Is crypt(1) a prohibited export?
-----BEGIN PGP SIGNED MESSAGE----- [To: cypherpunks@toad.com] [Subject: Is crypt(1) a prohibited export?] Is crypt(1) a prohibited export from the US? I thought it was. The reason I ask is that it has come to my attention that HP ships that overseas too, with HP-UX versions 9 and 10... The man page is a bit dated: crypt implements a one-rotor machine designed along the lines of the German Enigma, but with a 256-element rotor. Methods of attack on such machines are known, but not widely; moreover the amount of work required is likely to be large. Clearly written before CBW became popular. Chris McAuliffe <cmca@alpha.c2.org> (No, not that one.) -----BEGIN PGP SIGNATURE----- Version: 2.6 iQCVAwUBMWtg6IHskC9sh/+lAQF8gQP/XtCrYHjewBvt5EK0BVSRL99lbUqf4Cv7 xRDwlqMyBBPQ1BYOFQk4f3q+x/268EgLXcyu41zkCArdLVBImOmDNlqI8t/0PRLj JFkItIDUBrxd8buEs2LC8oNCJ4W+VyjqVsbHsKnCjmhW0MuclxZqbsaA2oFDOucV S6rkmWxb7XE= =A5mT -----END PGP SIGNATURE-----
crypt() is a hash function, and hence is not subject to export restriction. (To my knowledge). On Wed, 10 Apr 1996, Chris McAuliffe wrote:
Is crypt(1) a prohibited export from the US? I thought it was. The reason I ask is that it has come to my attention that HP ships that overseas too, with HP-UX versions 9 and 10...
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Jeremey Barrett Senior Software Engineer jeremey@forequest.com The ForeQuest Company http://www.forequest.com/ "less is more." -- Mies van de Rohe. Ken Thompson has an automobile which he helped design. Unlike most automobiles, it has neither speedometer, nor gas gage, nor any of the numerous idiot lights which plague the modern driver. Rather, if the driver makes any mistake, a giant "?" lights up in the center of the dashboard. "The experienced driver", he says, "will usually know what's wrong." -- 'fortune` output
-----BEGIN PGP SIGNED MESSAGE----- [To: Jeremey Barrett <jeremey@forequest.com>] [cc: cypherpunks@toad.com] [Subject: Re: Is crypt(1) a prohibited export? ] [In-reply-to: Your message of Sat, 13 Apr 96 22:21:14 MST.] <Pine.BSI.3.91.960413221855.7580A-100000@newton.forequest.com> While not paying attention, Jeremey Barrett <jeremey@forequest.com> wrote:
crypt() is a hash function, and hence is not subject to export restriction. (To my knowledge).
crypt(3) is a library routine implementing a hash function. Crypt(1) is a general purpose cryptography program implementing an algorithm similar to an enigma rotor machine. My question stands.
On Wed, 10 Apr 1996, Chris McAuliffe wrote:
Is crypt(1) a prohibited export from the US? I thought it was. The reason I ask is that it has come to my attention that HP ships that overseas too, with HP-UX versions 9 and 10...
Chris McAuliffe <cmca@alpha.c2.org> (No, not that one.) -----BEGIN PGP SIGNATURE----- Version: 2.6 iQCVAwUBMXDCjIHskC9sh/+lAQEZ6AQAik5whxKqkICtWaD48dZigxLpCg2LgKDS juRUVGL4bX1QvnBH9JPhnUDPB7k1y74pT3TBIUm6XD+AMMjxpH4Q6dF5iUiGWPYZ VDVpUT1R3qQ+Bn9siR7Y3xTShg1oeLLf7T7jQ1wG0/NSV/kd0UwB89XdbrOtH48x /9Z36ubniy4= =JQmB -----END PGP SIGNATURE-----
On Sun, 14 Apr 1996, Chris McAuliffe wrote:
While not paying attention, Jeremey Barrett <jeremey@forequest.com> wrote:
crypt() is a hash function, and hence is not subject to export restriction. (To my knowledge).
crypt(3) is a library routine implementing a hash function. Crypt(1) is a general purpose cryptography program implementing an algorithm similar to an enigma rotor machine. My question stands.
