From: forsvunnet@alpha.c2.org ()
To: cypherpunks@toad.com
Message Hash: 3b8250c2f2f309e5ccd21b9e101d508214f004254569f15a26b44dced7496778
Message ID: <199607310252.TAA21457@infinity.c2.org>
Reply To: N/A
UTC Datetime: 1996-07-31 06:15:45 UTC
Raw Date: Wed, 31 Jul 1996 14:15:45 +0800
From: forsvunnet@alpha.c2.org ()
Date: Wed, 31 Jul 1996 14:15:45 +0800
To: cypherpunks@toad.com
Subject: New Clinton (anti-) Encryption Policy nnn
Message-ID: <199607310252.TAA21457@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain
Thought you all might be interested in these documents. They were put out as press releases internationaly on 7/25.
It occurs to me that the list of companies collaborating with the Department of Commerce on key escrow must be publically available. If someone could get a copy it would allow us all to contact those companies with our views and (more importantly) begin a campaign against companies supporting the escrow project on the net.
Here are the press releases:
CLINTON ADMINISTRATION FACT SHEET: U.S. CRYPTOGRAPHY POLICY (Industry, international cooperation urged)
WASHINGTON -- Because advanced encryption technology is posing problems for law-enforcement officials to investigate crimes and terrorism, the Clinton administration is pressing for a global system for unlocking encrypted messages when necessary.
A July 12 fact sheet from the U.S. Department of Commerce elaborates the administration approach, called key recovery encryption.
While the United States sets no limit on the level of encryption technology that can be used domestically, it does restrict exports of it. The administration says it might relax those export controls if U.S. industry cooperates on building a key recovery infrastructure.
Following is the text of the fact sheet:
(begin text)
U.S. Cryptography Policy: Why We Are Taking the Current Approach
We live in an age of electronic information. Information technology is transforming society, creating new businesses, new jobs and new careers. The technology also creates new opportunities for crime and new problems in investigating and prosecuting crime. As a result, electronic information, be it corporate trade secrets, pre-release government crop statistics, or a patient's medical records, must have strong protection from uninvited modifications or disclosure. Cryptography enables that protection.
The United States is the world leader in information technology. U.S. firms continue to dominate the U.S. and global information systems market. Retaining this leadership is important to our economic security. The Clinton administration, through its National Information Infrastructure initiative, has long recognized that government has an important role as a facilitator and catalyst for the industry-led transformation of the way we use computer and communications technology to work and live.
In particular, government has a strong interest in promoting the legitimate use of robust encryption to support U.S. international competitiveness, foster global electronic commerce, prevent computer crime, and ensure that the information superhighway is a safe place to conduct one's business. At the same time, there is a growing recognition, affirmed most recently by the National Academy of Sciences, that the use of encryption to conceal illegitimate activities "poses a problem for society as a whole, not just for law enforcement and national security." In brief, criminals can use encryption to frustrate legal wiretaps and render useless search warrants for stored electronic data. We know of no technical solution to the problems that would result from the global proliferation of strong cryptography. The implications of this are no small matter.
Encrypted computer files have hampered the prosecution of child pornographers. Militia groups advise their members to use encryption to hide illicit weapons, financial, and other criminal activities. Aldrich Ames was instructed by his Soviet handlers to encrypt computer files that he passed to the Soviets. And international terrorists and drug dealers increasingly use encryption to prevent law enforcement officials from reading their voice and data transmissions. Grave crimes, such as a plot to shoot down several airliners over Chicago, have been foiled by the use of wiretaps. Had the FBI been unable to read those transmissions, however, a major tragedy might have ensued.
