RSA Data Security set to sell restricted encryption software

RSA Data Security earlier this month announced the opening of a subsidiary in Australia to develop and sell certain encryption software worldwide that it cannot sell from its US headquarters. The US restricts the export of strong encryption developed in that country.

The Brisbane-based, wholly owned subsidiary, called RSA Data Security Australia, took the opportunity to launch its first product, a toolkit designed for independent software vendors and developers.

The toolkit, called BSAFE SSL-C, was created outside of the US and can thus be sold legally by RSA Data Security Australia to customers around the world, according to Katherine Stolz, product manager for security protocols at RSA in the US.

"The code base that this product is developed on was created internationally," Stolz said.

BSAFE SSL-C provides ISVs and developers with the tools they need to implement the Secure Sockets Layer (SSL) protocol, as well as the Transport Layer Security (TLS v.1.0) protocol, according to RSA Data Security.

BSAFE SSL-C is based on SSLeay, an implementation of SSL created by Eric Young and Tim Hudson, Australian cryptographers who have joined the newly formed RSA Data Security Australia.

So far, the subsidiary employs four people, but the division is slated to grow substantially, according to Stolz, who declined to be more specific.

In establishing the Australian subsidiary, RSA Data Security worked closely with the US Department of Commerce to ensure the company did not run foul of US law.

"RSA worked with us to make sure that wherever and however it set up shop, it would be using non-US technology and no US personnel," said a Commerce official who asked not to be identified.