In article ,
wrote:

I may have made a mistake, I think it is illegal to SELL any encryption
the US government cannot break.

As far as I'm aware, even that is not correct. As stated, it would be
effectively impossible to enforce, since the prosecution would have to
prove beyond a reasonable doubt that the government was unable to
break any specific encryption algorithm, and I really doubt that they
could force the NSA to provide adequate expert testimony :-)

There are, however, a bunch of laws which regulate the *export* of
encryption technologies to purchasers outside the US. In particular,
the ITAR rules ("International Traffic in Arms Regulations") cover
many technologies, including encryption.

These regs are not as draconian as they were a decade or so ago - in
general you can get something like a rubber-stamp approval to export
encryption if it's something that is widely available on the Internet
(e.g. SSL with common algorithms), and/or if the encryption is done
internal to a product and is not externally accessible.

Exporting almost any product incorporating encryption technology to
certain unfriendly countries (e.g. North Korea, Iran) is forbidden by
law.

You'd need to discuss the current state of the law with a lawyer who
is fully up to speed on the ITAR regulations to know what is, or is
not exportable these days, under what conditions.