Center for Security Policy calls for domestic key escrow (fwd)

---------- Forwarded message ---------- Date: Thu, 17 Jul 1997 16:00:27 -0700 (PDT) From: Declan McCullagh <declan@well.com> To: fight-censorship-announce@vorlon.mit.edu Subject: Center for Security Policy calls for domestic key escrow In the boxing ring of Washington, the Center for Security Policy packs a hefty punch. Its faxed alerts appear once or twice a week on the desks of thousands of key decisionmakers. They're predictably hawkish, with titles like "The Nation Needs MORE B-2s." A recent one focused on encryption. The message: The Clinton administration isn't doing *enough* to control crypto, especially domestically: But a national information infrastructure also needs selective transparency on call to support users' needs to get at their encrypted data... U.S. law enforcement agencies in carrying out criminal investigations also need to be able to access voice communications, data records and data transmissions consistent with constitutional protections. The loss of this investigative technique, which is subject to strict judicial scrutiny -- would be disastrous for law enforcement. Regrettably, the Clinton Administration has been unwilling to stand up and say, here is what needs to be done -- perhaps out of a fear of alienating a key constituency, the computer industry. Read on for the full text of the alert and a well-reasoned response by ATR's Jim Lucier. -Declan Additional articles on crypto: http://pathfinder.com/netly/editorial/0,1012,931,00.html http://pathfinder.com/netly/opinion/0,1042,1022,00.html ************** No. 97-D 88 DECISION BRIEF 25 June 1997 For Immediate Release (202) 466-0515 Breaking the Code on the Encryption Debate: National Security Interests Are Being Jeopardized (Washington, D.C.): With relatively little fanfare, a truly momentous public policy debate is taking place in Washington. Unfortunately, all other things being equal, it seems likely that the outcome of this debate concerning the domestic use, foreign export and international regulation of encryption techniques will do grievous harm to the national security interests of the United States. 'You Can't Tell the Players...' Such an extraordinary, and ominous, result is in prospect due to several factors: By its very nature, encryption -- a generic name for numerous means of encoding computer, voice or other transmissions of data so as to conceal the contents from unauthorized access -- is one of the most complex and obscure of sciences. Given its direct relevance for the protection of classified U.S. government information and for the penetration of foreign governments and other entities' secure communications, the U.S. National Security Agency (NSA) has jealously tried to shield from public view as much as possible about the technology and techniques involved in encryption and code-breaking. The necessary secretiveness associated with what NSA does and how the spread of encryption systems might affect the American ability to perform signals intelligence (SIGINT) by intercepting and monitoring foreign communications enormously complicates this debate. Robust encryption at home contributes to national security as well as protecting American industry, critical information networks and citizens' privacy. But a national information infrastructure also needs selective transparency on call to support users' needs to get at their encrypted data. U.S. law enforcement agencies in carrying out criminal investigations also need to be able to access voice communications, data records and data transmissions consistent with constitutional protections. The loss of this investigative technique, which is subject to strict judicial scrutiny -- would be disastrous for law enforcement. Widespread use of unbreakable encryption is exactly what terrorists, drug lords, pedophiles and their ilk want to see. But law enforcement needs a controlled window into this encryption as part of its responsibility to detect, prevent or prosecute criminal behavior. Experience with court-ordered wiretaps suggests that, by requiring judicial approval of such electronic monitoring, this function critical to the rule of law and a civil society can be performed without risk of serious abuse. Due to advances in information techniques, the know-how and means for providing sophisticated encryption capabilities has proliferated dramatically in recent years. With the burgeoning use of the Internet and other electronic devices for conducting business, the demand for means to keep voice communications, data records and data transfers private has also grown tremendously. U.S. manufacturers of computer software and hardware -- many of whom have been key supporters of and enjoy great influence with President Clinton and his Administration -- are demanding an opportunity to meet this demand with encryption products that will be exceedingly robust, if not impenetrable. They typically point not only to the trade benefits such sales would represent but to the prospect that foreign manufacturers of encryption technologies will gladly supply products not available from American sources. Similar arguments have proven effective in obtaining Administration support for the wholesale elimination of export controls on powerful computers -- even supercomputers. President Clinton has already issued an Executive Order substantially liberalizing the export of powerful encryption capabilities. Under its terms, encryption programs involving up to 40-bit keys (in layman's terms, the number of variables used in combination to conceal a given piece of encrypted message traffic, one of several factors determining the robustness of an encryption program) can be exported without a license. The Executive Order also permits programs of any strength to be exported provided they have a "key recovery" capability (i.e., a code-breaking spare key has been created) -- even if that key resides with the purchaser of such encryption. Civil libertarians -- including some conservatives with well-deserved reputations for concern about U.S. national security -- have taken the position that techniques which impede or preclude government monitoring of electronic transmissions are highly desirable. Their enthusiasm for the most widespread proliferation of encryption techniques, both domestically and internationally, provides tremendous political cover for others with more suspect motivations. Counter-culture opponents of U.S. government power, including some holding high office in the Clinton Administration, appear untroubled by the diminution of American capabilities to perform signals intelligence -- historically an area of decisive and strategically vital advantage for the United States.(1) Evidently, they are no more concerned by the other side of this coin: Thanks to the Clinton-approved transfer of American supercomputers and other powerful data processing systems, foreign governments are likely to have much enhanced capabilities to perform their own code-breaking operations, further reducing U.S. dominance in the field. The Legislative Context Against this backdrop, several bills have been introduced reflecting two basic approaches. The first sponsored by Senators Conrad Burns (R-MT) and Patrick Leahy (D-VT) in the Senate and by Rep. Robert Goodlatte (R-VA) in the House would essentially eliminate controls on the export of encryption. This legislation is favored by the computer software and hardware industries and a number of civil libertarians. Senate Majority Leader Trent Lott has thrown his support behind the Burns-Leahy bill. A bill recently introduced by Senator John McCain, chairman of the Senate Commerce Committee, presents an alternative approach. It attempts to "split the difference," addressing domestic law enforcement concerns by way of creating incentives for U.S. manufacturers to participate in a key management infrastructure (i.e., establishing means whereby federal agencies, with appropriate court orders, can obtain the ability to read encrypted communications). While the incentives to do so are significant, the companies would be under no requirement to take part in this arrangement. As a sop to the encryption industry, however, the McCain legislation would make several concessions that could be injurious to the national security. First, it would raise the threshold for unlicenced exports from 40 bits to 56 bits. This represents a dramatic increase in the power of encryption programs that will find their way into the hands of hostile powers, international terrorists and other foreign criminal elements -- and will add dramatically to the time and computing power required by U.S. intelligence to monitor their activities. Second, the McCain legislation calls for the creation of an industry-government advisory board tasked to consider and jointly develop recommendations concerning future standards for encryption exports. Such an arrangement would put those responsive to multinational stockholders on an essentially equal footing with government agencies responsible for the national security. In addition, the bill would mandate foreign-availability assessments -- a pretext frequently used by industry to argue for even the most irresponsible transfers of U.S. technology.(2) Parsing Out the Issues There are, in fact, three separate issues involved in the present encryption debate -- issues that have, to some extent, been commingled by the Clinton Administration, it appears in an effort to obscure what is at stake for a vital national security capability. 1. Domestic Policy Encryption products are the future for the privacy and security of communications and information. Americans have a right to be secure in the knowledge that their private communications and information remain private, and that they can conduct electronic commercial transactions reasonably safe from fraud or compromise. Security embedded in consumer goods (as well as in information systems) needs to become a common part of how business works in this country. There is today no restriction on the use of encryption within the United States. Americans may import any encryption devices and software into the U.S. There are, however, restrictions on the export of U.S. encryption items. Unfortunately, encryption in the hands of domestic criminals can be a menace to American business and society, enabling them to hide illicit records and transactions. For law enforcement today, encrypted communications mean no electronic surveillance. Court-ordered wiretaps may be unenforceable. Because of the importance of court-ordered electronic surveillance to law enforcement, law enforcement agencies across the country believe the impact of widely proliferating encryption will be disastrous for them, unless they have a means of lawfully and promptly decrypting communications and information of criminal suspects. Accordingly, the United States requires common standards for accessing encrypted data and communications (known as "key recovery"). Importantly, such standards are required not only by law enforcement but in order to support