Cracking Coded Messages
We should not underestimate how difficult it is to decode encrypted electronic information. One approach advanced in the popular debate is to provide our law enforcement officials with more computing power. At first glance, this suggestion seems promising because in theory any encrypted message can be decoded if enough computing cycles are applied. This approach fails for five reasons:
First, it relies on mathematical theory, not operational reality. Digital technology reduces voice, faxes, images, and text in any language to indistinguishable 1s and 0s. A great variety of encryption products are also available. Under ideal conditions -- if the type of communication or file, language, and encryption algorithm are known with certainty, and a short key is used to encrypt the information -- a large, specially designed computer could decode a single message relatively quickly. But state, local, and federal law enforcement officials do not operate in the clean confines of a high-tech computer center. They must first capture the 1s and 0s and discern what kind of encryption they have encountered.
Second, after the decoding problem is isolated, acquiring a machine to decode a message is neither quick, easy or inexpensive. Commercially available computers could not be used because they will not have sufficient capacity. It would, for example, take years for the computers used to process all Social Security claims, payments and earnings years to decode one message using the Data Encryption Standard (DES), a widely used system originally developed by the U.S. government that uses a 56-bit key.
Third, this approach betrays a misunderstanding of how crimes are prevented. Used only in the most critical cases, legally authorized wiretaps provide crucial information just before a crime is to occur. Thus a near real-time ability to decode messages is needed. Days or weeks are too long to wait to find out that a terrorist attack is about to happen.
Fourth, this approach fails to acknowledge the volume of messages that could need decoding. Each wiretap results in the collection of thousands of messages relevant to the investigative purpose of the wiretap. Even under the most ideal conditions, had these messages been encrypted, the computing resources required to decrypt them quickly would simply not be available. And this example does not include the additional burden of decrypting, if possible, any digital information such as computer disks that are seized as evidence after a crime has been committed.
Finally, revealing the precise capabilities of law enforcement agencies to decode messages, as would be necessary in order to present the fruits of that work as evidence in court, could provide a tutorial to criminal elements bent on eluding law enforcement.
No restrictions apply to the U.S. domestic use of cryptography, and the administration has no plan to seek restrictions. Cryptography has long been controlled for export for national security reasons, so as to keep it from getting into the hands of foreign governments. But it has today become a dual-use technology, and international businesses want to use the same security products both domestically and abroad. The administration is thus under strong pressure to provide relief from cryptography export controls.
For our cryptography polIcy to succeed, it must be aligned with commercial market forces and operate on an international basis. Further, it should preserve and extend the strong position that U.S. industry enjoys in the global information systems marketplace. Accordingly, the U.S. government is working with U.S. industry and our international trading partners on an approach that will protect information used in legitimate activities, assure the continued safety of Americans from enemies both foreign and domestic, and preserve the ability of the U.S. information systems industry to compete worldwide.
Key Management and Recovery
A consensus is emerging around the vision of a global cryptography system that permits the use of any encryption method the user chooses, with a stored key to unlock it when necessary. The encryption key would be provided voluntarily by a computer user to a trusted party who holds it for safe keeping. This is what many people do with their house keys -- give them to a trusted neighbor who can produce them when something unexpected goes wrong. Businesses should find this attractive because they do not want to lock up information and throw away the key or give an employee -- not the company -- control over company information. An individual might also use this service to ensure that she can retrieve information stored years ago. This will require a new infrastructure, consisting of trusted parties who have defined responsibilities to key owners. Under law, these trusted emergency key recovery organizations would also respond in a timely manner to authorized reques!
!
ts from law enforcement officials who required the key to decode information lawfully obtained or seized from a subject of investigation or prosecution.
The federal government will use key recovery encryption on its own computers because it makes good management sense. It would be irresponsible for agencies to store critical records without key recovery, risking the loss of the information for programmatic use and the inability to investigate and prosecute fraud or misuse of the information.
A number of U.S. and international companies are working with the U.S. and other governments to create a system of trusted parties who are certified to safeguard the keys. In some cases, organizations might guard their own keys. In other cases, persons will use the key recovery services provided by third parties, one of a suite of services that will include electronic directories and electronic "notaries" in support of online commerce. Persons will be free to choose the type and strength of encryption that provide the degree of security they believe appropriate for their use. Taken together, an overall key management infrastructure is needed to make electronic commerce practical on a global scale.
