Hacker News new | past | comments | ask | show | jobs | submit login

Is it? NIST has been putting backdoors in recommended encryption standards. USA State Department also classifies strong cryptography as a munition. As far as I know we don't do similar things in Europe (yet?), but I could be wrong.



Europe has dual-use tech export controls - http://www.wassenaar.org/

They're as meaningless as the American versions, only randomly ensnaring companies that sell to a doubleplus ungood entity. They don't do anything to stem the flow of crypto information or open source software to all parts of the globe.

And that NIST thing happened possibly once. It's not a common ongoing occurrence.


You quote that like Wassenaar is somehow a different thing to the US restrictions, but the US is a member of Wassenaar and ITAR is the USs implementation of it.

(So yes, to the broader point that all the Wassenaar countries implement very similar restrictions).


I was responding to the poster who wasn't sure if Europe had similar restrictions. Each country implements those agreements in unique ways, so my point was that everyone's implementation was basically pointless.

And, of course, the US's treatment of cryptography as munitions predates Wassenaar (the PGP case was previous to it, for instance), not sure about how everyone in Europe handled it prior to the agreement.


DES is also believed to contain a backdoor. And even if it only happened once, I still don't see how "Europe is farther down this path than the US is currently".


So England is going to just have all this fun by itself?

http://www.theverge.com/2016/11/23/13718768/uk-surveillance-...

They've actually had a law requiring you to decrypt on demand since 2007:

http://arstechnica.com/tech-policy/2007/10/uk-can-now-demand...

Nothing like that in the US at all. So, further down the path. France and Germany want similar laws.

http://www.reuters.com/article/europe-attacks-france-germany...

And other countries are joining in the call:

https://www.geektime.com/2016/11/26/5-eu-states-demand-bette...


Thanks for the pointers. I knew about the UK but I believe it is an exception in Europe rather than the rule, as of now. Of course I agree with you that probably most countries will try to get there, unfortunately. Then again, I can only read stuff written in my own language or English so I don't have the full view.


DES isn't widely believed to contain a backdoor. There were (a long time ago) questions about the changes the NSA made to the S-boxes, but it has since become apparent that these changes actually strengthened the cipher against differential cryptanalysis.

DES was weakened in a much more prosaic manner: the effective key size was reduced to 56 bits.




Join us for AI Startup School this June 16-17 in San Francisco!

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: