Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Is it illegal to write your own encryption? [closed]

Tags:

security

protection

encryption

Someone told me it was illegal to write your own encryption is this true?

like image 291
Dennis Avatar asked Apr 20 '11 14:04

Dennis

People also ask

Can you write your own encryption algorithm?

Simple answer is no. Even though the encryption algorithm is keep in secret, there are bunch of works(cryptanalysis) to break such a "black box" encryption algorithm. But when you design encryption algorithm(block cipher in this case), you have to evaluate your cihper against from known attack methods.

Why shouldn't programmers write their own crypto?

It's that if you do write your own algorithms, you need to realize that it will take a long time before you create anything that is actually capable of securing your information against a dedicated adversary in the real world. Cryptography is like sword fighting.

Is encryption illegal?

Because encryption products can be used for illegal purposes, including terrorist activity, the United States and many of the countries that you may visit may ban or severely regulate the import, export and use of encryption products.

2 Answers

Depends on the laws in your country/state. But unless you're in some tinpot dictatorship like North Korea, writing anything is very unlikely to be illegal. Now, if you came up with some super-dooper-ultra-secure-never-can-be-cracked encryption method that, miracle of miracles, actually IS uncrackable, then you're likely to run into trouble sharing it. "military-grade" encryption tends to be classified as "munitions" and is subject to export restrictions.

That being said, the odds of an amateur coming up with an actual bone-fide uncrackable algorithm are extremely slim. Anyone can write an encryption algorithm they cannot themselves crack, but that doesn't mean it's actually secure and likely is utterly trivial to crack by any half-decent cryptographer.

like image 177
Marc B Avatar answered Oct 05 '22 16:10

Marc B

Just writing it is not illegal. Well.... Maybe in some 3rd world country with a totalitarian government, but in general not.

But: Some countries (the USA among others) do have export limitations on shipping/selling encryption software across borders. You need a specialized lawyer to figure out what is/isn't allowed in that case.

However.... Rolling your own encryption for any sort of serious application is in general a bad idea. Designing a truly secure encryption algorithm is very, very, very hard. You better leave it to the experts and just use one of the many available algorithms in your own software/product.

like image 32
Tonny Avatar answered Oct 05 '22 15:10

Tonny
Sign in to Comment

Related questions

How to serve .flv files using PHP?
SQL Server schema best practices
Checklist of steps to secure asp.net web application? [closed]
Spring - Security : how are login username and password bound to the authentication-provider?
Are cross-domain favicons a security risk?
WCF - how to create programatically custom binding with binary encoding over HTTP(S)
Spring Security RememberMe Services with Session Cookie
How to add security identity (certificate + private key) to iPhone keychain?
How to block IP address or IP classes in ASP.NET
What characters or character combinations are invalid when ValidateRequest is set to true?
How to calculate the Modular Multiplicative inverse of a number in the context of RSA encryption?
Rails security on production server
How can I vendorize bcrypt in a PHP application (and should I)?
UnmanagedCode permission. What is it?
How safe is it to accept a pre-defined set of non-harmful HTML tags from a request?
IPrincipal.IsInRole() only works when I truncate the role names - why?
security and mail() function in php
Should a password salt be stored in its own field in the database?
Login Security Philosophy
Where do you put an encryption key on a public facing server?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!