Export of cryptography from the United States


Export of cryptographic technology and devices from the United States was severely restricted by U.S. law until 1992. The law gradually became eased until around 2000, but some restrictions still remain today.
Since World War II, many governments, including the U.S. and its NATO allies, have regulated the export of cryptography for national security reasons, and, as late as 1992, cryptography was on the U.S. Munitions List as an Auxiliary Military Equipment.
Due to the enormous impact of cryptanalysis in World War II, these governments saw the military value in denying current and potential enemies access to cryptographic systems. Since the U.S. and U.K. believed they had better cryptographic capabilities than others, their intelligence agencies tried to control all dissemination of the more effective crypto techniques. They also wished to monitor the diplomatic communications of other nations, including those emerging in the post-colonial period and whose position on Cold War issues was vital.
The First Amendment made controlling all use of cryptography inside the U.S. illegal, but controlling access to U.S. developments by others was more practical — there were no constitutional impediments.
Accordingly, regulations were introduced as part of munitions controls which required licenses to export cryptographic methods ; the regulations established that cryptography beyond a certain strength would not be licensed for export except on a case-by-case basis. This policy was also adopted elsewhere for various reasons.
The development and public release of Data Encryption Standard and asymmetric key techniques in the 1970s, the rise of the Internet, and the willingness of some to risk and resist prosecution, eventually made this policy impossible to enforce, and by the late 1990s it was being relaxed in the U.S., and to some extent elsewhere. As late as 1997, NSA officials in the US were concerned that the widespread use of strong encryption will frustrate their ability to provide SIGINT regarding foreign entities, including terrorist groups operating internationally. NSA officials anticipated that the American encryption software backed by an extensive infrastructure, when marketed, was likely to become a standard for international communications. In 1997, Louis Freeh, then the Director of the FBI, said

History

Cold War era

In the early days of the Cold War, the U.S. and its allies developed an elaborate series of export control regulations designed to prevent a wide range of Western technology from falling into the hands of others, particularly the Eastern bloc. All export of technology classed as 'critical' required a license. CoCom was organized to coordinate Western export controls.
Two types of technology were protected: technology associated only with weapons of war and dual use technology, which also had commercial applications. In the U.S., dual use technology export was controlled by the Department of Commerce, while munitions were controlled by the State Department. Since in the immediate post WWII period the market for cryptography was almost entirely military, the encryption technology was included as "Category XI - Miscellaneous Articles" and later "Category XIII - Auxiliary Military Equipment" item into the United States Munitions List on November 17, 1954. The multinational control of the export of cryptography on the Western side of the cold war divide was done via the mechanisms of CoCom.
By the 1960s, however, financial organizations were beginning to require strong commercial encryption on the rapidly growing field of wired money transfer. The U.S. Government's introduction of the Data Encryption Standard in 1975 meant that commercial uses of high quality encryption would become common, and serious problems of export control began to arise. Generally these were dealt with through case-by-case export license request proceedings brought by computer manufacturers, such as IBM, and by their large corporate customers.

PC era

Encryption export controls became a matter of public concern with the introduction of the personal computer. Phil Zimmermann's PGP cryptosystem and its distribution on the Internet in 1991 was the first major 'individual level' challenge to controls on export of cryptography. The growth of electronic commerce in the 1990s created additional pressure for reduced restrictions. VideoCipher II also used DES to scramble satellite TV audio.
In 1989, non-encryption use of cryptography was removed from export control with a Commodity Jurisdiction. In 1992, an exception was formally added in the USML for non-encryption use of cryptography and a deal between NSA and the Software Publishers Association made 40-bit RC2 and RC4 encryption easily exportable using a Commodity Jurisdiction with special "7-day" and "15-day" review processes. At this stage Western governments had, in practice, a split personality when it came to encryption; policy was made by the military cryptanalysts, who were solely concerned with preventing their 'enemies' acquiring secrets, but that policy was then communicated to commerce by officials whose job was to support industry.
Shortly afterward, Netscape's SSL technology was widely adopted as a method for protecting credit card transactions using public key cryptography. Netscape developed two versions of its web browser. The "U.S. edition" supported full size RSA public keys in combination with full size symmetric keys . The "International Edition" had its effective key lengths reduced to 512 bits and 40 bits respectively. Acquiring the 'U.S. domestic' version turned out to be sufficient hassle that most computer users, even in the U.S., ended up with the 'International' version, whose weak 40-bit encryption can currently be broken in a matter of days using a single computer. A similar situation occurred with Lotus Notes for the same reasons.
Legal challenges by Peter Junger and other civil libertarians and privacy advocates, the widespread availability of encryption software outside the U.S., and the perception by many companies that adverse publicity about weak encryption was limiting their sales and the growth of e-commerce, led to a series of relaxations in US export controls, culminating in 1996 in President Bill Clinton signing the transferring the commercial encryption from the Munition List to the Commerce Control List. Furthermore, the order stated that, "the software shall not be considered or treated as 'technology'" in the sense of Export Administration Regulations. The Commodity Jurisdiction process was replaced with a Commodity Classification process, and a provision was added to allow export of 56-bit encryption if the exporter promised to add "key recovery" backdoors by the end of 1998. In 1999, the EAR was changed to allow 56-bit encryption and 1024-bit RSA to be exported without any backdoors, and new SSL cipher suites were introduced to support this. In 2000, the Department of Commerce implemented rules that greatly simplified the export of commercial and open source software containing cryptography, including allowing the key length restrictions to be removed after going through the Commodity Classification process and adding an exception for publicly available encryption source code.

Current status

, non-military cryptography exports from the U.S. are controlled by the Department of Commerce's Bureau of Industry and Security. Some restrictions still exist, even for mass market products, particularly with regard to export to "rogue states" and terrorist organizations. Militarized encryption equipment, TEMPEST-approved electronics, custom cryptographic software, and even cryptographic consulting services still require an export license. Furthermore, encryption registration with the BIS is required for the export of "mass market encryption commodities, software and components with encryption exceeding 64 bits". In addition, other items require a one-time review by, or notification to, BIS prior to export to most countries. For instance, the BIS must be notified before open-source cryptographic software is made publicly available on the Internet, though no review is required. Export regulations have been relaxed from pre-1996 standards, but are still complex. Other countries, notably those participating in the Wassenaar Arrangement, have similar restrictions.

U.S. export rules

U.S. non-military exports are controlled by Export Administration Regulations, a short name for the U.S. Code of Federal Regulations Title 15 chapter VII, subchapter C.
Encryption items specifically designed, developed, configured, adapted or modified for military
applications are controlled by
the Department of State on the United States Munitions List.

Terminology

Encryption export terminology is defined in EAR part 772.1. In particular:
Export destinations are classified by the EAR Supplement No. 1 to Part 740 into four country groups with further subdivisions; a country can belong to more than one group. For the purposes of encryption, groups B, D:1, and E:1 are important:
The EAR Supplement No. 1 to Part 738 contains the table with country restrictions. If a line of table that corresponds to the country contains an X in the reason for control column, the export of a controlled item requires a license, unless an exception can be applied. For the purposes of encryption, the following three reasons for control are important:
For export purposes each item is classified with the Export Control Classification Number with the help of the Commerce Control List. In particular:
An item can be either self-classified, or a classification requested from the BIS. A BIS review is required for typical items to get the 5A992 or 5D992 classification.