First, Rebecca Vesely has a special report, the main thrust of which is that three firms being allowed to export 56 bit encryption indicates flexibility on the part of the government. http://www.netizen.com/netizen/97/05/special2a.html To top it off, here are two gems from the followup discussion. http://www.netizen.com/cgi-bin/interact/replies_all?msg.37387 2. 56 ONLY A SLIGHTLY SMALLER JOKE Ric Allan (ricrok) on Wed, 5 Feb 97 11:53 PST If it takes a college student four hours to break a 40bit code it should take him/her about six hours to do the same to 56bits. Then what excuses are the government and its butt-kissing companies going to give us for not allowing *real* coding? 4. 56bits will not take 6 hours to crack Piers Cawley (pdcawley) on Thu, 6 Feb 97 05:05 PST Rick seems to be missing the point about strong encryption -- the reason that DES/IDEA encryption is hard to crack is because the key system is based on the fact that factoring big numbers is a long, slow tedious process which gets exponentially harder as the length of the number increases. What this means is that it'll probably take the college student, ooh... 24 hours to crack a 56 bit key. However, the question has to be asked, why the fuck should we non US citizens go and buy cryptographic software that is deliberately coded to allow the US government to read our mail? -- Anil Das