International' version, [4] whose weak 40-bit encryption can currently be broken in a matter of days using a single computer. A similar situation occurred with Lotus Notes for the same reasons.

Legal challenges by Peter Junger and other civil libertarians and privacy advocates, the widespread availability of encryption software outside the U.S., and the perception by many companies that adverse publicity about weak encryption was limiting their sales and the growth of e-commerce, led to a series of relaxations in US export controls, culminating in 1996 in President Bill Clinton signing the Executive Order 13026 transferring the commercial encryption from the Munition List to the Commerce Control List. Furthermore, the order stated that, "the software shall not be considered or treated as 'technology'" in the sense of Export Administration Regulations. The Commodity Jurisdiction process was replaced with a Commodity Classification process, and a provision was added to allow export of 56-bit encryption if the exporter promised to add "key recovery" backdoors by the end of 1998. In 1999, the EAR was changed to allow 56-bit encryption (based on RC2, RC4, RC5, DES or CAST) and 1024-bit RSA to be exported without any backdoors, and new SSL cipher suites were introduced to support this (RSA_EXPORT1024 with 56-bit RC4 or DES). In 2000, the Department of Commerce implemented rules that greatly simplified the export of commercial and open source software containing cryptography, including allowing the key length restrictions to be removed after going through the Commodity Classification process (to classify the software as "retail") and adding an exception for publicly available encryption source code. [5]

Current status

As of 2009, non-military cryptography exports from the U.S. are controlled by the Department of Commerce's Bureau of Industry and Security. [6] Some restrictions still exist, even for mass market products; particularly with regards to export to "rogue states" and terrorist organizations. Militarized encryption equipment, TEMPEST-approved electronics, custom cryptographic software, and even cryptographic consulting services still require an export license [6] (pp. 6–7). Furthermore, encryption registration with the BIS is required for the export of "mass market encryption commodities, software and components with encryption exceeding 64 bits" (75 FR 36494). For elliptic curves algorithms and asymmetric algorithms, the requirements for key length are 128 bit and 768 bits, respectively. [7] In addition, other items require a one-time review by, or notification to, BIS prior to export to most countries. [6] For instance, the BIS must be notified before open-source cryptographic software is made publicly available on the Internet, though no review is required. [8] Export regulations have been relaxed from pre-1996 standards, but are still complex. [6] Other countries, notably those participating in the Wassenaar Arrangement, [9] have similar restrictions. [10] On March 29, 2021 the Implementation of Wassenaar Arrangement 2019 Plenary Decisions [11] was published in the Federal Register. This rule included changes to license exception ENC Section 740.17 of the EAR [12] [13]

U.S. export rules

U.S. non-military exports are controlled by Export Administration Regulations (EAR), a short name for the U.S. Code of Federal Regulations (CFR) Title 15 chapter VII, subchapter C.

Encryption items specifically designed, developed, configured, adapted or modified for military applications (including command, control and intelligence applications) are controlled by the Department of State on the United States Munitions List.

Terminology

Encryption export terminology is defined in EAR part 772.1. [14] In particular:

Export destinations are classified by the EAR Supplement No. 1 to Part 740 into four country groups (A, B, D, E) with further subdivisions; [15] a country can belong to more than one group. For the purposes of encryption, groups B, D:1, and E:1 are important:

The EAR Supplement No. 1 to Part 738 (Commerce Country Chart) contains the table with country restrictions. [16] If a line of table that corresponds to the country contains an X in the reason for control column, the export of a controlled item requires a license, unless an exception can be applied. For the purposes of encryption, the following three reasons for control are important:

Classification

For export purposes each item is classified with the Export Control Classification Number (ECCN) with the help of the Commerce Control List (CCL, Supplement No. 1 to the EAR part 774). In particular: [6]

An item can be either self-classified, or a classification ("review") requested from the BIS. A BIS review is required for typical items to get the 5A992 or 5D992 classification.

See also

Related Research Articles

A cypherpunk is any individual advocating widespread use of strong cryptography and privacy-enhancing technologies as a route to social and political change. Originally communicating through the Cypherpunks electronic mailing list, informal groups aimed to achieve privacy and security through proactive use of cryptography. Cypherpunks have been engaged in an active movement since at least the late 1980s.

<span class="mw-page-title-main">Wassenaar Arrangement</span> 1996 multilateral export control regime

The Wassenaar Arrangement on Export Controls for Conventional Arms and Dual-Use Goods and Technologies is a multilateral export control regime established on 12 July 1996, in Wassenaar, near The Hague, Netherlands. The Wassenaar Arrangement was established to contribute to regional and international security and stability by promoting transparency and greater responsibility in transfers of conventional arms and dual-use goods and technologies, thus preventing destabilizing accumulations. Participating states seek, through their national policies, to ensure that transfers of these items do not contribute to the development or enhancement of military capabilities which undermine these goals, and are not diverted to support such capabilities.