Some commercial products and services which provide emergency key recovery are already available. Testing and refinement is needed before a widespread, robust infrastructure is put in place. The U.S. government is committed to supporting the development of such a key management infrastructure through pilots and experimental trials. The State Department is expediting the review of several export license applications that test commercial key recovery on an international scale. An interagency working group is identifying several potential governmental uses of commercial cryptography -- both internal transactions and in communications with the public -- where key recovery can be tested. A plan outlining these government tests will be available in August. The government will be purchasing key recovery products for its own use and will adopt a federal standard for evaluating such products to assure agency purchasers that the key recovery features operate properly. T!
!
he Department of Commerce will be establishing an industry-led advisory committee to make recommendations regarding such a standard this summer.
While we are open to other alternatives, a key recovery system is the only approach we know of that accommodates all public safety interests. And even it is imperfect. Some people will not join voluntary systems, preferring to run the risk of losing their keys and being unable to recover their encrypted information. Although in some countries (e.g., France) mandatory key escrowing is already in effect, we are pursuing a market-driven approach in part because we hope and believe that key recovery will develop as a cost-effective service in an electronic commerce infrastructure. We are encouraged in this effort by recent discussions we have had at the Organization for Economic Cooperation and Development (OECD) that are leading to international cryptography management principles which support key recovery.
Export Controls
No matter how successful we are in realizing this vision, American users of computer technology are demanding stronger encryption for international use now. Although we do not control the use of encryption within the U.S., we do, with some exceptions, limit the export of non-escrowed mass market encryption to products using a key length of 40 bits. (The length of the encryption key is one way of measuring the strength of an encryption product. Systems using longer keys are harder to decrypt.) U.S. industry asserts that it is losing overseas sales to its European and Japanese competitors because it cannot include stronger cryptography as a component of its commercial software and hardware products. It warns that loss of a significant share of the world information systems market would cause serious economic damage to the U.S. economy and could reduce the U.S. government's ability to influence the long-term future of global cryptography. It also argues that, beca!
!
use customers do not want to use one product in the U.S. and a different one overseas, export controls are causing U.S. firms to provide an unsatisfactory level of protection to their electronic information, making them vulnerable to industrial espionage by their competitors and foreign governments.
While 40 bit encryption products are still strong enough for many uses, the administration recognizes that some export liberalization may be useful to build support for a key management regime. Accordingly, we are actively considering measures that would provide limited, temporary relief from cryptographic export controls in exchange for real, measurable commitments from industry (e.g., investments in products that support key recovery) toward the building of a key management infrastructure. The liberalization proposals under discussion, which would continue the current one-time review of products by the National Security Agency, include: permitting products using longer key lengths to be exported to specific industry sectors such as health care or insurance (similar to current policy for the financial sector); allowing export of non-escrowed products to a list of trustworthy firms beyond those sectors, with provisions for monitoring compliance to prevent product d!
!
iversion to other firms; export of cryptography-ready operating systems; and, most dramatically, the transfer of jurisdiction over commercial encryption products from the State Department's munitions list to the Commerce Department's list of dual-use technologies. Our goal is to obtain commitments from industry by the fall.
We must, however, be careful in any relaxation of controls. Other governments' law enforcement and national security needs to access material encrypted with U.S. products could drive them to erect trade barriers by imposing import controls on strong non-escrow encryption products. In addition, we do not want to do anything that would damage our own national security or public safety by spreading unbreakable encryption, especially given the international nature of terrorism. Even 40 bit encryption, if widespread and not escrowed, defeats law enforcement.
It is for these reasons that we oppose the legislation (S. 1726) introduced in this Congress by Senator Burns and co-sponsored by Senator Lott and former Senator Dole. Although it contains some provisions, such as the transfer of export control jurisdiction for commercial cryptography to the Commerce Department, with which we could agree if constructed with appropriate safeguards, the bill is unbalanced and makes no effort to take into account the serious consequences of the proliferation it would permit.
