From: John Young <jya@pipeline.com>
To: cypherpunks@toad.com
Message Hash: 14e5aa4e2df51045bed7fc4f12b8636a6ba36c5b8784bb8b92d152c86f3538d9
Message ID: <199602221950.OAA27083@pipe1.nyc.pipeline.com>
Reply To: N/A
UTC Datetime: 1996-02-22 21:18:05 UTC
Raw Date: Fri, 23 Feb 1996 05:18:05 +0800
From: John Young <jya@pipeline.com>
Date: Fri, 23 Feb 1996 05:18:05 +0800
To: cypherpunks@toad.com
Subject: TIS--Building in Big Brother for a Better Tommorrow
Message-ID: <199602221950.OAA27083@pipe1.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain
To supplement TIS's Web site information on CKE, here's a
mailing from Steve Walker earlier this month:
TRUSTED INFORMATION SYSTEMS, INC.
February 2, 1996
There has been amazing progress on TIS's Commercial Key
Escrow (CKE) initiative since my last status report.
In November, we submitted a Commodity Jurisdiction (CJ)
request to the U.S. Department of State for our Gauntlet
Internet Firewall Product with CKE-based IP Encryption,
which constitutes our Global Virtual Private Network (GVPN)
system (see figure 1). Our Gauntlet system has had a
Virtual Private Network (VPN) capability using the Data
Encryption Standard (DES) algorithm to encrypt
firewall-to-firewall communications for the past year. But
because of U.S. export controls, we have not been able to
sell this option outside of the U.S. and Canada. By adding
CKE technology to our firewalls, the Gauntlet system with
DES and CKE now meets the U.S. government requirements for
export to most parts of the world.
In the course of several meetings with U.S. government
representatives. we were told that it will take a while
longer for all the details of the CJ process to be worked
out, but that the U.S. government was willing to consider
a temporary (up to 4-year) export license until the CJ
process is in place. In early December, we submitted such
a request and on January 19, 1996, it was approved (see
figure 2).
While this temporary export license has limitations (there
must be a Data Recovey Center in the U.S. as well as in the
foreign country because reciprocal agreements do not yet
exist between the U.S. and foreign governments), it
represents the first export approval of a DES-based key
escrow encryption system, a small step but a giant leap
toward full exportability of good cryptography when
equipped with user-controlled key recovery. We are now
discussing Global Virtual Private Networks, based on our
Gauntlet-CKE system, with several multinational companies.
In December, I attended a special meeting of the
Organization for Economic Cooperation and Development
(OECD) in Paris to discuss the international ramifications
of the U.S. key escrow initiative. The consensus of the
meeting was that user-controlled key escrow provides the
only workable solution to the long-standing dilemma between
the private sector's need for encryption protection and
governments' needs to be able to decrypt the communications
of criminals, terrorists, and other adversaries. Other
meetings will follow, but it appears that most major
governments endorse the U.S. government's user-controlled
key escrow initiative as the only practical way through the
cryptography maze.
In mid-January, Microsoft announced its long-awaited
Cryptographic Application Programming Interface (CAPI).
This development promises to finally provide a well-defined
separation between applications calling on cryptography and
the actual performance of the cryptography. Now users will
be able to request cryptographic functions in hundreds of
applications and select precisely which cryptography to use
at the time of program execution rather than program
purchase. Cryptographic Service Providers (CSPs) can now
evolve independent of applications, and users can choose
whatever cryptography is available wherever they are in the
world. TIS is working closely with CSP vendors to ensure
that CSPs with good cryptography are available in domestic
and exportable versions as soon as possible based on the
U.S. government's key escrow initiative.
In a presentation at the recent RSA Conference, I tried to
put all this in perspective by conducting a "thought
experiment" (see attachment 3).
+ Suppose the U.S. government had never thought of placing
export controls on cryptography...
We would now have widespread use of encryption, both
domestically and worldwide; we would be in a state of
"Utopia," with widespread availability of cryptography
with unlimited key lengths. But, once in this state, we
will face situations where we need a file that had been
encrypted by an associate who is unavailable (illness,
traffic jam, or change of jobs). We will then realize
that we must have some systematic way to recover our
encrypted information when the keys are unavailable.
