1. Technical Field
The invention relates to cryptography. More particularly, the invention relates to the use of cryptography in such a way that it may be exported in accordance with local laws.
2. Description of the Prior Art
The U.S. government currently allows general purpose encryption software to be exported only if it is restricted to small key sizes that provide relatively weak protection of data. The U.S. government allows stronger encryption software to be exported with approval if it is limited to certain applications, such as financial services. Typically special purpose protocols and software have been developed and standardized for each application area to gain government export approval for strong encryption. This is a very expensive and time consuming process. The Secure Sockets Layer (SSL) is a protocol that performs general purpose encryption. This makes it useful for many different types of applications. Applications that require strong encryption have had trouble using SSL because most users run client software that only supports export strength encryption. Because SSL supports general purpose encryption, it is not currently possible to get export permission for strong encryption with SSL. It would be possible to get export approval for client software that limited its use of SSL to applications that conformed to the U.S. government's rules for exporting special purpose strong encryption. If some method could be used to differentiate these uses of SSL from other general purpose uses of SSL on a case by case basis, then the expense and effort of creating special encryption software and protocols could be saved.