commercial needs (for example, companies need to be able to get at their electronic records if the person who encrypted them dies or turns into a vindictive disgruntled employee). Consumers also have a vested interest in ensuring that standards exist whereby they can be assured that encryption will be reliable and easily interoperable (e.g., to manage interfaces between various network systems). A domestic public key recovery infrastructure is the answer to these requirements, A public key recovery infrastructure is, however, particularly essential for law enforcement. Increasingly, criminals are utilizing techniques to encode their phone calls, concealing their computer transmissions and keeping their records locked up in encrypted computer disks or drives, rather than in file cabinets. Subject to the limits of U.S. constitutional guarantees, law enforcement needs to be able to continue to do its job in the information age. Law enforcement does not need more intrusive authorities or abilities than it has now; it needs merely to be able to continue to be able to make use of the same investigative techniques presently available with respect to wiretaps. Alternatively, if the government does nothing but passively watch as encryption proliferates with no standards to guide it, law enforcement will lose critical investigative capabilities. In all likelihood, it will be forced to turn to more intrusive techniques (microphones in the room or car rather than taps on telephones), measures that are more invasive of privacy and which put more police officers' lives at risk. Criminals (drug dealers, kidnappers, thieves) will enjoy safe havens they do not presently have, and more good citizens will find themselves victims of unsolved crimes. Regrettably, the Clinton Administration has been unwilling to stand up and say, here is what needs to be done -- perhaps out of a fear of alienating a key constituency, the computer industry. The Administration clearly appreciates the need to support law enforcement (law and order is, after all, good politics). But when asked, its spokesmen say they are afraid their endorsement of a domestic policy would prejudice its chances of enactment, citing their experience with the public relations disaster of an earlier encryption management initiative known as the "Clipper Chip." The truth is that there is no one better positioned than President Clinton to provide leadership, given his well known ties to the hardware and software industries. 2. Export Controls In some respects, the Clinton Administration's policy has been worse than doing nothing: It has tied the domestic encryption issue to liberalizing export controls on encryption techniques, ostensibly in the hopes of buying the support of the producers of encryption products for greater cooperation with regard to domestic key management arrangements. This is most regrettable since export controls are the single most important tool the United States has for protecting sensitive national security interests in this arena. The unavoidable reality is that U.S. national security is heavily dependent on being able to collect intelligence by listening in on what its adversaries -- actual and potential -- are up to. This intelligence saves lives, wins wars, and preserves the peace. And in an era of information warfare, having superior information systems may be determinative of military power. This reality was reflected until last year by treating encryption technologies as part of the State Department's Munitions Control List. President Clinton's Executive Order, however, moved export controls on such technology over to the much less rigorous Commerce Department. It also further adulterated the export controls regime by directing that: 40-bit encryption programs may be exported without a license; 56-bit encryption programs may be exported without a license provided the exporter is working on a public key recovery technology base; and any product that is part of a public key recovery system may be exported without a license. American products should enjoy the lion's share of the market (U.S. software has 75% of the global market today), but U.S. exporters of highly capable "crypto" -- 40-bit and above -- should be required to get a license to minimize the likelihood that their products will fall into the wrong hands. Any further weakening of export controls would have a deeply debilitating impact on national security. With all of the focus on domestic encryption regime, and with no advocacy from the Executive Branch, national security interests are not being represented -- and are losing out. 3. International Dimension To make matters worse, the Clinton Administration -- under the "leadership" of a controversial former Carter Administration official, David Aaron, who has been designated as its "Ambassador for Encryption" -- has come up with a curious and dangerous gimmick: It proposes to "multilateralize" yet another area of sovereign U.S. policy concern(3) by getting OECD nations to take the lead in an area it is reluctant to champion domestically, namely in implementing national key recovery regimes. As in other issues -- ranging from environmental regulation to family planning -- the Administration appears to hope that the creation of common international practice and standards will provide a basis for imposing arrangements domestically that would otherwise be highly controversial, and perhaps politically costly. Not surprisingly, the Administration has come under some criticism from allies for the hypocrisy