On Tue, Sep 3, 2013 at 2:49 PM, Richard Salz <rich.s...@gmail.com> wrote: >> ITAR doesn't require a license or permit for strong hash functions, but for >> US persons >> require(d?) notification of NSA of authorship, contact email and download >> URL(s), at least in >> 2006 it did. > > That strikes me as an overly-conservative reading of the rules, but > it's been some time since I was involved in this stuff. After all, > there is no key in a hash function. Notification was required for open > source, or a commodity classification for a product that had general > encryption facilities. > > If the notification for hash is (still?) required, I believe you can > do it now via a simple phone call. To anyone. #thanks_prism. > Can't you trivially transform a hash into a PRNG, a PRNG into a cypher, and vice versa?
hash->PRNG: append blocks that are digest (seed ++ counter ++ seed) PRNG->cypher: XOR with data from PRNG cypher->hash: encrypt(data, constant_key) Of course, that might not be the best way to construct the most efficient and most robust versions of the respective functions, but that might do a decent enough job, and make export restrictions meaningless. Or once again, maybe a general problem solver given the specification of some cryptographic function satisfying some properties could automatically find a robust enough algorithm, and then it's impossible to either restrict its export or patent. Now, if each time your solver is itself run with a different PRNG and seed, it needs to send a copy of its output to the NSA, things become "interesting". —♯ƒ • François-René ÐVB Rideau •Reflection&Cybernethics• http://fare.tunes.org The ultimate result of shielding men from the effects of folly is to fill the world with fools. — Herbert Spencer _______________________________________________ The cryptography mailing list cryptography@metzdowd.com http://www.metzdowd.com/mailman/listinfo/cryptography