From: frantz@netcom.com (Bill Frantz)
Date: Fri, 6 Sep 1996 18:46:49 +0800
To: "P. J. Ponder" <cypherpunks@toad.com
Subject: Re: rc2 export limits..
Message-ID: <199609060629.XAA27790@netcom6.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At  9:23 AM 9/5/96 -0400, P. J. Ponder wrote:
>The FIPS Pub (?180? ?181?) for the Secure Hash Algorithm (SHA) states in 
>the fine print at the beginning that SHA is export controlled.  I don't 
>have the document to refer to right now, but it plainly states that SHA  
>falls under ITAR.  As a cryptographic hash function, why would it be 
>controlled in this way?
>
>How can I use SHA to encrypt something for someone else to decrypt?  I 
>know how to use it for authentication; am I missing something here?

Any secure hash can be used as a stream cypher.  Concatenate your key and a
block serial number (never to be reused) to get a number to exclusive or
with the plain text.  When you need a new block, use the next sequential
serial number.  (See Applied Cryptography)

Raw SHA probably isn't exportable because people can use it for crypto.  If
your use of SHA was bundled into a OS password scheme, you could probably
get a CJ on it and export it.


-------------------------------------------------------------------------
Bill Frantz       | "Lone Star" - My personal  | Periwinkle -- Consulting
(408)356-8506     |  choice for best movie of  | 16345 Englewood Ave.
frantz@netcom.com |  1996                      | Los Gatos, CA 95032, USA