|
INTERNATIONAL CRYPTOGRAPHY |
||
|
Last Updated 3 February 2001: Add USUC |
||
| This a growing list. Contributions welcome; send to: <[email protected]>
Please mirror this page, or scavenge it to make your own. Let us know about See also:
|
||
UNITED STATES UNRESTRICTED CRYPTOGRAPHY |
||
| Program | URL | Notes |
| USUC 1 Cracking DES |
http://www.shmoo.com/~pablos/Cracking_DES/ | The Shmoo Group is proud to present… for the first time… available legally for download in the United States… from the jurisdiction of the 9th US Circuit Court of Appeals… |
| USUC 2 Secure Office | http://www.filesafety.com
Mirror: http://come.to/SecureOffice |
Charles Booher’s site, formerly under attack by the USG |
| USUC 3 Secure Remote Password (SRP) distribution |
http://srp.stanford.edu/srp/ | A cryptographically secure remote-access suite, featuring Telnet and FTP with full strength 128-bit encryption. Open Source, unrestricted downloads. Available from mirror sites worldwide. |
| USUC 4 PGP 2.62 |
http://jya.com/pgp262-mil.zip | Mirror of US military web site offering of PGP 2.62 |
| USUC 5 Snuffle |
http://jya.com/snuffle.txt
Available also at USUC 1 |
Bernstein’s Snuffle program, centerpiece of Bernstein v. USDOJ |
| USUC 6 GSM A5/1 |
http://jya.com/a51-pi.htm | A Pedagogical Implementation of A5/1 |
| USUC 7 PGP 5.0 |
http://web.qx.net/infocus/pgpinfo.html | In Focus offering |
| USUC 8 GSM A5/1 and A5/2 |
http://cryptome.org/gsm-a512.htm | A Pedagogical Implementation of A5/1 and A5/2 |
| USUC 9 Des.c |
http://www.ixpres.com/lauraglenn/src/crypto/ | Ariel Glenn’s offering of Eric Young’s des.c |
| USUC 10 Shmoo Moola |
http://www.shmoo.com/crypto/ | Shmoo’s offering of « Cracking DES, » the book, and Bernstein’s Snuffle; Eric Cordian’s PERL crypto; and more |
| USUC 11 Crypto++ |
http://www.eskimo.com/~weidai/cryptlib.html | Wei Dai’s Crytpo++ Library |
| USUC 12 PGP 6.5.8 |
August 26, 2000: CAUTION — Do not use v6.5.2a due to ADK bug. See: http://cryptome.org/pgp-badbug.htm Use instead: |
PGPfreeware 6.5.8 Windows 95/98/NT/2000 and MacOS which have ADK-bug fixed. |
| USUC 13 Speak Freely |
http://www.speakfreely.org/ | Brian Wiles’ Speak Freely Internet Telephone |
| USUC 14
Michael |
http://cryptography.org/source/ | Michael Paul Johnson’s Encryption Algorithms
Pretty Good Privacy Source Code
RSA
|
| USUC 15 Kerebos |
http://cryptography.org/source/index.htm
http://cryptography.org/source/kerbnet/ http://cryptography.org/cgi-bin/crypto.cgi/KerbNet/docs/kerbnet-docs.tgz http://cryptography.org/cgi-bin/crypto.cgi/KerbNet/release_notes http://cryptography.org/cgi-bin/crypto.cgi/KerbNet/MD5SUMS http://cryptography.org/cgi-bin/crypto.cgi/KerbNet/source/kerbnet-source.tgz http://cryptography.org/cgi-bin/crypto.cgi/KerbNet/source/tcl-source.tgz |
Kerebos by Michael Paul Johnson |
| USUC 16 Variety |
http://www.crypto.com/exports/mail.txt | Open list of crypto offerings |
| USUC 17 PKI |
http://www.mozilla.org/projects/security/pki/src/download.html | This is the source code that Netscape used in Communicator and is now used in the iPlanet servers (http://www.iplanet.com/) |
| USUC 18 CP4Break |
http://cryptome.org/cp4/cp4break.html | CP4Break by Eddy Jansson and Matthew Skala |
| USUC 19 MIT Kerberos V5 release 1.2.1 |
http://www.crypto-publish.org/ | In order to provide people outside the US with access to open source cryptography, the Cryptography Publishing Project is making MIT Kerberos V5 release 1.2.1 available without restriction, in compliance with the changes in US export regulations since January, 2000.
