1. Write a program with limited encryption (40 bit?), with the encryption module in a file external to the main program. 2. Get export approval for this program. 3. Write a module which replaces the encryption file, increasing key size to whatever you REALLY wanted in the first place. (128-bit IDEA, 2000-bit PGP, etc.) 4. Ship that new module with the old software to US customers. Naturally, that new module will "leak," so anybody who buys the old
Tim May replied
"Crypto hooks," basically the scheme you are proposing, were thought of by the authorities and are not a bypass of the crypto export laws.
I had interpreted the suggestion differently - rather than a system with user-accessible crypto hooks, the manufacturer could ship a binary patch upgrade for US customers to install. The internal design would presumably have crypto hooks (i.e. subroutine calls); they can't ban that. Of course, if you follow this strategy, get export approval for version 1.0, and ship the US-only patch as 1.1, getting export approval for version 2.0 may be a shade more difficult... #-- # Thanks; Bill # Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com # Phone +1-510-247-0663 Pager/Voicemail 1-408-787-1281 # Anybody notice that Microsoft's Wide Open Road ad has barbed-wire fences # on both sides of the road?