Here we go again...from today's NYTimes...Clipper III ---------------------------------------------------------------------- -------- > Clinton Ready for Exports of Data Codes > > By DAVID E. SANGER > > WASHINGTON -- After several years of debate between the > computer industry and U.S. intelligence agencies, President > Clinton has decided to permit U.S. computer companies to export more > powerful data-scrambling software, but only if they establish a system
that will enable keys to the code to be obtained by law-enforcement officials with a court warrant.
<snip>
Several big computer companies, led by IBM, have agreed to the new system, but many others, which have opposed past proposals by the administration for data-scrambling policies, are likely to object.
<snip>
But the Clinton White House, like previous administrations, citing national security issues and fears of foreign terrorists or criminals, is loath to permit the export of some of the most powerful data-scrambling software.
Their reason has chiefly been that intelligence agencies feared such equipment would be used by foreign terrorists, drug cartels and other criminals to hide transactions and communications.
<snip>
Now, in a compromise, according to two senior officials in the administration who have been deeply involved in the new policy, on Jan. 1, U.S. companies will be permitted to export software that encrypts, or scrambles, data using "keys" -- lengthy numeric codes -- that are up to 56 bits long.
(ooooo. 16 extra bits!)
Clinton has also decided to move the authority for exporting the encryption software from the state department, which has had export-licensing authority because the technology has been classified as munitions, to the commerce department, which controls the export of products that have both commercial and military use.
<snip>
But starting in two years, U.S. companies choosing to export the more sophisticated software would have to set up what the industry is calling a "key recovery" system.
That system would enable intelligence officials and law-enforcement agents, armed with court warrants, to go through a lengthy multistep process that would give them the mathematical key to decoding scrambled communications.
The approach replaces the administration's earlier proposed "key escrow" system in which the government would have been the repository of the numeric keys -- leading to fears of potential government abuse, or a reluctance by legitimate foreign users to buy the software.
<snip>
Still, the success of the system will depend in large part on the administration's efforts to convince other countries to adopt the same "key recovery" system, allowing their intelligence agencies and justice systems to cooperate in trailing criminals across national borders.
But Clinton's aides acknowledged Monday that this process has just begun, and so far only England and France have expressed much enthusiasm.
<snip>
Officials at IBM, which is expected to announce on Wednesday the creation of an industry consortium to aid in establishing the "key recovery" system, said Monday that no single entity would hold the entire key.
Instead, it will be divided across several companies that would handle any given message
<snip>
There are other potential holes in the system. Customers in the United States will be free to buy encryption software of any complexity -- as they can today -- with keys that are much longer than 56 bits and are nearly impossible to break.
That means terrorist groups or drug dealers could still buy such software and sneak it out of the country, or even transmit it over computer networks.
"There is nothing we can do about bright students or Joe Terrorist who use sophisticated encryption systems to communicate with each other," one senior administration official said.
"But when they brush up against legitimate groups, especially banks," the official said, "then they are more likely to be dealing with a system" where law enforcement could use the key recovery system to decode the communications.
Copyright 1996 The New York Times Company
----------------------------------------------------------------- me -------------------------------------------------------------- Omegaman <mailto:omega@bigeasy.com> PGP Key fingerprint = 6D 31 C3 00 77 8C D1 C2 59 0A 01 E3 AF 81 94 63 Send a message with the text "get key" in the "Subject:" field to get a copy of my public key. --------------------------------------------------------------