At 6:44 AM 5/1/96, Bill Frantz wrote:
At 11:49 AM 4/30/96 -0700, Timothy C. May wrote:
An interesting situation for the ITARs, if they try to restrict bignum classes, for example. A class-based system, if done correctly (in whatever language, e.g., C++ or Java), should have _most_ of the hard crypto work already implemented in classes and methods (for bignums, modular exponentiation, etc.), with the final crypto program much more easily implemented and exported.
Certain languages, e.g. Smalltalk, and I believe lisp and scheme, have bignums as a built-in type. (Or more specifically, their integer types are limited in size only by available memory.) I believe these languages are freely exportable.
As it happens, the three languages I am most familiar with and have on my Macintosh at this moment are: Smalltalk, Scheme, and Mathematica. All support bignums (arbitrarily long, limited only by local environment considerations). However, I seem to recall some "not exportable" stickers on at least the Mathematica box. It's not handy, but I recollect one of those black stickers one finds in such cases. (It might be that it contains functions for FFTs, for example, or it might be something else....)
Your problem stays here in the good ol' USA. You can't implement RSA directly in these languages (I assume RSA in perl has the same problem), because of the patent restrictions. Yet another reason to buy a T-shirt.
About implementing RSA in one of these languages, it's fine if it's done for educational purposes, as Jim Bidzos told me a few years ago. RSA is a programming example in a couple of Mathematica books, for example. Implementing a system and deploying it (as a "system") changes things. But I think we can all agree that we are moving toward a situation where class libraries in languages implement a large fraction of a working cryptographic system, and the pieces only need to be glued together. It gets real hard to control the spread of crypto when this is the case. (It's already hard, but it will get even harder.) With Microsoft deciding to put a Java Virtual Machine in every copy of Windows * shipped, along with similar deals of course already in the works for other major environments, it seems to me that crypto developers should build with this in mind. The NSA must be going nuts thinking about this. --Tim May Boycott "Big Brother Inside" software! We got computers, we're tapping phone lines, we know that that ain't allowed. ---------:---------:---------:---------:---------:---------:---------:---- Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@got.net 408-728-0152 | anonymous networks, digital pseudonyms, zero W.A.S.T.E.: Corralitos, CA | knowledge, reputations, information markets, Licensed Ontologist | black markets, collapse of governments. "National borders aren't even speed bumps on the information superhighway."