The Project was started to make open source cryptographic software freely |
| USUC 20 PGP 7.0.3 |
PGP Freeware v 7.0.3 Windows (7.5 MB) PGP Freeware v 7.0.3 MacOS (6.2 MB) |
PGP Freeware 7.0.3 |
INTERNATIONAL MIRROR SITES |
||
| Country | URL | Notes |
| Australia 1 | ftp.psy.uq.oz.au:/pub/Crypto | |
| Australia 1 | ftp.psy.uq.oz.au:/pub/Crypto | |
| Australia 2 | http://vicraves.i-o.net.au/crypto.html | No access logging |
| Australia 3 | http://www.wiretapped.net/
http://the.wiretapped.net/security/cryptography/ |
A seriously vast array of other security and cryptography related material
AusMac Crypto Library |
| Austria 1 | ftp://ftp.giga.or.at/pub/hacker/crypt | Stuff related to crypto |
| Austria 2 | ftp://ftp.giga.or.at/pub/hacker/stego | Stuff related to steganography |
| Austria 3 | ftp://ftp.giga.or.at/pub/hacker/Incoming | For very welcome contributions of all sorts: binaries, texts, sources, etc. related to cryptography, cryptanalysis, steganography, information hiding, etc. |
| Brazil 1 | http://www.nw.com.br/users/pbarreto/crypto_page.html | Selected links, public domain crypto software, mostly related to elliptic curves and block ciphers |
| Brazil 2 | http://novaware.cps.softex.br/ | NOTICE: Neither Novaware nor this site are subject to restrictions from the Wassenaar Agreement on the control of Cryptography |
| Brazil 3 | http://novaware.cps.softex.br/mirrors/cryptix-java/ | Cryptix mirror |
| Canada 1 | http://www.privacy.nb.ca/cancrypt/ | CanCrypt, a directory of Canadian cryptographic resources. It is intended to be a clearing house of Canadian related cryptographic resources.
Although the relaxing of US export regulations has reduced some of its
233MB+; Apache-SSL, SSLeay, cryptlib, freeswan, gnupg, mozilla-crypto, pgpi, |
| Canada 2 | ftp://gwynne.cs.ualberta.ca/pub/Crypto/ | |
| Canada 3 | ftp://ftp.mindlink.net/pub/crypto/
See for access procedure: |
|
| Canada 4 | http://www.interlog.com/~rguerra/www | 224! PGP and Privacy Links |
| Canada 5 | http://crypto.yashy.com/ | |
| Croatia 1 | pgp.rasip.fer.hr:/pub/crypt | |
| Denmark 1 | http://www.datashopper.dk/~boo/index.html | Assorted PGP Freeware |
| Finland 1 | http://www.ssh.fi/tech/crypto/sites.html | Multiple Sources |
| Finland 2 | ftp.funet.fi:/pub/crypt | PGP, symmetric and asymmetric encryption, crypto libraries, papers |
| Finland 3 | http://www.pgpi.org/ | International PGP Home Page |
| Finland 4 | ftp://garbo.uwasa.fi/pc/crypt | |
| France 1 | http://web.cnam.fr/reseau/Crypto/ | L’utilisation du chiffrement en France |
| France 2 | ftp://ftp.lip6.fr/pub2/linux/networking/net-source/mail/pgp/ | GnuPG PGP Sendmail v1.4 Auto PGP 1.04 PGP 2.6.3is PGP 5.0-b8 |
| France 3 | http://www.fortunecity.co.uk/skyscraper/techie/18/cryptofree-fr.htm | « Liberte pour la cryptographie internationale. » UK Mirror, 10MB. PGP, DOS & Unix versions, sources, GNUPG, ScramDisk, the PGP 6.0 & 2.62 french manuals, etc. All are freeware and none have been exported from USA (only PGP international versions). |
| France 4 | http://www.cl.cam.ac.uk/~fapp2/software/Scramdisk_2.02H-fr.zip | A French version of ScramDisk, the famous hard disk encryption program for Windows 95/98 written by Aman & Sam Simpson. Fabien Petitcolas, a cryptographer from the Cambridge University (UK) supervised this work: http://www.cl.cam.ac.uk/~fapp2/scramdisk/ |
