[1505] in cryptography@c2.net mail archive
"prior products lawful"
daemon@ATHENA.MIT.EDU (Ron Rivest)
Tue Sep 16 16:21:29 1997
From: rivest@theory.lcs.mit.edu (Ron Rivest)
Date: Tue, 16 Sep 97 16:15:23 EDT
To: cryptography@c2.net
Some of the proposed legislation against crypto says that:
(d) USE OF PRIOR PRODUCTS LAWFUL.-- After January 31, 2000, it
shall not be unlawful to use any encryption product purchased
or in use prior to such date.</I>
It would seem consistent with such language to define a cryptosystem
where the "crypto key" is just a _computer program_, and the "encryption
algorithm" or "encryption product" is an interpreter designed to execute
such programs. For example, the "encryption product" might just be
a Java VM, and the key is the Java byte-code sequence. This is not a new
idea--I have seen the idea of "program as encryption key" before (but
don't have a reference available--I think it was one of the CRYPTO rump
sessions).
As should be obvious, this gives a certain amount of flexibility to what
one can do after 1/31/2000, should the proposed legislation pass...
Cheers,
Ron Rivest
