Europe, US to harmonise encryption export controls
Agreement ends long-running trade dispute
Posted in Business, 4th December 1998 12:49 GMT
Increase your knowledge of the latest threats to your busines
US and European Union (EU) officials have reached an agreement on export controls for cryptography software, the New York Times has reported. According to US special envoy for cryptography David Aaron, quoted by the NYT, representatives of both blocs agreed to restrict the export of encryption software that uses keys of 64 bits or more. US law currently forbids companies from exporting software that uses that level of encryption. That's why US versions of Web browsers contain 128-bit encryption to encode e-commerce transactions, but European versions use a much lower level of security -- just 40 bits per key. The agreement, reached yesterday by the 33 members of the Wassenaar Arrangement, will impose those export restrictions on European software suppliers. The more bits in the key, the harder it is to crack. The US government claims 64-bit keys are sufficient for almost all uses. However, earlier this year, researchers were able to break a 56-bit code, albeit using a network of hundreds of PCs operating in parallel. Much tougher keys, including the 128-bit keys commonplace in e-commerce applications, are thought to be virtually impossible to crack using today's technology through the next few generations of processor. ®
See what The Register's experts have to say on application security


The future of SaaS and IT infrastructure management
The Total Economic Impact of Dell's PC products and services
The best practices guide for application security
Reducing messaging and web security costs with managed services

Win a Samsung C6625!
Is your cameraphone an oxymoron?
Reg Mobile and Wireless newsletter is go! go! go!
Sign up, sign up for The Register IT security newsletter