Re: FW: Crypto

From: Thomas Pornin (
Date: Thu Aug 03 2000 - 03:48:33 EST

In article <> you write:
> from France

Actually, I am from France and my PhD thesis is about cryptography,
therefore I can tell a few things about French law on cryptography. The
situation is now the following: authentication and signature systems
have no limit on usage, export and import. For distribution to others,
it should be "declared"; the declaration procedure is light (one month
max, no tax). For information-hiding systems, usage and import is
free for private people, up to 128-bit keys. Export is restricted
(due to international treaties); distribution is once again subject
to declaration. Above 128 bits, the declaration is replaced by an
authorization procedure, which might take longer.

Obviously, 128 bits are already too much for brute-force breaking. This
limit is historical: there is a law, that states that there exists a
limit, between free/declarative and authorized-only. The limit is fixed
by a decree. The first goal of the law was to allow judges to break
secrets when needed, and the limit was 40 bits. The newer decree (march
17th, 1999) could not break the law, so it just raised the limit so
that there still existed some major schemes beyond that limit. 3DES is
168-bit, so the 128-bit limit does not completely void the law.

The current purpose of French law on cryptography is twofold:
-- Allow easy distribution of SSL-compliant web browsers and servers
   (for e-commerce, of course !); as a side effet, PGP is also
   allowed (even for redistribution, PGP Inc. made the necessary
-- Let the related agencies know about the systems distributed in
   France, so that they could warn French industries that use a weak

To my knowledge, nobody, neither private people nor industry, was
ever prosecuted or even remotely threatened in France for use of too
strong cryptography in the last few years. Moreover, cryptography
vendors yearn for the declaration/authorization procedure, since a
"government-blessed" system is widely considered as high-quality.

For Linux: there is no real limitation in France about integrating
cryptography in the kernel. Vendors such as RedHat will perform the
administrative procedures. Smaller will do nothing and everything will
be fine. So let the code enter (as long as it is high-quality).

        --Thomas Pornin

To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to
Please read the FAQ at

This archive was generated by hypermail 2b29 : Mon Aug 07 2000 - 21:00:10 EST