From: jim bell <jimbell@pacifier.com>
Date: Wed, 5 Jun 1996 11:12:37 +0800
To: cypherpunks@toad.com
Subject: Re: NYT on NTT/RSA Chips
Message-ID: <199606041616.JAA24515@mail.pacifier.com>
MIME-Version: 1.0
Content-Type: text/plain


At 10:54 AM 6/4/96 GMT, John Young wrote:
>Connecting Declan's three dots [...]: 
>   The New York Times, June 4, 1996, pp. D1, D4. 
>   Japanese Chips May Scramble U.S. Export Ban 
>   By John Markoff 
>   Washington, June 3 -- The Nippon Telegraph and Telephone 
>   Corporation has quietly begun selling a powerful data- 
>   scrambling chip set that is likely to undermine the Clinton 
>   Administration's efforts to restrict the export of the 
>   fundamental technology for protecting secrets and commerce 
>   in the information age. 

 
>   An executive at NTT America said that although there were 
>   no restrictions on the export of cryptographic hardware or 
>   software from Japan, his company was still anxious to 
>   obtain software from RSA Data to use in its chips. That 
>   software is still controlled by United States export law, 
>   he said. 


Maybe it's just me, but the solution to NTT's problem is obvious.  Even 
assuming that the export of this software would be against the law, why 
doesn't somebody simply violate that law?  RSA would publish that software, 
possibly encrypted with NTT's public key, on a public system protected 
against direct export.  "Somebody" would download it, write it to a floppy 
(taking care not to leave any fingerprints, and wetting both the stamp and 
the envelope with tap water, rather than licking them) and mail that floppy 
off to NTT in Japan.  (Naturally, you don't put a return address on that 
envelope.   The truly paranoid would first take that floppy to some store's 
PC section, and cross-load the data onto a floppy written by some other 
floppy drive.)

NTT finds that envelope in their mail, opens it, reads the floppy, decrypts 
the data, and say, "Wow!  It's the data we wanted to get!"  It verifies that 
the data is valid by emailing a copy back to RSA in America, who say, 
"Amazing!  Somebody has illegally exported our software!"

As far as I know, there is nothing wrong with NTT using this software even 
if it is assumed to have been exported illegally.  Obviously, NTT won't 
_ask_ for somebody to do this, because then the government will claim it was 
all a conspiracy, but that doesn't prevent NTT from being the beneficiary of 
somebody else's activities.




Jim Bell
jimbell@pacifier.com