of trying to make them go first with respect to developing key recovery infrastructures even as it declines to step up to the issue at home. But this is worse than simple hypocrisy. It is flatly inconsistent with American values for U.S. officials to argue that foreign governments -- many of which do not recognize the basic individual rights of their citizens -- should have unfettered access to their private communications. Few of these governments actually observe the strict limitations on electronic surveillance which pertain in the United States. It is one thing for the U.S. to have a domestic key recovery regime which is subject to the rigorous and proper constraints of its Constitution and system of justice. It is quite another to say that, as a foreign policy objective of this country, Washington wants to guarantee the ability of foreign governments to spy on their own citizens, or (worse) on Americans who may communicate with those foreign citizens or travel within those countries. The Bottom Line The Clinton Administration appears once again to have gotten the answers exactly wrong. Their efforts have confused the debate and helped to divide the ranks of those who generally are concerned with national security -- even as they are jeopardizing vital national security interests, evidently out of a desire to avoid antagonizing major political donors. Domestic policy, export controls, and international accords concerning encryption are different concerns, each in need of understanding and debate on the merits. And the vital American national security requirement for electronic intelligence abroad must be supported. On an even more fundamental level, those who traditionally are sensitive to national security concerns must not allow differing perceptions of domestic law enforcement to translate into legislation that may not only endanger the defense of the United States but undermine its rule of law domestically. A lawless society is no defender of American liberties. The undeniable fact is that U.S. national security is dependent upon our ability to collect intelligence in peacetime on foreign threats, from terrorist groups to the proliferation of "weapons of mass destruction" to the status of thousands of nuclear-tipped missiles in potentially unfriendly hands. Likewise, success in foreign matters (from trade to diplomacy to support for friends and allies) requires intelligence to identify opportunities for the U.S. officials to act in defense of our values and interests around the world. The U.S. ability to gather SIGINT therefore is not something about which responsible Americans can afford to be ambivalent. This is a vital national security priority. And it is, to be sure, one that must take precedence over the commercial advantages of selling U.S. software abroad. 1. During both World War II and the half century of the Cold War, SIGINT was far and away the most important type of intelligence the U.S. gathered. Without the ability to collect and read enemy codes and ciphers, the U.S. might well have lost the Second World War. Without SIGINT, the Cold War might have ended far differently and might well have turned into a hot war at critical junctures; certainly, the U.S. would have been almost blind to many of the Soviet Union's malevolent activities. 2. It is unclear on what basis other industries selling sensitive products -- for example, the supercomputer, chemical and biotechnology, machine tool, chip manufacturers, etc. -- would be denied similar vehicles for demanding the elimination of any remaining export controls on the transfer of their respective products. What is more, it not self-evident that the national security will be well served by advertising which foreign encryption products are of concern to the U.S. government, let alone encouraging American manufacturers to supply superior -- i.e., less breakable encoding techniques -- in place of such products. 3. See in this connection, the Center's Decision Brief entitled Truth or Consequences #9: C.W.C. Proponents Dissemble About Treaty Arrangements Likely to Disserve U.S. Interests (No. 97-D 46, 27 March 1997). *************** Americans for Tax Reform Memo To: Frank From: Jim Lucier CC: Friends Date: June 26, 1997 Re: Encryption and National Security Dear Frank: I think we both agree that total U.S. dominance of all technologies across the board is a vital guarantor of national security. We disagree on factual premises. The powerful encryption methods under discussion are universally published mathematical techniques taught in universities everywhere to people like my brother who studied them at the undergraduate level. I particularly recommend the fine textbook by Bruce Schneier, Applied Cryptography. It is a mistake to assume this information, once disseminated, can be controlled. It is also incorrect to assume there is only one type of encryption which the U.S. could somehow keep secret. In fact, there are an infinite variety of techniques, some more elegant than others and all with their quirks, but many offering effective security. Indeed, almost any routine that manipulates data --including file compression algorithms -- can be considered a type of encryption. The case of encryption is dramatically unlike that of supercomputers, where one or two manufacturers in the U.S. may be uniquely capable of producing cutting edge equipment. Bad actors will not voluntarily participate in a key management system they can easily opt out of. The impact on crime will be zero. Only law-abiding people will be trapped in a