<span class="mw-page-title-main">Bureau of Industry and Security</span>

The Bureau of Industry and Security (BIS) is an agency of the United States Department of Commerce that deals with issues involving national security and high technology. A principal goal for the bureau is helping stop the proliferation of weapons of mass destruction, while furthering the growth of United States exports. The Bureau is led by the Under Secretary of Commerce for Industry and Security.

Wired Equivalent Privacy (WEP) was a severely flawed security algorithm for 802.11 wireless networks. Introduced as part of the original IEEE 802.11 standard ratified in 1997, its intention was to provide data confidentiality comparable to that of a traditional wired network. WEP, recognizable by its key of 10 or 26 hexadecimal digits, was at one time widely used, and was often the first security choice presented to users by router configuration tools.

40-bit encryption refers to a (now broken) key size of forty bits, or five bytes, for symmetric encryption; this represents a relatively low level of security. A forty bit length corresponds to a total of 240 possible keys. Although this is a large number in human terms (about a trillion), it is possible to break this degree of encryption using a moderate amount of computing power in a brute-force attack, i.e., trying out each possible key in turn.

<span class="mw-page-title-main">RC2</span> Block cipher

In cryptography, RC2 is a symmetric-key block cipher designed by Ron Rivest in 1987. "RC" stands for "Ron's Code" or "Rivest Cipher"; other ciphers designed by Rivest include RC4, RC5, and RC6.

The Export Administration Regulations (EAR) are a set of United States export guidelines and prohibitions. They are administered by the Bureau of Industry and Security which regulates the export restrictions of sensitive goods. The EAR apply to scenarios where something is exported from the US, re-exported from a foreign country, or transferred from one person to another in a foreign country. The EAR apply to physical objects as well as intellectual property such as software.

Strong cryptography or cryptographically strong are general terms used to designate the cryptographic algorithms that, when used correctly, provide a very high level of protection against any eavesdropper, including the government agencies. There is no precise definition of the boundary line between the strong cryptography and (breakable) weak cryptography, as this border constantly shifts due to improvements in hardware and cryptanalysis techniques. These improvements eventually place the capabilities once available only to the NSA within the reach of a skilled individual, so in practice there are only two levels of cryptographic security, "cryptography that will stop your kid sister from reading your files, and cryptography that will stop major governments from reading your files".

In Microsoft Windows, a Cryptographic Service Provider (CSP) is a software library that implements the Microsoft CryptoAPI (CAPI). CSPs implement encoding and decoding functions, which computer application programs may use, for example, to implement strong user authentication or for secure email.

Cryptography is the practice and study of encrypting information, or in other words, securing information from unauthorized access. There are many different cryptography laws in different nations. Some countries prohibit export of cryptography software and/or encryption algorithms or cryptoanalysis methods. Some countries require decryption keys to be recoverable in case of a police investigation.

Server-Gated Cryptography (SGC), also known as International Step-Up by Netscape, is a defunct mechanism that was used to step up from 40-bit or 56-bit to 128-bit cipher suites with SSL. It was created in response to United States federal legislation on the export of strong cryptography in the 1990s. The legislation had limited encryption to weak algorithms and shorter key lengths in software exported outside of the United States of America. When the legislation added an exception for financial transactions, SGC was created as an extension to SSL with the certificates being restricted to financial organisations. In 1999, this list was expanded to include online merchants, healthcare organizations, and insurance companies. This legislation changed in January 2000, resulting in vendors no longer shipping export-grade browsers and SGC certificates becoming available without restriction.

Export control is legislation that regulates the export of goods, software and technology. Some items could potentially be useful for purposes that are contrary to the interest of the exporting country. These items are considered to be controlled. The export of controlled item is regulated to restrict the harmful use of those items. Many governments implement export controls. Typically, legislation lists and classifies the controlled items, classifies the destinations, and requires exporters to apply for a licence to a local government department.

<span class="mw-page-title-main">Cryptography</span> Practice and study of secure communication techniques

Cryptography, or cryptology, is the practice and study of techniques for secure communication in the presence of adversarial behavior. More generally, cryptography is about constructing and analyzing protocols that prevent third parties or the public from reading private messages. Modern cryptography exists at the intersection of the disciplines of mathematics, computer science, information security, electrical engineering, digital signal processing, physics, and others. Core concepts related to information security are also central to cryptography. Practical applications of cryptography include electronic commerce, chip-based payment cards, digital currencies, computer passwords, and military communications.

