1997-01-02 - Re: New crypto regulations

Header Data

From: daw@cs.berkeley.edu (David Wagner)
To: cypherpunks@toad.com
Message Hash: 90e7c2202c311bc08fc0e63eea8527f19eb0f4260844eec93e2802d299546f2c
Message ID: <5ah9ub$7th@joseph.cs.berkeley.edu>
Reply To: <32cc13c3.83442324@kdn0.attnet.or.jp>
UTC Datetime: 1997-01-02 21:42:28 UTC
Raw Date: Thu, 2 Jan 1997 13:42:28 -0800 (PST)

Raw message

From: daw@cs.berkeley.edu (David Wagner)
Date: Thu, 2 Jan 1997 13:42:28 -0800 (PST)
To: cypherpunks@toad.com
Subject: Re: New crypto regulations
In-Reply-To: <32cc13c3.83442324@kdn0.attnet.or.jp>
Message-ID: <5ah9ub$7th@joseph.cs.berkeley.edu>
MIME-Version: 1.0
Content-Type: text/plain

In article <199612301517.KAA01543@pdj2-ra.F-REMOTE.CWRU.Edu>,
Peter D. Junger <junger@pdj2-ra.F-REMOTE.CWRU.Edu> wrote:
> : Does this mean that if a journal published an article on some strong
> : non-key escrow encryption algorithm that included source code, it
> : could not later offer that same article on a CD-ROM collection?  or
> : provide that same source code online?
> That is exactly what the new regulations seem to provide.  An interesting
> question is what is the status of all those issues of Byte and Dr.
> Dobb's that do have cryptopraphic source code and that are currently
> available on the net.  Or are there any such articles?

Here's one.  Ian Goldberg and I wrote a Dr. Dobb's Journal article on
Netscape's insecure random number generation.  It contained a few short
snippets of code that described how Netsape's PRNG seeding process
worked.  I believe that they may fall under the category of 'cryptographic
source code'.  And...guess what... DDJ in fact published the article
online at


Here's a citation:

Ian Goldberg and David Wagner.  "Randomness and the Netscape Browser".
Dr. Dobb's Journal, January 1996.