From: lucifer@dhp.com (lucifer Anonymous Remailer)
Date: Fri, 30 May 1997 08:49:47 +0800
To: cypherpunks@toad.com
Subject: No Subject
Message-ID: <199705300033.UAA14527@dhp.com>
MIME-Version: 1.0
Content-Type: text/plain


Press Release

      Pretty Good Privacy Receives Government Approval to Export
      Strong Encryption

      SAN MATEO, Calif., May 28, 1997 -- Pretty Good Privacy, Inc.
      (www.pgp.com), the world leader in digital privacy and security
      software, today announced that the U.S. Department of Commerce
      has approved the export of Pretty Good Privacy's encryption
      software to the overseas offices of the largest companies in the
      United States. This makes Pretty Good Privacy the only U.S.
      company currently authorized to export strong encryption
      technology not requiring key recovery to foreign subsidiaries
      and branches of the largest American companies. 

      Click here to view the list of approved companies.

      The approval allows Pretty Good Privacy to export strong,
      128-bit encryption without a requirement that the exported
      products contain key recovery features or other back doors that
      enable government access to keys. More than one-half of the
      Fortune 100 already use PGP domestically to secure their
      corporate data and communications. 

      "Now we are able to export strong encryption technology to the
      overseas offices of more than 100 of the largest companies in
      America, without compromising the integrity of the product or
      the strength of the encryption," said Phil Dunkelberger,
      President of Pretty Good Privacy, Inc. "We worked closely with
      the State Department when they controlled the export of
      encryption, and are now working with the Commerce Department.
      And we have never had a license application denied." 

      The license allows export of strong encryption technology,
      without government access to keys, to the overseas subsidiaries
      and branch offices of more than 100 of the largest American
      companies, provided that the offices are not located in
      embargoed countries, namely Cuba, Iran, Iraq, Libya, North
      Korea, Sudan or Syria. 

      "As far as we know, Pretty Good Privacy, Inc. is now the only
      company that has U.S. government approval to sell strong
      encryption to the worldwide subsidiaries and branch offices of
      such a large number of U.S. corporations, without having to
      compromise on the strength of the encryption or add schemes
      designed to provide government access to keys," said Robert H.
      Kohn, vice president and general counsel of Pretty Good Privacy.
      "Pretty Good Privacy still opposes export controls on
      cryptographic software, but this license is a major step toward
      meeting the global security needs of American companies." 

      The U.S. government restricts the export of encryption using key
      lengths in excess of 40 bits. However, 40-bit cryptography is
      considered "weak," because it can be broken in just a few hours.
      Generally, the U.S. government will grant export licenses for up
      to 56-bit encryption if companies commit to develop methods for
      government access to keys. For anything over 56 bits, actual
      methods for government access must be in place. 

      Pretty Good Privacy's license permits the export of 128-bit or
      "strong" encryption, without any requirement of a key recovery
      mechanism that enables government access to the data. A message
      encrypted with 128-bit PGP software is
      309,485,009,821,341,068,724,781,056 times more difficult to
      break than a message encrypted using 40-bit technology. In fact,
      according to estimates published by the U.S. government, it
      would take an estimated 12 million times the age of the
      universe, on average, to break a single 128-bit message
      encrypted with PGP. 

      "Pretty Good Privacy, Inc. has been working diligently to ensure
      compliance with the export control laws. Clearly, the Commerce
      Department recognizes the needs of reputable American companies
      to protect their intellectual property and other sensitive
      business information using strong cryptography," said Roszel C.
      Thomsen II, partner at the law firm of Thomsen and Burke LLP. 

      "User demand for strong cryptography is growing worldwide," said
      Marc Rotenberg, director of Electronic Privacy Information
      Center, and a leading privacy-rights advocate. "This is just one
      more example of the need to remove obstacles to the export of
      the best products the U.S. can provide." 

      Companies that are approved for the export of Pretty Good
      Privacy's strong encryption should contact Pretty Good Privacy's
      sales office at 415.572.0430 or visit the company's web site at
      www.pgp.com. Companies that are not currently on the list of
      licenses obtained by Pretty Good Privacy, but would like to gain
      approval to use strong encryption in their branch offices and
      subsidiaries around the world, should also contact Pretty Good
      Privacy at 415.572.0430 for information about how to be included
      in future government-approved export licenses for PGP. 

About Pretty Good Privacy, Inc. 

      Pretty Good Privacy (www.pgp.com), founded in March 1996, is the
      leading provider of digital-privacy products for private
      communications and the secure storage of data for businesses and
      individuals. Pretty Good Privacy's original encryption software
      for email applications (PGP) was distributed as freeware in 1991
      by Phil Zimmermann, Chief Technical Officer and Founder of
      Pretty Good Privacy, and allowed individuals, for the first
      time, to send information without risk of interception. With
      millions of users, it has since become the world leader in email
      encryption and the de facto standard for Internet mail
      encryption. Over one half of the Fortune 100 companies use PGP.
      In order to provide only the strongest encryption software,
      Pretty Good Privacy publishes all of its encryption source code
      and algorithms for extensive peer review and public scrutiny.
      The company can be reached at 415.572.0430; http://www.pgp.com. 

      For more information, please contact Mike Nelson, Pretty Good
      Privacy's Director of Corporate Communications, at 415.524.6203.