Pretty Good Privacy - Legal Issues

People often claim that PGP is illegal. There are three separate reasons why they might claim so.

Issue 1: Export Law

It is probable (not certain, but probable) that PGP falls under the ITAR restrictions, which control the export of munitions and cryptographic technology from the US and Canada.

If this is the case, it is illegal to export PGP from the USA or Canada to any other country.

Of course, if you don't get PGP from the US or Canada, the issue is moot.

Issue 2: Crypto Legality

In some countries, the use of cryptography is restricted by law. For example, in the UK it is illegal to transmit encrypted data by radio communication. This is generally the case in other countries, where Amateur Radio frequencies are concerned.

In some countries, it is outright illegal to encrypt data at all. In other countries, they're working on it.

Some providers of networking services restrict what sort of traffic is allowed on their networks. Make sure your service provider allows the passage of encrypted data.

Issue 3: Patent Stupidity

The RSA public key cryptosystem was developed at MIT by Rivest, Shamir and Adleman. Shortly before the details were due to be published, some gentlemen from a US government department reportedly "asked" them to cancel publication. However, copies of the article had already reached the outside world; A.K. Dewdney of Scientific American had a photocopy of the document explaining the algorithm. People began hastily photocopying and distributing the document.

The RSA algorithm had been developed with Federal funding from grants from the National Science Foundation and the Navy. It was patented by MIT (U.S. patent #4,405,829, issued 20th September 1983).

The patent was then handed over to a commercial company in California called Public Key Partners (PKP). PKP hold the exclusive commercial license to sell and sub-license the RSA public key cryptosystem. They also hold other patents which cover other public key cryptography algorithms. This gives them absolute control over who may legally use public key cryptography in the US and Canada.

Note that the RSA patents are not valid outside the USA and Canada, because the patent was not applied for until after publication.

Also note that none of PKP's patents have been tested in court. They might be ruled invalid in a real court case. PKP have been reluctant to take people to court, although they did threaten Phil Zimmerman, the author of PGP, with legal action. So far, there has been a lot of sabre-rattling, but no real action.

PKP have also been seemingly reluctant to produce any products or license their patents. Eventually, after PGP 1.0 was released, PKP released their own RSA code. Called RSAREF, it licensed for test applications only, not for real use. They repeatedly refused to license RSA for use in PGP, until MIT (the original patent holders, remember) forced them to license MIT PGP 2.6.

The IDEA algorithm used in PGP is also patented, by Ascom-Tech AG of Zurich. However, Ascom-Tech allow free use of the IDEA algorithm in freeware and shareware products.

A US company, ViaCrypt, has side-stepped this legal issue. They had already licensed the RSA algorithm from PKP, and it was clear that the license applied to PGP, given a suitable implementation of RSA. ViaCrypt have therefore been able to start selling an entirely legal, 100% legitimate version of PGP, with all patents properly licensed.

ViaCrypt PGP

ViaCrypt PGP is a commercial public-key encryption package which is based on, and virtually identical to, the freeware program known as PGP, or "Pretty Good Privacy".

(The source code is in fact identical to that of the freeware version of PGP, with the exception of the RSA encryption module, which is one ViaCrypt developed in-house after acquiring a license for the algorithm from PKP. In addition, ViaCrypt incorporates a few bug fixes. The private-key crypto algorithm is IDEA, as in freeware PGP, for which ViaCrypt has obtained a license from Ascom-Tech AG of Zurich.)

ViaCrypt bought its RSA license from PKP before either PKP or ViaCrypt knew that ViaCrypt would someday use it to sell PGP. ViaCrypt later acquired the rights to sell PGP from Phil Zimmermann. ViaCrypt's PKP license clearly allows them to sell PGP. ViaCrypt PGP Output is byte-for-byte identical with that of freeware PGP 2.3a, except that the "Version" header before the message body reads "Version: 2.4" instead of "Version: 2.3a". Keys, signature certificates, and ciphertexts produced by one program will be identical to, and transparently handled by, the other.

ViaCrypt PGP is available in the US and Canada only, pending any future relaxation of the ITAR export control laws. Phil Zimmermann says that no compromises in the cryptographic strength of PGP were made for ViaCrypt's version of PGP.

The ViaCrypt PGP package includes program disks (executables only, no source code), a user manual, and an individual user license. The current release is available for MS-DOS and UNIX. There is a special version available which interfaces to CompuServe's CIM. Prices start at $100 for the DOS version.

For more information, see ViaCrypt's home page.

Thanks to Hugh Miller <> and Jack Edward Brown, Jr. <> for the information.

ViaCrypt plan a 2.7 release which will be compatible with PGP 2.6 from MIT. Upgrades from ViaCrypt PGP 2.4 will cost $10 or so.


Meanwhile, some people at MIT were unhappy about the situation. It was decided that MIT would release a version of PGP, based on the original freeware code, but using RSADSI's official RSAREF libraries for the public key encryption routines.

PKP promptly threatened MIT with a lawsuit. Bizarre, given that the RSA patent was MIT's to start with. MIT refused to give in, and now there is a perfectly legal freeware version of PGP available in the USA from MIT. Note that it may not be exported.

International PGP

So, what about users outside the USA? Fortunately, it has been possible to export the non-encryption parts of the PGP source code, and then plug in the original encryption routines from PGP 2.3. The result is a faster version of PGP, illegal in the USA.

For more information, try the International PGP home page.

So what does this all mean?

We can summarize the legal status of PGP as follows: