1996-10-01 - Clipper III on the table

Header Data

From: “Omegaman” <omega@bigeasy.com>
To: pgp-users@rivertown.net
Message Hash: 04cb279c3d5bf52131d782daceb49c4a50a173eb750df9091169d1e80174a008
Message ID: <199610011345.IAA08828@bigeasy.bigeasy.com>
Reply To: N/A
UTC Datetime: 1996-10-01 18:29:25 UTC
Raw Date: Wed, 2 Oct 1996 02:29:25 +0800

Raw message

From: "Omegaman" <omega@bigeasy.com>
Date: Wed, 2 Oct 1996 02:29:25 +0800
To: pgp-users@rivertown.net
Subject: Clipper III on the table
Message-ID: <199610011345.IAA08828@bigeasy.bigeasy.com>
MIME-Version: 1.0
Content-Type: text/plain


Here we go again...from today's NYTimes...Clipper III
----------------------------------------------------------------------
-------- > Clinton Ready for Exports of Data Codes > > By DAVID E.
SANGER > > WASHINGTON -- After several years of debate between the >
computer industry and U.S. intelligence agencies, President > Clinton
has decided to permit U.S. computer companies to export more >
powerful data-scrambling software, but only if they establish a system
> that will enable keys to the code to be obtained by law-enforcement
> officials with a court warrant. 

<snip>

> Several big computer companies, led by IBM, have agreed to the new
> system, but many others, which have opposed past proposals by the
> administration for data-scrambling policies, are likely to object. 

<snip>

> But the Clinton White House, like previous administrations, citing
> national security issues and fears of foreign terrorists or
> criminals, is loath to permit the export of some of the most
> powerful data-scrambling software. 
>
> Their reason has chiefly been that intelligence agencies feared such
> equipment would be used by foreign terrorists, drug cartels and
> other criminals to hide transactions and communications. 

<snip>

> Now, in a compromise, according to two senior officials in the
> administration who have been deeply involved in the new policy, on
> Jan. 1, U.S. companies will be permitted to export software that
> encrypts, or scrambles, data using "keys" -- lengthy numeric codes
> -- that are up to 56 bits long. 

(ooooo. 16 extra bits!)

> Clinton has also decided to move the authority for exporting the
> encryption software from the state department, which has had
> export-licensing authority because the technology has been
> classified as munitions, to the commerce department, which controls
> the export of products that have both commercial and military use. 

<snip>

> But starting in two years, U.S. companies choosing to export the
> more sophisticated software would have to set up what the industry
> is calling a "key recovery" system. 

> That system would enable intelligence officials and law-enforcement
> agents, armed with court warrants, to go through a lengthy multistep
> process that would give them the mathematical key to decoding
> scrambled communications. 

> The approach replaces the administration's earlier proposed "key
> escrow" system in which the government would have been the
> repository of the numeric keys -- leading to fears of potential
> government abuse, or a reluctance by legitimate foreign users to buy
> the software. 

<snip>

> Still, the success of the system will depend in large part on the
> administration's efforts to convince other countries to adopt the
> same "key recovery" system, allowing their intelligence agencies and
> justice systems to cooperate in trailing criminals across national
> borders. 

> But Clinton's aides acknowledged Monday that this process has just
> begun, and so far only England and France have expressed much
> enthusiasm. 

<snip>

> Officials at IBM, which is expected to announce on Wednesday the
> creation of an industry consortium to aid in establishing the "key
> recovery" system, said Monday that no single entity would hold the
> entire key. 

> Instead, it will be divided across several companies that would
> handle any given message

<snip>

> There are other potential holes in the system. Customers in the
> United States will be free to buy encryption software of any
> complexity -- as they can today -- with keys that are much longer
> than 56 bits and are nearly impossible to break. 

> That means terrorist groups or drug dealers could still buy such
> software and sneak it out of the country, or even transmit it over
> computer networks. 

> "There is nothing we can do about bright students or Joe Terrorist
> who use sophisticated encryption systems to communicate with each
> other," one senior administration official said. 

> "But when they brush up against legitimate groups, especially
> banks," the official said, "then they are more likely to be dealing
> with a system" where law enforcement could use the key recovery
> system to decode the communications. 

>            Copyright 1996 The New York Times Company 

-----------------------------------------------------------------

me
--------------------------------------------------------------
 Omegaman <mailto:omega@bigeasy.com>
 PGP Key fingerprint =  6D 31 C3 00 77 8C D1 C2  
                        59 0A 01 E3 AF 81 94 63 
Send a message with the text "get key" in the 
"Subject:" field to get a copy of my public key.
--------------------------------------------------------------





Thread