| Germany 1 | ftp.darmstadt.gmd.de:/pub/crypto | |
| Germany 2 | ftp.informatik.uni-hildesheim.de:/pub/security | |
| Germany 3 | ftp://ftp.pca.dfn.de/pub/tools/crypt/ | |
| Germany 4 | ftp://ftp.informatik.uni-hamburg.de/pub/virus/crypt/ | Disk and file encryption, PGP, stego, voice encryption |
| Germany 5 | ftp://ftp.uni-mainz.de/pub/internet/security/SSL/ | SSL site |
| Germany 6 | http://www.d.shuttle.de/isil/gnupg/ | The GNU Privacy Guard |
|---|---|---|
| Germany 7 | http://munitions.vipul.net/
Autosyncing mirrors:
http://munitions.dyn.org/dolphin.cgi?command=index
http://munitions.polkaroo.net
http://munitions.cifs.org — Sydney,
http://uk1.munitions.net — Oxford,
http://munitions.firenze.linux.it/ |
munitions is a mega-archive of cryptographic software for the linux operating system. here you’ll find free software tools for building and maintaining secure, tamperproof linux installations and achieving electronic privacy in the highly intrusive networked environments of today.
<network> <data haven> <email> <anonymizers> |
| Hong Kong 1 | ftp://ftp.futuredynamics.com/freecrypto/; or, if broken
ftp://futuredynamics.com/freecrypto/; ftp://202.87.252.100/freecrypto/ |
Mirrors of ftp.pgpi.com; ftp.psy.uq.oz.au/pub/Crypto (SSLeay and SSH); Fortify; and the Speakfree distribution from ftp.fourmilab.ch/pub/web/speakfree. About 180 Mb. More stuff will be hopefully added later. |
| Hungary 1 | ftp.kfki.hu:/pub/packages/security
Full description: http://www.kfki.hu/ftp.html#Security |
SSH, SSL, SSL applications, libdes, OPIE, PGP, SRP and other non-cryptographical-security tools. |
| Ireland 1 | ftp://ftp.heanet.ie/pub/crypto/ | Contains SSH, SSL, SSL apps, PGPI. More to come. |
| Italy 1 | idea.sec.dsi.unimi.it:/pub/security/crypt | |
| Japan 1 | http://www2.eccosys.co.jp/~tsuruta/pgp/ | Tsuruta’s MacPGP Page |
| Kyrgyzstan 1 | http://www.underground.org.kg/crypto/ | |
| Netherlands 1 | utopia.hacktic.nl:/pub/replay/pub/disk | Apache, Applied Crypto files, encryption, Java, PGP, remailers, security, voice encryption files |
| Netherlands 2 | http://www.replay.com | |
| Netherlands 3 | ftp://ftp.replay.com/pub/crypto/crypto/LIBS/cryptolib/crypto30.zip | Crypto++ 3.0, a major revision of a free C++ class library of cryptographic primitives. |
| Netherlands 4 | http://www.monster.org/mirror/gsm/ | GSM A5/1 and A5/2. |
| New Zealand 1 | http://www.cs.auckland.ac.nz/~pgut001/links.html | A Comprehensive List of Worldwide Sources |
| New Zealand 2 | http://www.cs.auckland.ac.nz/~pgut001/archive.html
(Not yet active; meanwhile see NZ 1 above) |
Peter Guttman: This currently contains a mostly blank page because it’ll take a few days to get things set up, but I thought I’d get the ball rolling. Once it’s ready I’ll use it to make all sorts of crypto available to anyone anywhere until ordered by a NZ court to stop doing so (this is a long way removed from being ordered by the Ministry of Foreign Affairs and Trade to stop doing so), or alternatively until the machine sh*ts itself and dies, which may happen somewhat sooner :-).
