You can write an entire legal dissertation on cryptography law. This is a good place to start:
http://rechten.uvt.nl/koops/cryptolaw/ > It is believed that AES 256-bit level encryption is not allowed in > some Asian countries. Encryption laws vary by country. Currently, the United States government forbids the export of military technologies to countries that are on the forbidden exports list: Belarus, Cuba, Iran, North Korea, Syria, Venezuela, Vietnam. In addition, there are provisions forbidding exports to countries which are currently under a U.S. arms embargo - Burma, China, Liberia, Somalia, and Sudan. (reference) http://pmddtc.state.gov/docs/ITAR/2007/ITAR_Part_126.pdf The U.S. Arms list used to specifically mention strong (in excess of 56-bit key length) encryption technologies as a munition, but ITAR was officially revised in April and I can't find a specific reference to it now. There are exemptions for personal use. > I would appreciate if you know anything or better yet have any > trusted source of information regarding this with respect to Hong > Kong / Japan /Singapore? China used to require that you turned over the keys to any encryption technologies (including SSL) used in the country: (ref) http://www.networkworld.com/careers/2004/0315man.html?page=1 http://rechten.uvt.nl/koops/cryptolaw/cls2.htm#prc Hong Kong is somewhat more complicated, but the laws there are subject to be overwritten: http://rechten.uvt.nl/koops/cryptolaw/cls2.htm#hk Japan currently has no domestic laws or regulations covering the use of cryptography: http://rechten.uvt.nl/koops/cryptolaw/cls2.htm#ja _______________________________________________ FDE mailing list [email protected] http://www.xml-dev.com/mailman/listinfo/fde
