Re: PLEASE HELP - How do I include OpenSSL in my code? <OT: Cryptographic laws>

On 2006-05-13, Richard Heathfield <invalid@xxxxxxxxxxxxxxx> wrote:
Andrew Poelstra said:

<snip>

Also, if you understood basic import/export cryptography laws, those
warnings would be warnings and you'd know how to avoid legal issues.
For example, there are no laws barring export between the US and
Canada that I know of, but to transfer cryposystems overseas you must
not use an electronic form.

I've got news for you, folks - we already have strong crypto outside the
USA. We've had unbreakable crypto (albeit impractical for many purposes)
for almost a century, and almost-unbreakable public/private key for - well,
for just a few years longer than you. :-)

Yes, I'm well aware of that. :-)

And in any case, inventing a reasonably secure cryptosystem is, frankly,
trivial. The tricky bit is not the "technology" if that's the word, but the
usage - a great many ciphers are cracked not because they are inherently
weak but because they are misused.

True; of course, most people who hear that believe that ciphertext[i] =
plaintext[i] ^ 5 is a "reasonably secure cryptosystem". I prefer to say
simply that only cryptographers can make decent ciphers. It saves me
from every having to debug a homebrew one.

.