From: jim bell <jimbell@pacifier.com>
To: Will Rodger <cypherpunks@toad.com
Message Hash: 871be891aeefbb6560f870dfd7d7c86810d0020dafe8e24eddb9a5965547f5df
Message ID: <199607120544.WAA29691@mail.pacifier.com>
Reply To: N/A
UTC Datetime: 1996-07-12 11:10:53 UTC
Raw Date: Fri, 12 Jul 1996 19:10:53 +0800
From: jim bell <jimbell@pacifier.com>
Date: Fri, 12 Jul 1996 19:10:53 +0800
To: Will Rodger <cypherpunks@toad.com
Subject: Re: I@Week on crypto export loophole 6/24/96
Message-ID: <199607120544.WAA29691@mail.pacifier.com>
MIME-Version: 1.0
Content-Type: text/plain
At 10:30 PM 7/11/96 -0400, Will Rodger wrote:
>>At 04:06 AM 7/11/96 +0000, Paul Elliott wrote:
>>>What is to prevent a U.S company to licence a foreign company
>>>to sublicence and distribute a Crypto product abroad, if that
>>>foreign company obtains that product on the pirate market?
>>>
>>>I am not a lawyer, but I look at the definition of "export"
>>>on page 612 of Applied Cryptography and nothing seems to
>>>obviously apply.
>
>Elliott appears to be absolutely correct.
>
>Jim Bell replied:
>>I raised this type of idea on CP, twice, and didn't hear a peep about it!
>
>You were ahead of your time, Jim.
>There was a cover story peep about the idea in Interactive Week June 24, in
>fact. The story followed Bidzos' announcement that NTT would soon be
>producing 3-DES chips en masse.
>It's at: http://www.zdnet.com/intweek/print/960624/cover/doc1.html
I just read the article, and it's very interesting. My first note on the
subject was posted June 4, and follows below:
At 10:54 AM 6/4/96 GMT, John Young wrote:
>Connecting Declan's three dots [...]:
> The New York Times, June 4, 1996, pp. D1, D4.
> Japanese Chips May Scramble U.S. Export Ban
> By John Markoff
> Washington, June 3 -- The Nippon Telegraph and Telephone
> Corporation has quietly begun selling a powerful data-
> scrambling chip set that is likely to undermine the Clinton
> Administration's efforts to restrict the export of the
> fundamental technology for protecting secrets and commerce
> in the information age.
> An executive at NTT America said that although there were
> no restrictions on the export of cryptographic hardware or
> software from Japan, his company was still anxious to
> obtain software from RSA Data to use in its chips. That
> software is still controlled by United States export law,
> he said.
Maybe it's just me, but the solution to NTT's problem is obvious. Even
assuming that the export of this software would be against the law, why
doesn't somebody simply violate that law? RSA would publish that software,
possibly encrypted with NTT's public key, on a public system protected
against direct export. "Somebody" would download it, write it to a floppy
(taking care not to leave any fingerprints, and wetting both the stamp and
the envelope with tap water, rather than licking them) and mail that floppy
off to NTT in Japan. (Naturally, you don't put a return address on that
envelope. The truly paranoid would first take that floppy to some store's
PC section, and cross-load the data onto a floppy written by some other
floppy drive.)
NTT finds that envelope in their mail, opens it, reads the floppy, decrypts
the data, and say, "Wow! It's the data we wanted to get!" It verifies that
the data is valid by emailing a copy back to RSA in America, who say,
"Amazing! Somebody has illegally exported our software!"
As far as I know, there is nothing wrong with NTT using this software even
if it is assumed to have been exported illegally. Obviously, NTT won't
_ask_ for somebody to do this, because then the government will claim it was
all a conspiracy, but that doesn't prevent NTT from being the beneficiary of
somebody else's activities.
Jim Bell
jimbell@pacifier.com
Return to July 1996
Return to “jim bell <jimbell@pacifier.com>”
1996-07-12 (Fri, 12 Jul 1996 19:10:53 +0800) - Re: I@Week on crypto export loophole 6/24/96 - jim bell <jimbell@pacifier.com>