The importance of the U.S. information technology industry, the security stakes, and increasing congressional interest make it clear that there is an urgent need for clear policy and direction. The administration's proposed approach is broadly consistent with industry suggestions and the conclusions reached by the National Academy of Sciences in its report. That report recognizes the need to address a complex mix of commercial and security issues in a balanced manner. We agree with that need. We also agree with the report's recommendation that export controls on encryption products need to be relaxed but not eliminated, and are actively considering ways of providing short-term relief. (We do not agree with the report's recommendation that we eliminate most controls on 56-bit key length products.) Finally, we agree that key escrow is a promising but not fully tested solution, and are promoting the kinds of testing the report recommends as a way of demonstrating!
!
the solution's viability while providing stronger encryption internationally.
We will continue discussions with industry, other members of the private sector, the Congress, and governments at all levels to arrive at a solution that promotes a future of safe computing in a safe society.
(end text)
TEXT: ADMINISTRATION STATEMENT ON COMMERCIAL ENCRYPTION
(International agreement sought for security, safety)
WASHINGTON -- The Clinton administration has proposed a framework for an international agreement that would give law-enforcement officials around the world some access to encrypted information in telephone transmissions, electronic mail and Internet communications.
A July 12 press release from the U.S. Department of Commerce gives the essence of the proposal, which would entail use of private-sector third parties who would hold spare keys to encryption tools and would surrender them to law-enforcement officials having proper ‹uthority.
While developing this proposal, the administration would consider relaxing U.S. export controls on encryption technology.
Following is the text of the administration statement:
(begin text)
Administration Statement on Commercial Encryption Policy
The Clinton administration is proposing a framework that will encourage the use of strong encryption in commerce and private communications while protecting the public safety and national security. It would be developed by industry and will be available for both domestic and international use.
The framework will permit U.S. industry to take advantage of advances in technology pioneered in this country and to compete effectively in the rapidly changing international marketplace of communications, computer networks, and software. Retaining U.S. industry's leadership in the global information technology market is of longstanding importance to the Clinton administration.
The framework will ensure that everyone who communicates or stores information electronically can protect his or her privacy from prying eyes and ears as well as against theft of, or tampering with, their data. The framework is voluntary; any American will remain free to use any encryption system domestically.
The framework is based on a global key management infrastructure that supports digital signatures and confidentiality. Trusted private-sector parties will verify digital signatures and also will hold spare keys to confidential data. Those keys could be ortained only by persons or entities that have lost the key to their own encrypted data, or by law enforcement officials acting under proper authority. It represents a flexible approach to expanding the use of strong encryption in the private sector.
This framework will encourage commerce both here and abroad. It is similar to the approach other countries are taking and will permit nations to establish an internationally inter-operable key management infrastructure with rules for access appropriate to each country's needs and consistent with law enforcement agreements. Administration officials are currently working with other nations to develop the framework for that infrastructure.
In the expectation of industry action to develop this framework internationally and recognizing that this development will take time, the administration intends to take action in the near term to facilitate the transition to the key management infrastructure.
The measures the administration is considering include:
1. Liberalizing export controls for certain commercial encryption products.
2. Developing, in cooperation with industry, performance standards for key recovery systems and products that will be eligible for general export licenses and technical standards for products the government will purchase.
3. Launching several key recovery pilot projects in cooperation with industry and involving international participation.
4. Transferring export control jurisdiction over encryption products for commercial use from the Department of State to the Department of Commerce.
Administration officials continue to discuss the details of these actions with experts from the communications equipment, computer hardware and software industries, civil liberties groups and other members of the public to ensure that the final proposal balances industry actions towards the proposed framework, short-term liberalization initiatives, and public safety concerns.
The administration does not support the bills pending in Congress that would decontrol the export of commercial encryption products because of their serious negative impact on national security and law enforcement. Immediate export decontrol by the U.S. could also adversely affect the security interests of our trading partners and lead them to control imports of U.S. commercial encryption products.
