41 As any good lawyer will tell you, intellectual property is just as tangible as real property, and in some cases easier to support in a court of law. Even using some technologies could constitute a legally binding agreement with the softwares creators, so you need to take care when dealing with any and all such systems. The U.S. government classifies all encryption routines as munitions, which is to say that they consider the mathematical formulas that protect data a dangerous technology. Cryptography, to the Feds, is the same as treason, illegal arms trading, smuggling, racketeering, and drug sales. The boys on the Hill do not take such matters lightly, either. You may ask yourself, How could a little code hurt the giant U.S. government or its citizens? To learn exactly why the government treats these technologies with such kid gloves, we have to look back at some historical elements. Remember the enigma box? It was a WWII German code box that scrambled military orders sent from the high command to the field. Along similar lines, the Japanese had developed a system involving a code box called Purple. In times of war, code cracking and encryption take on a very important role, best described by the saying: loose lips sink ships. The protection of even simple communication is of paramount importance to the government. If all the routines developed on U.S. soil were exported abroad with no restrictions and a war were to break out, it would be unclear to our military leaders if their communications were safe. Products and services described in this book may be prohibited from being exported outside of the United States, or crippled in such a way as to make them freely exportable. Generally a reduction in the size of the key used to encrypt the data allows for a license to ship overseas. International organizations are already working on strong world-wide encryption technologies, and we are sure that the next 10 years will paint a new landscape of the data protection universe. One typical legal protection that a cryptographic creator has is the patent. DES, contrary to popular belief, is patented, but it is distributed royalty-free, which is one of the reasons why it pops up almost everywhere. All public key two-key systems are patented as well, by either RSA Data Security Inc., or by the Public Key Partners PKP group see Table 2-1 . Obviously they make it their business to collect license fees and monitor for stray usages of their software. Table 2-1. Cryptographic Patents Encryption Routine Patent Information Hellman-Merkle Patent 4,218,582, expired August 19, 1997. Supposedly covers all public key systems. Rivest-Shamir-Adleman Patent 4,405,829, expires September 2, 2000. Covers the RSA algorithm. Hellman-Pohlig Patent 4,424,414, expires January 3, 2001. Related to Diffie-Hellman expired 1997. Schnorr Patent 4,995,082, expires February 19, 2008. The DSS Algorithm is based on this. Kravitz Patent 5,231,668, expires July 27, 2008. The actual DSS Algorithm.