By Rory J. O'Connor
Mercury News Staff Writer

A Berkeley mathematician sued the State Department
Tuesday, in a case designed to challenge the government's
designation of encryption software as a ``munition'' subject
to extensive export controls.

The policy has prevented even the publication of some
schemes for individuals to protect their computer data or
electronic mail from eavesdropping. Distributing information
about many encryption schemes without government approval
could be a criminal act punishable by 10 years in prison and
fines of $1 million or more.

Daniel Bernstein, a Ph.D. candidate at the University of
California, decided to sue after the government told him 18
months ago he would have to register as an arms dealer under
the International Traffic in Arms Regulation if he wanted to
publicize an encryption program he had developed, according to
his attorney, Cindy Cohn of McGlashan and Sarrail in San
Mateo.

After reading electronic postings from other
cryptographers, Bernstein applied for permission to publish
the program and a paper describing how it works.

The government favors a strict policy because
computerized methods for sending coded messages have made the
job of intelligence gathering far more difficult.
Intelligence agencies have expressed concern that terrorists,
drug traffickers and hostile foreign governments could obtain
such string [sic] encryption software and communicate via
undecipherable coded messages.

Some of the exhibits filed with the lawsuit that outline
Bernstein's scheme had to be sealed from public view, Cohn
said. Attorneys were barred from discussing them because
making them public could be construed as a criminal act.

Civil liberties groups with computer connections have
long opposed the government's practice, saying it stifles
freedom of expression.