Do any of you know if I need to be concerned about US cryptography export regulations if I am generating an MD5 hash of a string with the Common Crypto library? I know this can be an issue when wanting to distribute worldwide on the app store but I am fairly unfamiliar with cryptography and my google searches on the subject have only seemed to turn up vague information on the regulations, but enough information on cryptography to make my head hurt.

I am only using the MD5 hash for transmitting/storing passwords to avoid plain text if that makes any difference.

Export of cryptography - Wikipedia, the free encyclopedia

Restrictions on the import of cryptography - Wikipedia, the free encyclopedia

Considering that MD5 is enabled and distributed globally in countless flavors of linux, I doubt you'd ever need to worry about encrypting passwords.

I trust you're using a double encryption method.

Thanks, I figured that much but I wanted to be sure. Since the app store allows your apps to be distributed worldwide this is going to be a concern for a lot of people.

I don't want to post too many details, but yes, the passwords will be safe

If anyone else is wondering about this you don't need to worry about export regulations on the app store if you are only using the encryption for authentication purposes according to Apple.

If you are using encryption for anything else in your program you will need to provide some details about it for export compliance if you are making your app available in other countries.