Sidebar 1 : Encryption on Public Networks

Encrypting data and sending it across a public network is illegal in some countries. You may need a clearance from the local authorities to be able to use it. And, with the proliferation of the Internet and publicly available encryption software like PGP, the number of countries where it is illegal is growing. For instance, in Europe a discussion has begun by politicians in different countries about whether they should ban the use of encryption on the Internet.

This government paranoia stems from the fear that terrorists could be using these encryption techniques to exchange messages that threaten national security. Big Brother wants to be able to read these messages and "check" them.

Another issue related to the encryption is the ITAR regulation in the United States. Encryption software is considered ammunitions and thus is export restricted. This means that strong encryption software (remember this applies to the software, not to the underlying algorithm) is banned from export. So, we in Europe are forced to download the international version of a program like Netscape, which uses a 40-bit encryption scheme. The domestic version of Netscape uses the much stronger scheme of 128 bits. Because the export ban only applies to software and not to the algorithm itself, a number of foreign implementations of strong encryption software have popped up. It is perfectly legal to import that foreign software into the United States, however once imported, you are not allowed to re-export it!