The archives (when ready) will be stored on a machine for which accesses |
| Norway 1 | ftp.unit.no:/pub/unix/security | |
| Norway 2 | ftp://ftp.ifi.uio.no/pub/gnu/ | Main distribution site for crypt() in glibc |
| Norway 3 | ftp://ftp.ifi.uio.no/pub/pgp/ (the same as ftp.no.pgpi.com) |
Main distribution site for pgpi |
| Norway 4 | ftp://ftp.at.pgpi.com/pub/pgpi/ ftp://ftp.au.pgpi.com/pub/pgp/ ftp://ftp.ch.pgpi.com/pub/pgp/ ftp://ftp.cz.pgpi.com/pub/pgp/ ftp://ftp.de.pgpi.com/pub/pgp/ ftp://ftp.dk.pgpi.com/pub/pgp/ ftp://ftp.es.pgpi.com/pub/pgp/ ftp://ftp.fi.pgpi.com/pub/pgp/ ftp://ftp.jp.pgpi.com/pub/pgp/ ftp://ftp.kr.pgpi.com/pub/security/pgp/ ftp://ftp.nl.pgpi.com/pub/pgp/ ftp://ftp.pl.pgpi.com/pub/pgpi/ ftp://ftp.ru.pgpi.com/pub/pgp/ ftp://ftp.se.pgpi.com/pub/pgp/ |
PGP International Mirrors |
| Norway 5 | ftp://ftp.kerneli.org/pub/linux/kerneli/v2.1/ ( which is verden.pvv.org which is verden.pvv.ntnu.no ) |
Main distribution site for the international kernel patch for Linux (collection of crypto-patches for the linux kernel) |
| Russia 1 | ftp.kiae.su:/unix/crypto | |
| Spain 1 | http://www.kriptopolis.com/software/prog.html | |
| Spain 2 | http://www.argo.es/~jcea/cripto.htm | Criptología by Jesús Cea Avión |
| Sweden 1 | ftp.sunet.se:/pub/security/tools/crypt | Swedish University Network Security Archives |
| Switzerland 1 | http://www.semper.org/sirene/outsideworld/security.html | IBM Zurich Security and Cryptography Sources |
| Switzerland 2 | http://www.semper.org/sirene/people/gerrit/secprod/ secprod.html |
Gerrit Bleumer’s Cryptography Enhanced Products |
| United Kingdom 1 | ftp.ox.ac.uk:/pub/crypto | DES, SSL, cryptanalysis, documentation, PGP, miscellaneous |
| United Kingdom 2 | http://www.dcs.exeter.ac.uk/~aba/ | Adam Back’s Resources |
| United Kingdom 3 | ftp://ftp.cl.cam.ac.uk/users/rja14/ | Ross Anderson’s FTP Sources |
| United Kingdom 4 | http://www.notatla.demon.co.uk/CRYPTO/crypto.html | pgutlinks.html 245K SSLeay-0.9.0b.tar.gz 1.3M crypto-free.htm 28K Fortify-README 2K Fortify-1.3.1-unix-x86.tar.gz 372K apache_1.3.3+ssl_1.29.tar.gz 37K crypto30.zip 394K nhs-rpt.wp 88K aba_zergo.txt 142K bnlib.tar.gz 142K cfs-1.3.3bf-1.i386.rpm.tar.gz 192K crypto.html 8K ssh 1.2.27
|
| United Kingdom 5 | ftp://opensores.thebunker.net/pub/mirrors/ | The Bunker open source FTP repository is housed in an ex-military data centre, buried deep below the earth in a nuclear, chemical and biological warfare proof bunker.