Ah. My mistake... the man page I have on crypt(1) says this: RESTRICTIONS This program is not available on software shipped outside the U.S. -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Jeremey Barrett Senior Software Engineer jeremey@forequest.com The ForeQuest Company http://www.forequest.com/ "less is more." -- Mies van de Rohe. Ken Thompson has an automobile which he helped design. Unlike most automobiles, it has neither speedometer, nor gas gage, nor any of the numerous idiot lights which plague the modern driver. Rather, if the driver makes any mistake, a giant "?" lights up in the center of the dashboard. "The experienced driver", he says, "will usually know what's wrong." -- 'fortune` output
On Sat, 13 Apr 1996, Jeremey Barrett wrote:
crypt() is a hash function, and hence is not subject to export restriction. (To my knowledge).
SCO (and Novell, when it was selling Unix) both shipped libcrypt.a as a seperate product in their development systems. Only US and Canadian customers are allowed to buy the library. Programs statically compiled with libcrypt appear to be OK, but furineers can't have API access to this technology :) Dan -- Dan Busarow DPC Systems Dana Point, California
Did the library include other encryption functions, other than one-way functions? If so, I could see it being restricted. Linux, which is freely available anywhere, includes a DES-using crypt() one-way hash. But since a one-way hash function (implemented as a one way function) can't really be used for encrypted communication, I don't think it is subject to export restriction. On Sun, 14 Apr 1996, Dan Busarow wrote:
On Sat, 13 Apr 1996, Jeremey Barrett wrote:
crypt() is a hash function, and hence is not subject to export restriction. (To my knowledge).
SCO (and Novell, when it was selling Unix) both shipped libcrypt.a as a seperate product in their development systems. Only US and Canadian customers are allowed to buy the library. Programs statically compiled with libcrypt appear to be OK, but furineers can't have API access to this technology :)
Dan -- Dan Busarow DPC Systems Dana Point, California
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Jeremey Barrett Senior Software Engineer jeremey@forequest.com The ForeQuest Company http://www.forequest.com/ "less is more." -- Mies van de Rohe. Ken Thompson has an automobile which he helped design. Unlike most automobiles, it has neither speedometer, nor gas gage, nor any of the numerous idiot lights which plague the modern driver. Rather, if the driver makes any mistake, a giant "?" lights up in the center of the dashboard. "The experienced driver", he says, "will usually know what's wrong." -- 'fortune` output
On Sun, 14 Apr 1996, Jeremey Barrett wrote:
Did the library include other encryption functions, other than one-way functions?
The library includes the functions encrypt(3) and des_encrypt(3). In the US-Only version of the library each of these functions accepts a flag value of 1 to indicate de-cryption, the export version ignores the flag, decryption is disabled.
On Sun, 14 Apr 1996, Dan Busarow wrote:
seperate product in their development systems. Only US and Canadian customers are allowed to buy the library.
I should have said only US and Canadian customers can purchase the uncrippled version of the library. Dan -- Dan Busarow DPC Systems Dana Point, California
Jeremey Barrett <jeremey@forequest.com> writes on cpunks:
[...] But since a one-way hash function (implemented as a one way function) can't really be used for encrypted communication,
One way hashes can be used to produce an block encryption system running in CFB mode, eg: Peter Gutmann's MDC. (CFB mode is where you encrypt an IV (just a random salt) with the key, and XOR the result with the data (you chaing the encrypting for subsequent blocks) -- to decrypt you just repeat the process, use the same IV and encrypt again. As you never actually use the block ciphers decrypt function, you can therefore (and this is what MDC does) use a one way hash in the place of a block encryption algorithm in CFB mode.)
I don't think it is subject to export restriction.
They don't seem to be subject to export restrictions, but then perhaps that is paradoxical, perhaps they should be. (Well no crypto should be export restricted in my view naturally, but for logical consistency you understand...) It would in my view be a good thing if one way hash functions were declared to be non-exportable, as this would clearly hinder commerce, as they are used in signatures and authentication. Also I seem to remember that Dan Berntstien's case was based on the prior restraint in him not being free to discuss his method for turning a one way hash into a symmetric key function. Adam -- Exported RSA today? --> http://www.dcs.ex.ac.uk/~aba/rsa/ #!/bin/perl -sp0777i<X+d*lMLa^*lN%0]dsXx++lMlN/dsM0<j]dsj $/=unpack('H*',$_);$_=`echo 16dio\U$k"SK$/SM$n\EsN0p[lN*1 lK[d2%Sa2/d0$^Ixp"|dc`;s/\W//g;$_=pack('H*',/((..)*)$/)
participants (4)
-
Adam Back -
cmca@alpha.c2.org -
Dan Busarow -
Jeremey Barrett