From: jya@pipeline.com (John Young)
Date: Sun, 28 Jul 1996 06:14:55 +0800
To: cypherpunks@toad.com
Subject: WaPo on Crypto-Genie Terrorism
Message-ID: <199607271921.TAA27750@pipe2.ny3.usa.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   The Washington Post, July 27, 1996, p. A22. 
 
 
   Speaking in Code on the Internet ... [Editorial] 
 
 
   The decibel level has been rising in the argument over how 
   much control the federal government should have over the 
   export of encryption technology. The Senate Commerce 
   Committee held hearings Thursday on a proposal dubbed 
   Pro-CODE (Promotion of Commerce On-line in the Digital Era) 
   that would lift current restrictions on exporting 
   encryption software above a certain level of complexity. 
   The move is opposed strongly by law enforcement and 
   national security authorities, who fear the consequences to 
   their tracking of terrorism or crime if uncrackable 
   cryptography becomes the global standard. 
 
 
   But encryption software -- which scrambles a person's 
   computer messages so no one can read them without a key -- 
   also is thought by many in the computer industry to be the 
   missing piece that's preventing customers from a full-scale 
   move to the Internet for banking and other confidential 
   transactions, rather than, as now, worrying about the 
   security of their data. They also see it as a market in 
   which the United States maintains a comfortable lead, one 
   that is threatened if domestic encryption makers can't sell 
   their products elsewhere. The makers argue that foreign 
   encryption software will rush in to fill the gap, doing 
   nothing about the uncrackability problem -- indeed, making 
   it worse. The administration in turn is pursuing a wider 
   international agreement to maintain controls on cryptology 
   export by all the industrialized nations and has been 
   putting pressure on its colleagues in the Organization for 
   Economic Cooperation and Development, which will rule on 
   the matter in a Paris meeting in September. 
 
 
   Administration officials, including FBI chief Louis Freeh, 
   have been pushing for an alternative policy of "voluntary 
   key escrow" -- encryption makers would deposit a key to the 
   code with a neutral third body before exporting the 
   products and could then have access to the codes only by 
   court order, as happens now with wiretapping. Mr. Freeh, 
   testifying at Thursday's hearing in favor of an optional 
   key escrow plan, noted that the point is not to prevent all 
   copies of uncrackable code from going abroad --  that's 
   clearly impossible -- but to prevent such high-level code 
   from becoming the international standard, with architecture 
   and transmission channels all unreadable to world 
   authorities. To software companies and Internet users who 
   have been clamoring for the right to encrypt as securely as 
   possible, Mr. Freeh and others argue, "the genie is not yet 
   out of the bottle" on "robust," meaning uncrackable, 
   encryption. 
 
 
   It's far from obvious to anyone that an optional escrow 
   plan really can prevent the growth of inaccessible 
   transmissions by international terrorists or criminals. 
   Encryption, if widely used, could conceivably ease some 
   privacy problems concerning who gets to see personal and 
   financial data on individuals -- though such data usually 
   are vulnerable to being dug out of storage rather than 
   intercepted in transmission. But neither is it clear that 
   the encryption enthusiasts' desire for free development 
   should take precedence over the tracking of terrorism. At 
   the very least, Congress should be exceedingly cautious 
   about getting out ahead of administration concerns on 
   controls that, once lifted, are hardly reversible. 
 
 
   -----