Encryption and Technical Assistance

Encryption #

US Encryption Law, 1970s-1990s #

  • Encryption used to be regulated as a “munition”
  • “Export-grade” cryptography forced by federal regulations to be weaker than cryptography for US market
  • Regulations eventually relaxed around 2000
    • Still export controls for software with cryptographic functionality (but now loosening)
  • Free-speech challenges by CS professors
    • Bernstein v. U.S. DOJ (9th Cir. 1999)
    • Junger v. Daley (6th Cir. 2000)
  • Impact on modern-day web security
    • FREAK attack (export-grade RSA)
    • Logjam attack (export-grade Diffie-Hellman)
    • DROWN attack (export-grade RSA)