Cylink Corp claims it is the first company in the US to get export approval from the Department of Commerce to export TripleDES encryption technology in its software without key recovery. It got the approval because it is only to be used by international financial institutions and subsidiaries of US companies abroad. TripleDES encrypts data using keys 56-bits long three time over. Regular 56-bit encryption is the strongest the US government will allow to be exported without special approval, including the need for key recovery – the practice of storing a key with a trusted third party in case it needs to be recovered by law enforcement agencies for deciphering purposes later. The license permits the use of the Cylink technology to protect inter- and intra-bank communications and transactions and to secure proprietary data of US subsidiaries. TripleDES is considerably more powerful than DES, at least 256 times stronger in fact. Last year Worldtalk Corp got approval to export 128-bit encryption to the same sorts of companies for its internet telephony products with key recovery and Open Horizon Inc recently got approval for straight 56-bit export without recovery (CI No 3,343).