The following outline is provided as an overview of and topical guide to cryptography:

The export of cryptography is the transfer from one country to another of devices and technology related to cryptography.

In computing, 56-bit encryption refers to a key size of fifty-six bits, or seven bytes, for symmetric encryption. While stronger than 40-bit encryption, this still represents a relatively low level of security in the context of a brute force attack.

<span class="mw-page-title-main">Bullrun (decryption program)</span> Code name of a decryption program run by the NSA

Bullrun is a clandestine, highly classified program to crack encryption of online communications and data, which is run by the United States National Security Agency (NSA). The British Government Communications Headquarters (GCHQ) has a similar program codenamed Edgehill. According to the Bullrun classification guide published by The Guardian, the program uses multiple methods including computer network exploitation, interdiction, industry relationships, collaboration with other intelligence community entities, and advanced mathematical techniques.

<span class="mw-page-title-main">Crypto Wars</span> Attempts to limit access to strong cryptography

Attempts, unofficially dubbed the "Crypto Wars", have been made by the United States (US) and allied governments to limit the public's and foreign nations' access to cryptography strong enough to thwart decryption by national intelligence agencies, especially the National Security Agency (NSA).

<span class="mw-page-title-main">Human rights and encryption</span> Use of encryption technology to ensure human rights are maintained

Human rights applied to encryption are a concept of freedom of expression, where encryption is a technical resource in the implementation of basic human rights.

The Unverified List (UVL) is a trade restriction list published by the United States Department of Commerce's Bureau of Industry and Security (BIS), consisting of certain foreign persons, entities, or governments. Inclusion in the UVL is commonly confused with listings in the similar but separate Entity List or Specially Designated Nationals and Blocked Persons List.

References

  1. "Munitions T-shirt".
  2. Diffie, Whitfield; Landau, Susan (2007), "The export of cryptography in the 20th and the 21st centuries", The History of Information Security, Elsevier, pp. 725–736, doi:10.1016/b978-044451608-4/50027-4, ISBN   978-0-444-51608-4 , retrieved 2023-08-12
  3. "Fortify for Netscape". www.fortify.net. Retrieved 1 Dec 2017.
  4. "January 25, 1999 archive of the Netscape Communicator 4.61 download page showing a more difficult path to download 128-bit version". Archived from the original on September 16, 1999. Retrieved 2017-03-26.{{cite web}}: CS1 maint: bot: original URL status unknown (link)
  5. "Revised U.S. Encryption Export Control Regulations". EPIC copy of document from U.S. Department of Commerce. January 2000. Retrieved 2014-01-06.
  6. 1 2 3 4 5 Commerce Control List Supplement No. 1 to Part 774 Category 5 Part 2 - Info. Security
  7. "CCL5 PT2" (PDF). www.bis.doc.gov. Retrieved 2022-10-10.
  8. "U. S. Bureau of Industry and Security - Notification Requirements for "Publicly Available" Encryption Source Code". Bis.doc.gov. 2004-12-09. Archived from the original on 2002-09-21. Retrieved 2009-11-08.
  9. Participating States Archived 2012-05-27 at archive.today The Wassenaar Arrangement
  10. Wassenaar Arrangement on Export Controls for Conventional Arms and Dual-Use Goods and Technologies: Guidelines & Procedures, including the Initial Elements The Wassenaar Arrangement, December 2009
  11. Wassenaar Arrangement on Export Controls for Conventional Arms and Dual-Use Goods and Technologies Public Documents Volume IV Background Documents and Plenary-related and Other Statements Archived on 2024-02-09. Wassenaar Arrangement December 2019
  12. Encryption and Export Administration Regulations (EAR) Archived 2024-02-09 at archive.today
  13. Export Administration Regulations: Implementation of Wassenaar Arrangement 2019 Plenary Decisions Archived Page 16482 Federal Register Archived Implementation of Wassenaar Arrangement 2019 Plenary Decisions. Archived on 2024-02-09
  14. "15 CFR § 772.1 - Definitions of terms as used in the Export Administration Regulations (EAR)". LII / Legal Information Institute. Retrieved 2021-09-30.
  15. "EAR Supplement No. 1 to Part 740" (PDF). Archived from the original (PDF) on 2009-06-18. Retrieved 2009-06-27.
  16. "EAR Supplement No. 1 to Part 738" (PDF). Archived from the original (PDF) on 2009-05-09. Retrieved 2009-06-27.
This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.