SSLapps, SSLeay, argus, crack5, cracklib, MD5, SHA, l6, satan, ssh, stunnel, |
| United States 1 | http://www.cryptography.org/
http://cryptography.org/cgi-bin/crypto.cgi/libraries/crypto30.zip http://cryptography.org/cgi-bin/crypto.cgi/libraries/crypto23.zip |
North American Cryptography Archives. Archive of crypto software, only available from the US and Canada. Crypto++ 3.0, a major revision of a free C++ class library of cryptographic primitives. |
| United States 2 | http://cryptography.org/freecryp.htm | Crypto Sites Outside North America |
| United States 3 | http://www.austinlinks.com/Crypto/ | Quadralay Cryptography Archive |
| United States 4 | http://theory.lcs.mit.edu/~rivest/crypto-security.html | Ron Rivest’s Links |
| United States 5 | http://www.genocide2600.com/~tattooman/cryptography/
Packet Storm is now owned by Kroll-O’Gara, an international security corporation,
Tattooman has blessed this |
Maintainer: Ken Williams. Contents: Crypto Libraries, SecureOffice, Source Code for all AES Candidates, Applied Crypto, Cryptanalysis, GNUGP, Kerberos, PGP, Skip, Snow, Snuffle, SSH, Steganography, Voice Encryption, source code, crypto papers, much more, and more on the way. Size: 300+ MB, 2000+ files, and growing every day. |
| United States 6 | http://www.c4i.org/erehwon/crypto.html | URL revised 29 November 2000 |
| United States 7 | http://www.eskimo.com/~weidai/cryptlib.html | Crypto++ 3.0, a major revision of a free C++ class library of cryptographic primitives. |
| United States 8 | http://www.lila.com/nautilus | Nautilus, with links to non-US sites. |
| United States 9 | http://www.counterpane.com/sites.html | Bruce Schneier’s Sources for Software and Source Code |
| United States 10 | ftp://ftp.clark.net/pub/cme/ | Carl Ellison’s FTP Sources |
| United States 11 | http://www.jjtc.com/Security/ | Neil Johnson’s Cryptography and Encryption Sources |
| United States 12 | http://www.homeport.org/~adam/crypto/ | Adam Shostack’s Cryptographic Libraries |
| United States 13 | http://www.io.com/~ritter/ | Terry Ritter’s Codes, Links, Tutorials |
| United States 14 | http://www.enter.net/~chronos/cryptolog1.html | Crypto-Log: Codes, papers and policies |
| United States 15 | http://www.cryptography.com/resources/index.html | Paul Kocher’s Cryptography Resources Online |
| United States 16 | http://www.cypher.net/tools/crypto-free.html | Mirror of this page, updated 4 times daily. |
| United States 17 | http://members.tripod.com/~the_cancer/Crypto/index.html | PGP Crypto: QDPGP, XCrypt, MAilPGP, Peics |
| United States 18 | http://www.theargon.com | The A.R.G.O.N. Security and Crypto Site |
| United States 19 | ftp://ftp.jpunix.com | John Perry’s PGPdomo for secure mailing lists, and other programs |
| United States 20 | http://home.ptd.net/~kruslicc/ | CryptoCards – strong encryption with deck of cards |
| United States 21 | http://www.angelfire.com/md/keyshift/ | PR0 Death’s PGP Message Shifter Applet |
| United States 22 | http://ciphersaber.gurus.com | |
| United States 23 | http://people.qualcomm.com/karn/code/index.html | Phil Karn’s Software Packages and Utilities
ACE demod – Software demodulator for Advanced Composition Explorer |
| US 24 | http://www.salts.navy.mil/ftp/pub/software/programs/NT/Netscape/ | US Navy offers Netscape with 128-bit crypto. More programs in other directories. |
| US 25 | http://www.ccd.bnl.gov/pub/IRIX/pgp-262/bin/ | Brookhaven National Laboratory offers IRIS ELF for PGP 2.62 |
| NOTES | ||
| Note 1: John Gilmore’s proposal is to mirror the contents of cryptography sites not just the URLs.
