At 02:39 +0100 1997.02.18, Ulf Möller wrote:

Swedish Datateknik 97-02 features an article about how COCOM/ Wassenaar Arrangement effects Swedish crypto exports.

I wonder if someone whose Swedish is better than mine could summarize the article? It is at http://www.et.se/datateknik/arkiv/97-02/5.html

This is a sloppy and probably inaccurate translation. Martin Minow minow@apple.com Datateknik 97-02 97-01-30 EEC countries forbidden for Swedish crypto-export. The export control agreement that governs Sweden's export of sensitive high-technology even stops sale of encryption software to several EEC countries. Security-political considerations from cold war days are a serious barrier for integration in the EEC. In international regulation of high-technology commerce, crytographic equipment and crypto-software is either directly considered "war material" or counted as dual-use products -- i.e. products with both civil and military use. Twenty-eight industrial countries, including Sweden, stand behind the rules ... called "Wassenaar Agreement" after the suburb to Den Haag in the Netherlands where they were written. ... The Wassenaar Agreement is a continuation of COCOM (the West's embargo of high-technology to the Eastern block). After COCOM was lifted in 1993, there were discussions about what should be included in future controls. The USA, for example, would not accept Russian involvement while Russia exported weapons to Iran. Eventually, Russia and the other Eastern-Bloc countries accepted Wassenaar [this is probably a poor translation] and, today, 33 states are partners in the agreement, including even South Korea, Bulgaria, and Turkey. ... Encryption equipment is included in the group "information security" in the goods-list and regulations that control Swedish high-tech export. (SFS 1994:2060, lastest revision December 1996). [SFS is the national registry of all Swedish laws, proclamations, and similar.] This control includes essentially all digital encryption systems. Export may not take place without approval of the "Inspectorate for Strategic Products" (ISP) at the Foreign Office. Following the rules, a Swedish resident would break the law by carrying a portable computer with a "trivial encryption program (that is not commercially available)" on the ferry boat across Oresund to Denmark without a specific export license! A bank ATM card with an encrypted password can be carried, but not a "smarter" bank or ID card. While licenses are available, they require special testing. The product must be "strength-classified" which, in complicated cases, would be done by the the Defense Radio Service (FRA) [the Swedish equivalent to NSA]. Also, the destination land and the importer's technical knowledge will also be examined closely. For Swedish exporters to Europe, this is often experienced as a "terrorising bureaucracy." ''We who are major exporters of encryption equipment to telephone [service] operators in, for example, Germany, must let every delivery be individually examined by ISP despite the fact that the same products are often repeated,'' says Haakan Persson at Swedish AU-system. The explanation is that not every EU land fulfills the Wassanaar requirements. The point of the rules, explains Egon Svensson at ISP, is that we do not spread advanced technology to countries that have not had it previously. Thus, certain countries are excluded. For encryption equipment, only England, France, Holland, Sweden, Germany, and perhaps a few others, are considered to have sufficicent capacity and knowledge to be recipient countries. They say that the restrictions within EU are temporary, but there is no immediate sign that they will be eased. Author: Christer Akerman, christer.akerman@datateknik.se Original Copyright Datateknik ----- ps: the same issue of DataTeknik has a review of a Swedish biography of Arne Beurling, a Swedish cryptographer who broke a German World War II telegram (teletype?) encryption machine "Geheimschreiber T52a/b." After Germany occupied Norway, all German communication passed through neutral Swedish telegraph cables, and the Swedes didn't pass up the chance to sample the traffic. Breaking the code was described by David Kahn as "one of the great feats of crytoanalysis" of the Second World War. The book is Svenska kryptobedrifter" by Bengt Backman. Bonniers, ISBN 91-0-056229-7