system that opens them to maximal violations of privacy by governments and technically sophisticated rogue agents. This is not a case of greedy software companies that want to "sell encryption" overseas. In fact, encryption software is a low-margin commodity product that only a few specialists sell profitably. U.S. companies want to sell high-margin products like Lotus Notes, cc:Mail, Domino, secure servers, and Oracle databases, and sophisticated financial management tools that operate in a networked environment. U.S. companies dominate the market for these enterprise-wide, mission-critical applications. For now. The problem is that without encryption modules, the American products are useless for conducting secure business, and the power of networking, which gives them their unique value-added quality, is eliminated. U.S. regulations even prohibit American companies from selling software with "hooks," where foreign-made encryption products can be plugged in. The result is increasing inroads by foreign competitors. The German, Japanese, and Chinese governments are pointedly encouraging their programmers to make hay while they can. Dozens of companies around the world explicitly advertise that they sell products not subject to U.S. export restrictions. There is also the chance that the United States will lose the opportunity to set and dominate standards in vital areas such as digital currency, which involve encryption now subject to control. Currently, Europeans lead in this field. The use of telephone wiretaps has exploded under the Clinton Administration, and under legislation passed last year the number of people impacted by telephone wiretaps is slated to grow still further. For many, this gives ample ground to doubt that wiretaps are used sparingly, or that cases of abuse are minimal. The real restraint on the use of telephone wiretaps is that they are very expensive, and they require human intervention. Technology does not yet allow machines to monitor calls. On the Internet, by contrast, "packet sniffing" is virtually cost-free, and the packets of data are machine readable. Thus there is nothing to prevent widespread abuse of privacy. The single-sentence Frist Amendment to McCain-Kerrey which purports to solve this problem is totally meaningless. The claims of law enforcement are wildly exaggerated and not offered in the context of any statistical evidence to make serious risk assessment possible. Strong encryption is dangerous? Compared to what? No encryption? A government-sponsored system only incompetent criminals will use? For decades people have been predicting the death of SIGINT. It never happens. The reason is that as the volume of communications goes up, the opportunities for SIGINT also increase. In a networked environment, virtually any interaction with legitimate businesses, and even public infrastructure, can create a database of transaction streams greatly useful to law enforcement and intelligence agencies, who can examine this data with powerful heuristic searching tools. The information age will give, and is giving, law enforcement officers and intelligence agencies astonishing new powers. Law enforcement officials who claim they will be powerless in the future are being somewhat disingenuous. What really worries them is missing the opportunity to gain powers they dont have now, plus the stress of learning to operate in a different environment. The key management infrastructure (KMI) called for in McCain-Kerrey is a fiction. Detailed technical standards for such an infrastructure do not exist and may take several years to develop. A recent technical paper by leading private-sector cryptographers claims that the requirements of building a KMI are beyond the current expertise of the field. A central problem is that the Justice Department's insistence on real-time access to data in transit is not consistent with existing models of key recovery for stored data. If KMI works, it offers no advantage and many grave dangers. If it doesn't work, it is a costly drain on the economic sectors currently driving U.S. economic growth. A global KMI in which the U.S. arbitrarily limits its own information security and somehow expects other countries to participate is an atrocious idea. Reasonable people can debate the issue of export controls. The weight of evidence suggests that controls should be loosened, but there can be legitimate argument of how far and how quickly we should go. The McCain-Kerrey bill is by no means a "compromise" on export controls. It is legislation totally different from the Burns, Goodlatte, and Leahy proposals Congress has long been considering. For the first time, McCain-Kerrey would seek to impose controls on U.S. domestic use of cryptography through a combination of regulation, criminal penalties, civil liability exposure, and taxpayer-financed industrial policy. It is highly significant that the Administration forced this legislation through the Commerce Committee without a single day's hearings. Senators were given only three days to study the legislation and supplied with misleading and incorrect information about who supported it. McCain-Kerrey probably could not have withstood public scrutiny in the Commerce Committee. As it is, the bill will very likely never move to the Senate Floor, but the Administration now has substantial leverage to pursue its regulatory agenda. The relaxation of exportable key lengths from 40- to 56-bits is not a sop to industry but a pathetic offering that raises the time-to-break for a foreign intelligence