ITAR is "International Traffic in Arms Regulations", a set of U.S. government regulations that, among other things, limit the strength of cryptographic algorithms implemented in software destined to be exported out of the United States. The ITAR regulations, as they apply to cryptography at least, are outrageous! Raising public awareness of this problem is one of the reasons the distributed.net network exists.

The RC5-72 project clients are NOT ILLEGAL to export. In short our software cannot be used to encrypt or decrypt other people's data. It works on only the first few bytes of a pre-encrypted message comparing the results to a bit of known (and fixed) plaintext ("The unknown message is:"). Therefore it doesn't fall under ITAR restrictions unlike general purpose crypto software such as PGP (Pretty Good Privacy, a popular encryption program available on the internet).