When we add a user-controlled key recovery capability to
our Utopia, we find ourselves in an "Ultimate Utopia,"
with unlimited key length cryptography, widely available
through mass market applications, and user-controlled
key recovery.
+ But, unfortunately, the U.S. government *did* think of
cryptographic export controls. And over the past several
years, we have been frustrated by repeated unsuccessful
attempts to resolve this dilemma...
In 1992, the U.S. government allowed the export of
40-bit keys, a solution so weak no one wanted it.
In 1993, the U.S. government announced Clipper, an
attempt to give users good cryptography while preserving
the U.S. government's prerogatives. But almost everyone
hated U.S. Government-controlled key escrow, including
most foreign governments.
In 1994, industry rebelled with the proposed Cantwell
legislative initiative to remove cryptography from U.S.
State Department control. And, behind the scenes, the
U.S. government orchestrated a massive counterattack.
The result: a study that acknowledged the widespread
availability of foreign cryptography yet proposed no
change in U.S. government policies on cryptographic
exports.
+ Then in 1995, the U.S. government announced its key
escrow initiative: allow the export of up to 64-bit
cryptography (a remarkable concession) when accompanied
by an acceptable form of user-controlled key escrow
(critical component to this policy being that "an
acceptable escrow system" must have sufficient integrity
to give the government confidence that, with a warrant,
the keys will be available.)...
Some in the computer industry labeled this just another
form of Clipper and vowed to continue the fight against
U.S. government regulation of encryption in any form --
presumably forever. On the other hand, once the new
escrowed encryption policy was announced, U.S.
government agencies -- the FBI, NSA, White House, DoD,
DoJ, NIST, and NSC -- closed ranks behind it and have
shown little interest in discussing any other
approaches. In addition, neither political party has
shown any interest in taking up the argument in the
Congress, probably because it is a complex issue and
there is no obvious "winning" position. But, depending
upon how the definition of user-controlled key escrow is
resolved, the new escrow policy could just be the
long-sought compromise between government and industry
that gets us through this morass.
+ If we can ensure that organizations can control the
security of backup access to their encrypted information
through well-designed commercial key recovery systems --
yet also ensure that governments have access when
justified via normal legal procedures -- we may have
truly found the "Ultimate Utopia" solution to a dilemma
that has existed all of our professional lives and
threatens to continue through the next generation...
Thus, in my thought experiment I have come to the
conclusion that we (industry and government) are all
heading towards the same objective, but on a different path
from what some of us originally wanted. Yet, to my way of
thinking, that path has to accomodate us all if we are ever
to arrive at any mutually agreeable destination. When one
group of participants raises insurmountable barriers for
another group, it simply blocks everyone from progressing
down any path, and the net result is that U.S. industry is
not able to export any good crypto-based security.
We at TIS are dedicated to finding a solution acceptable to
all sides. We ask your help in this struggle. If you want
exportable cryptography routinely available in your
lifetime and believe that user-controlled key recovery is
an important, if not vital, capability, please contact us
at <cke@tis.com>. If you want to integrate exportable CKE
into your product line, we are ready to help. If you want
to buy internationally deployable good cryptography with
your favorite applications, tell your application vendor
you want escrow-enabled applications.
We all have an opportunity to make a major difference here.
The opportunity is ours to take or forgo. Help us make this
happen. Visit our www site, at http://www.tis.com/, and
learn more about this vital initiative.
Sincerely,
Stephen T. Walker
Attachments:
1. Global Virtual Private networks with CKE/Gauntlet
transaction security diagram.
2. CJ Application for "Escrow-enabled Gauntlet Firewall
Model 3.2 with Gauntlet Data Recovery Center."
3. Diagram of cryptography evolution from 1992 to 1995,
with Yesterday, Today, "Utopia" and "Ultimate Utopia."
-----
Return to February 1996
Return to “John Young <jya@pipeline.com>”
1996-02-22 (Fri, 23 Feb 1996 05:18:05 +0800) - TIS–Building in Big Brother for a Better Tommorrow - John Young <jya@pipeline.com>