agency stealing U.S. trade secrets from ..0002 seconds to 12 seconds. McCain-Kerrey actually represents a step backward from previous Administration positions on the issue of export controls and exemplifies the bad faith and intransigence this Administration has consistently shown. Last year, for instance, the Administration announced it was relaxing export controls from 40 to 56 bits and then reversed itself, saying the relaxation, if offered, would only be temporary and contingent on businesses developing plans to comply with Administration key-recovery standards. In short, the Administration has been using export controls solely as a club to get unprecedented domestic regulation. In economic terms, McCain-Kerrey represents a stunning arrogation of power by Congress to itself for the purposes of regulating digital commerce which, as the digital age begins, is probably at least as significant as the Communications Act of 1934. This makes the "three days-no hearings" approval process in committee all the more astonishing. A vigorous national security debate is welcome on this issue. The issue of encryption involves profoundly difficult choices and any decisions we make must be taken with grave deliberation and great care. We can postpone these choices but we cannot put them off forever. Ultimately, these decisions turn on findings of fact as to whether control of encryption is still possible. The Administration has made no effort to show its entire proposal is not based on wishful thinking and a regulatory mindset. The United States does have enormous investment in its SIGINT capabilities, which are many and varied. These will also not disappear overnight. But tomorrow will not be like today. Peter Drucker has written movingly of the stress undergone by companies who feel they owe their existence to a particular product but who discover that markets have changed and they must do something different. Companies that succeed are the ones that can innovate. A similar mindset is in order for national security policy. The United States has always competed by out-innovating our adversaries, and on this basis we have always won. The risk to be avoided all costs is a Maginot Line mentality. French planners obsessed with fighting the first World War lavished untold fortunes and considerable engineering brilliance on a structure that was not only useless in the following conflict but locked France into a defensive posture that guaranteed France would be defeated in days by the Germanys mechanized army. The fundamental national security interest of the United States is best served by total dominance of world markets in information technology as well as information technology products and services, financial services, telecommunications and a host of other fields. Our goal should be raw commercial power in all these areas -- especially information products and information flows -- backed by impressive military and intelligence capabilities. However, we do not reach this goal by saddling U.S. business with irrational regulation and ill-conceived industrial policy. When U.S. companies dominate the world markets for advanced management software which foreign businesses must use to remain competitive and telecommunications services which have no equal on the planet, there is tremendous scope for the NSA to work productively with U.S. business. Indeed, the national security community has long enjoyed such a relationship, and law enforcement agencies are well-advised to develop one. The essence of such a relationship, however, is that it must be maintained quietly. We do not need to advertise worldwide exactly how the United States plans to conduct its foreign intelligence or how law enforcement agencies, in truly exceptional and Constitutionally permissible cases, plan to conduct domestic surveillance. Meanwhile, we must remember that the United States has the most to protect in terms of intellectual property, proprietary knowledge, global business dealings, and critical information infrastructures that keep all aspects of our societyincluding the military and strategic onesrunning smoothly. We should be the worlds masters of encryption, the tools to break it, and the ways of getting around it. We should protect our information security by having a diversified environment that relies on no one government-mandated information standard. It should be a stated goal of U.S. policy in the Information Age and the global economy to force totalitarian societies and welfare states to play by our rules or collapse. Our friends in Europe need a wakeup call. Our trusted allies in Asia need reassurance the United States can still exert powerful influence in their region. Developing nations need the model of U.S. economic growth. Russia must see unthreatening but overwhelming U.S. power. The Chinese regime should experience outright destabilization when its totalitarian system breaks down under a coordinated U.S. information technology assault through peaceful means such as Radio Free Asia and Internet communication. These are worthy goals, and they are eminently attainable, as long as technology boondoggles dont sidetrack us along the way. In short, I salute you for making the best possible case for caution at a time when caution is due. However, it is also a time to examine a changing world carefully and prepare for the future as best we can. Let's set our sights on a new American Century. ------------------------- Declan McCullagh Time Inc. The Netly News Network Washington Correspondent http://netlynews.com/