A Cabinet committee continues to address the details of this proposal. The committee intends to send detailed recommendations to the president by early September, including any recommendations for legislation and executive orders. The committee comprises the secretaries of State, Defense, Commerce and Treasury; the attorney general; the directors of Central Intelligence and the Federal Bureau of Investigation; and senior representatives from the Office of the Vice President, the Office of Management and Budget, and the National Economic Council.
(end text)
SENATORS, ADMINISTRATION CLASH OVER ENCRYPTION CONTROLS
(Bill would allow more exports)
By Bruce Odessey
USIA Staff Writer
WASHINGTON -- Clinton administration officials and members of a Senate committee have clashed over policy on export controls for advanced encryption technology.
At issue at a July 25 Senate Commerce Committee hearing was a bill that would relax those controls by allowing U.S. exports of any encryption technology that was already generally available for sale in foreign markets.
Encryption is the use of a string of letters or numbers -- known as a "key" -- that renders computer files and digital transmissions unreadable to those without access to the code. The complexity of the key is measured in bits.
Present regulations prohibit U.S. exports of encryption products using a key length of more than 40 bits.
"It is widely agreed that 40-bit security equals no security. It is simply too easy to break," said Senator Larry Pressler, committee chairman. "However, U.S. companies are not allowed to provide products at this level abroad .... This is a boon for our foreign competitors. They are actively developing markets we are forced to abandon."
Senators of both parties expressed dissatisfaction with an administration policy announced July 12. The policy would allow some relaxation of the export controls but only if U.S. industry lent support to an administration proposal for a global cryptography system -- called an internationally inter-operable key management infrastructure, or a key escrow system.
A number of governments in the Organization for Economic Cooperation and Development (OECD) are already working to create such a system. Under it, non-government parties would hold encryption keys in escrow; law-enforcement officials with court authority would have access to the keys to unscramble data transmissions, telephone conversations and electronic mail in criminal or terrorism investigations.
Supporters of the bill and administration officials opposed to it differed not only about interpreting the facts but also about the facts themselves.
For example, one issue concerns whether attempts to control encryption technology are already too late because advanced products -- including 56-bit products available for downloading for free from sites on the Internet -- are already widely available.
"Some observers say the encryption genie is out of the bottle and that attempts to influence the future use of encryption are futile," said Louis Freeh, director of the Federal Bureau of Investigation (FBI). "This is not true, in my view."
He argued that a little time remains to protect public safety because few people use encryption technology yet.
"Some strong encryption products can be found overseas, but they have not yet become embedded in mainstream operating systems, which I think is a critical distinction," Freeh said. "There is still a window of opportunity for us to act here.
Administration officials guessed that countries might have two years yet to reach international agreement before the infrastructure builds up to make robust encryption products widely useful.
An agreement could help create an infrastructure open to scrutiny by law-enforcement officials around the world through key management. Then, even if wealthy criminal or terrorist organizations used advanced non-key escrow technology to block interception of communications among their own members, law-enforcement officials could still scrutinize their external communications to banks and other legitimate businesses conducted with key escrow products.
That was the Clinton administration view, anyway, but it was not shared by many on the Senate Commerce Committee.
"Is it possible to get every country on the planet to agree to this approach," asked Senator Conrad Burns, a Montana Republican who is sponsoring the bill, "and, if we cannot, wouldn't the entire approach be undermined if one or more countries chose not to adopt such an approach?"
Senator Ron Wyden, an Oregon Democrat, said the Clinton policy would force U.S. industry permanently behind foreign competitors.
"The terrorists and drug merchants of the 21st century are not going to be encryption simpletons," Wyden said. "Many of them are going to be savvy and sophisticated, and they are going to be hunting worldwide for these data-scrambling products," not just from U.S. suppliers.
Return to July 1996
Return to “forsvunnet@alpha.c2.org ()”