Thus, if you installed encryption technology on your Linux system and then transported it out of the
country, you were violating federal law! Furthermore, if you e-mailed encryption software to a friend
in another country or let him or her download it from your server, you violated the law.
In January 2000, U.S. export laws relating to encryption software were relaxed considerably.
However, often the U.S. Commerce Department??™s Bureau of Export Administration requires a review
of encryption products before they can be exported. U.S. companies are also still not allowed to
export encryption technology to countries classified as supporting terrorism.
237
Securing Linux 6
Until recently, the United States government was standardized on a symmetric encryption algorithm
called DES (Data Encryption Standard) to secure important information. Because there is no direct
way to crack DES-encrypted data, to decrypt DES-encrypted data without a password, you would
have to use an unimaginable amount of computing power to try to guess the password. This is also
known as the brute force method of decryption.
As personal computing power has increased nearly exponentially, the DES algorithm has had to
be retired. In its place, after a very long and interesting search, the United States government has
accepted the Rijndael algorithm as what it calls the AES (Advanced Encryption Standard).
Pages:
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512