We’ve been asked what to mirror if it is not possible to mirror large archives John Gilmore recommends:
Jim Gillogly recommends:
Jim Choate recommends that cryptography documentation be mirrored
Mirror whatever you can until better advice for selections comes along. Prime
For complaints about the restrictions on privacy to be implemented due to |
||
| Note 2: Please forward news and information on the recent Wassenaar Arrangement restrictions in your country to John Young <[email protected]>. Anonymous and encrypted messages welcome. PGP public keys of John Young. Check Cryptome for news.
Note 3: For information on cryptography export
Note 4: More mirror sites are needed in countries From: Richard Stallman <[email protected]> Subject: Encryption software volunteers needed in countries without export control We need to find volunteers in countries which are not signatories to Wassenaar to take over development and distribution of encryption software such as the GNU Privacy Guard and PSST. We are looking for (1) an ftp site from which to distribute the software, and (2) people to carry on the development work. If you have contacts in any non-signatory country, please circulate this message as widely as possible in your country, looking for people who might want to volunteer for GNU software development. Non-signatory countries that come to mind as possible places where free encryption software can be developed include Mexico, India, Croatia, China, South Africa, and perhaps Israel. However, any country is ok if its laws do not prevent the work. |
||
« Declan: This point is worth clarifying. The new regs remove restrictions
from the posting of publicly available encryption source code for
downloading. The regs say:
a) If you post encryption source code to a site on the net and anyone can
access it, you do not need to have it reviewed by BXA or obtain a license.b) Simply posting this « publicly available » encryption source code does not
count as an export and does not trigger all the terrorist sanctions and other
requirements created by various Federal sanctions laws.(what this means is that if you post some code and Saddam Hussein downloads
it, you are not liable. If Saddam calls you up and asks you to e-mail
him the code, and you send the e-mail without applying for and receiving
a license, you are liable).c) You do need to send BXA an E-mail with the internet location of
the posted source code and you are prohibited from sending (as opposed to
posting) the encryption source code to a terrorist country or an individual
on one of our denial lists.d) if a foreign person makes a new product with the source code you’ve posted,
there are no review or licensing requirements for that foreign product.
If they pay you a royalty or licensing fee for a product they’ve developed
for commercial sale, however, you may have to report some information to
BXA.
It appears that the only requirement for Mr. Young is to notify us of the
location of the source code (http://jya.com/crypto.htm). »
— James Lewis, BXA, BXA On « Is
this man a crypto-criminal? », January 18, 2000
"The EAR is amended as follows:
1. In Sec. 734.2, Important EAR Terms and Principles, unrestricted
encryption source code under Sec. 740.13(e), commercial encryption
source code under Sec. 740.17(a)(5)(i) and retail products under
Sec. 740.17(a)(3) are exempted from Internet download screening
requirements in Sec. 734.2 (b)(9)(iii). A revised screening mechanism
for other encryption products exported to government end-users is
added. Please note that Sec. 734.2(b)(9) contains the relevant
definitions for the export of encryption source code and object code
software. In addition, cross-referencing changes are made to
Secs. 734.7, 734.8, and 734.9.
2. In Sec. 740.13, Technology and Software Unrestricted, changes
are made to reflect amendments to the Wassenaar Arrangement.
Specifically, encryption software is no longer eligible for mass market
treatment under the General Software Note. Encryption commodities and
software are now eligible for mass market treatment under the new
Cryptography Note in Category 5--Part 2 of the CCL. This Note
multilaterally decontrols mass market encryption commodities and
software up to and including 64-bits. Such products, after review and
classification by BXA, are classified under Export Commodity Control
Numbers (ECCNs) 5A992 or 5D992, thereby releasing them from ``EI''
(Encryption Items) and ``NS'' (National Security) controls, and making
them eligible for export and reexport to all destinations (see
Sec. 742.15(b)(1)(iii) of the EAR). Once mass market encryption
software and commodities are released from ``EI'' controls they may be
eligible for de minimis and publicly available treatment (see part 734
of the EAR).
