Encryption legal restrictions
This question is about legal restrictions on encryption systems available to the general (American) public.
I seem to remember years ago, like during the Clinton administration, a big bru-ha-ha about encryption. There was big talk about limiting the legal key length, if I recall. Is it now just assumed that intelligence agencies and police can crack any encryption (other than a one-time pad system)? What ever happened to that issue?
Also, regarding one-time pad systems, they're generally regarded as unbreakable, as far as I know, assuming they're implemented properly. So, if there's any system that should be of concern to law enforcement, Etc., it should be one-time pad systems. Are there legal restrictions on their use? From a technical standpoint, as I understand it, the major problem with creating a one-time pad system is generating random numbers. The "random numbers" generated by computer program functions that purport to do so are generally just quasi-random, not truly random, again, as I understand it. Are there programs, functions, or whatever that really do generate true random numbers? Are any of these free or cheap and available to the general public?
By the way, I don't mean to imply that those are the entities I'm interested in protecting my data against. It's thieves that concern me, but some of these guys may be ex-KGB, Etc., so I want solid protection. Also, it's partially just an academic question. I want to know what the rules are. Also, I have an interesting idea for a product based on the one-time pad concept, and I want to know if developing it is even legal.
Thanks.
I seem to remember years ago, like during the Clinton administration, a big bru-ha-ha about encryption. There was big talk about limiting the legal key length, if I recall. Is it now just assumed that intelligence agencies and police can crack any encryption (other than a one-time pad system)? What ever happened to that issue?
Also, regarding one-time pad systems, they're generally regarded as unbreakable, as far as I know, assuming they're implemented properly. So, if there's any system that should be of concern to law enforcement, Etc., it should be one-time pad systems. Are there legal restrictions on their use? From a technical standpoint, as I understand it, the major problem with creating a one-time pad system is generating random numbers. The "random numbers" generated by computer program functions that purport to do so are generally just quasi-random, not truly random, again, as I understand it. Are there programs, functions, or whatever that really do generate true random numbers? Are any of these free or cheap and available to the general public?
By the way, I don't mean to imply that those are the entities I'm interested in protecting my data against. It's thieves that concern me, but some of these guys may be ex-KGB, Etc., so I want solid protection. Also, it's partially just an academic question. I want to know what the rules are. Also, I have an interesting idea for a product based on the one-time pad concept, and I want to know if developing it is even legal.
Thanks.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
I'm bumping up the point value to see if I can get some more responses. (I don't care about speed. I just want a consensus answer.) Any attorneys actually know the answer to this question?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Inside the U.S., whatever encryption is publicly available is legal by definition. Marijuana and cocaine were legal too, until they were outlawed. So yes, it's essentially an exporting issue. Note that this is true whether you're shipping a product or making it available for download - YOU are responsible for the product's dissemination.
paulmacd:
Um, in case you haven't noticed, marijuana and cocaine are "publicly available." That doesn't make them legal.
And I'm not looking to create an encryption package. I'm inquiring from the standpoint of a user.
Everybody:
I still didn't get most of my questions answered, so I'm going to bump up the point value one more time, to see if I can get a response. Oh, and, "You're imagining this; there never was such an internal issue; t was all about export" would be an acceptable response, if it's true.
Um, in case you haven't noticed, marijuana and cocaine are "publicly available." That doesn't make them legal.
And I'm not looking to create an encryption package. I'm inquiring from the standpoint of a user.
Everybody:
I still didn't get most of my questions answered, so I'm going to bump up the point value one more time, to see if I can get a response. Oh, and, "You're imagining this; there never was such an internal issue; t was all about export" would be an acceptable response, if it's true.
paulmacd:
Um, in case you haven't noticed, marijuana and cocaine are "publicly available." That doesn't make them legal. :-)
And I'm not looking to create an encryption package. I'm inquiring from the standpoint of a user.
Everybody:
I still didn't get most of my questions answered, so I'm going to bump up the point value one more time, to see if I can get a response. Oh, and, "You're imagining this; there never was such an internal issue; t was all about export" would be an acceptable response, if it's true.
Um, in case you haven't noticed, marijuana and cocaine are "publicly available." That doesn't make them legal. :-)
And I'm not looking to create an encryption package. I'm inquiring from the standpoint of a user.
Everybody:
I still didn't get most of my questions answered, so I'm going to bump up the point value one more time, to see if I can get a response. Oh, and, "You're imagining this; there never was such an internal issue; t was all about export" would be an acceptable response, if it's true.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
I will award points in the next 2 days. I'm currently printing all the threads I have going, even as I write this. I'll award 500 points total.
Thank you all for your patience and advice.
Thank you all for your patience and advice.
This question has been classified as abandoned and is closed as part of the Cleanup Program. See the recommendation for more details.
ASKER