3. Also in Sec. 740.13, to, in part, take into account the ``open
source'' approach to software development, unrestricted encryption
source code not subject to an express agreement for the payment of a
licensing fee or royalty for commercial production or sale of any
product developed using the source code can, without review, be
released from ``EI'' controls and exported and reexported under License
Exception TSU. Intellectual property protection (e.g., copyright,
patent, or trademark) would not, by itself, be construed as an express
agreement for the payment of a licensing fee or royalty for commercial
production or sale of any product developed using the source code. To
qualify, exporters must notify BXA of the Internet location (e.g., URL
or Internet address) or provide a copy of the source code by the time
of export. These notifications are only required for the initial
export; there are no notification requirements for end-users
subsequently using the source code. Notification can be made by e-mail
to [email protected]."
— Bureau of Export Administration,
Revisions to Encryption Items,
January 14, 2000
« Q Mr. Marshall, on her point, please. The head of the DEA and the
FBI have repeatedly — and Ms. Reno — have repeatedly warned of the dangers
of not being able to break the codes of criminals. And of course encryption
legislation is being debated at length. Is this an indication that maybe
that’s not so great a problem after all?
MR. MARSHALL (Drug Enforcement Adminstration): Well, that was not a significant
impediment in this particular investigation. We’ve encountered that
in many, many other investigations. We’re encountering it ever more frequently.
And we hope that we don’t lose the ability to intercept encrypted communications.
ATTY. GEN. RENO: I would point out — I would point out in that regard that
in this instance, it was not an obstacle. But as more and more drug
traffickers and others engaged in organized crime and other activities, including
terrorism, encrypt their communication, it is going to be more and more difficult
for law enforcement. And that is the reason it is so important law
enforcement work with the private sector and with others to ensure the protection
of our national security interests and to make sure that we balance the privacy
concerns that are so important with law enforcement’s legitimate concerns. »
— DoJ Press Conference, Arrest
of Colombian Drug Trafficers in Operation Millennium, October 13, 1999
« Much work remains to be done. In particular, I believe we must soon address
the risks posed by electronic distribution of encryption software. Although
the Wassenaar Nations have now reached agreement to control the distribution
of mass market encryption software of certain cryptographic strength, some
Wassenaar Nations continue not to control encryption software that is distributed
over the Internet, either because the software is in the ‘public domain’
or because those Nations do not control distribution of intangible items.
While I recognize that this issue is controversial, unless we address this
situation, use of the Internet to distribute encryption products will render
Wassenaar’s controls immaterial. »
— US Attorney General Janet Reno,
Ban Encryption
on the Internet, May, 1999
« Never has our ability to shield our affairs from prying eyes been at such
a low ebb. The availability and use of secure encryption may offer an opportunity
to reclaim some portion of the privacy we have lost. Government efforts to
control encryption thus may well implicate not only the First Amendment rights
of cryptographers intent on pushing the boundaries of their science, but
also the constitutional rights of each of us as potential recipients of
encryption’s bounty. »
— US Appeals Court Judge Betty Fletcher, in the
Bernstein opinion,
May 6, 1999.
New US section for:
Heeding Hugh Daniels’ call today to let 1,000 US crypto sites flower
free of unconstitutional encryption export restrictions in the light of
the May 6 Bernstein opinion,
we invite contributions of
unlimited-strengh encryption programs and/or links to such programs
for the new US unrestricted cryptography section here. See also
formerly restricted US sites below.
Dec. 3 Wassenaar Arrangement Lists in
original
DOC format and HTML
format
Encryption and
Security Tutorial
Free Crypto Logos
Free Crypto Org
Electronic Civil
Disobedience (ECD) <- look to last section