NRC Cryptography Report: The Text of the Recommendations
Recommendation 1: No law should bar the manufacture, sale, or use of any form of encryption within the United States. Recommendation 2: National cryptography policy should be developed by the executive and legislative branches on the basis of open public discussion and governed by the rule of law. Recommendation 3: National cryptography policy affecting the development and use of commercial cryptography should be more closely aligned with market forces. Recommendation 4: Export controls on cryptography should be progressively relaxed but not eliminated. 4.1 -- Products providing confidentiality at a level that meets most general commercial requirements should be easily exportable. Today, products with encryption capabilities that incorporate 56-bit DES provide this level of confidentiality and should be easily exportable. 4.2 -- Products providing stronger confidentiality should be exportable on an expedited basis to a list of approved companies if the proposed product user is willing to provide access to decrypted information upon legally authorized request. 4.3 -- The U.S. government should streamline and increase the transparency of the export licensing process for cryptography. Recommendation 5: The U.S. government should take steps to assist law enforcement and national security to adjust to new technical realities of the information age. 5.1 -- The U.S. government should actively encourage the use of cryptography in nonconfidentiality applications such as user authentication and integrity checks. 5.2 -- The U.S. government should promote the security of the telecommunications networks more actively. At a minimum, the U.S. government should promote the link encryption of cellular communications and the improvement of security at telephone switches. 5.3 -- To better understand how escrowed encryption might operate, the U.S. government should explore escrowed encryption for its own uses. To address the critical international dimensions of escrowed communications, the U.S. government should work with other nations on this topic. 5.4 -- Congress should seriously consider legislation that would impose criminal penalties on the use of encrypted communications in interstate commerce with the intent to commit a federal crime. [Page 28 of the "Overview and Recommendations". There's a lot more discussion of each of these in the whole overview, which should be up on the web late today at www2.nas.edu/cstbweb/.]
I read the overview of this, and while it is good that the report calls for maintaining the legality of domestic encryption and some slight loosening of the export rules, overall I was diappointed. First, the report reads as though the intended audience is law enforcement and security personnel. The perspective seems to generally be from the points of view of those bodies. This is just a subjective impression I have and it would be interesting to hear whether other people feel the same. Second, although they go to some lengths to emphasize the importance of an open, unclassified process, and that the report itself is completely unclassified, there are some curios omissions. For example, recommendation 4.1 is that 56-bit DES encryption should be exportable. However, they follow that by saying, "Products covered under Recommendation 4.1 must be designed in a way that would preclude their repeated use to increase confidentiality beyond the acceptable level." This is then followed with a couple of pages of justification for why this relaxation of the export policies should be allowed. Much is made of the fact that people will be more likely to use 56 bit encryption than the 40 bit which is currently allowed. (This is an example of the perspective issue I mentioned above.) However, nowhere is it stated why more than 56 bits is not OK, and why it is necessary to forbid repeated use to increase confidentiality. There is not one word of discussion of this proviso. I suspect the reason is that the NSA can break 56 bit DES but cannot break higher levels. But the report doesn't say so. Presumably this is because that fact is classfied. Okay, but it seems hypocritical to make much of the fact that the discussion is open, and then to limit the recommendations by considerations which can't be discussed openly. I also think it is sneaky that they bury this limitation in text which will not be seen by people who read only the recommendations. Third, although in broad terms the report is supportive of the use of cryptography, the specific recommendations do very little to liberalize current policies. Free domestic access to cryptography is already the law. Raising the export size limit from 40 to 56 bits is a step forward, but a small one. Beyond 56 bits they recommend the requirement of escrowed encryption. Given current moves to standardize on triple DES, this is a retrenching action. They recommend criminalizing the use of cryptography in committing crimes, admitting that this may be used in some cases (as comparable mail fraud statues have been) to bring prosecutions against people who cannot be proven to have committed any other crime. "[T]he committee understands that it is largely the integrity of the judicial and criminal justice process that will be the ultimate check on preventing its use for such purposes." Fourth, recommendation 5.2, to promote the use of link encryption for cellular phones, is designed to reduce privacy, not help it. "Recommendation 5.2 is an instance of a general philosophy that link (or node) security provided by a service provider offers more opportunities for providing law enforcement with legally authorized access than does security provided by the end user." When I wrote my letter to the NRC during their comment period (available at <URL: http://www.portal.com/~hfinney/nasinput.html >) I made a similar point, but with the opposite conclusion, that end to end encryption would be preferred. Overall, I am disappointed that the report seems to adopt so much of the point of view of those forces which will oppose the use of cryptography. At best it seems to be a recognition that change is inevitable, and that the most that can be hoped for is to ease the transition to a world where people have free access to privacy tools. But in the meantime it appears designed to delay the transition rather than advance it. Hal
I read the overview of this, and while it is good that the report calls for maintaining the legality of domestic encryption and some slight loosening of the export rules, overall I was diappointed.
Watching faces at the NPC, it was clear there was lots of private divergence midst the panel. A further indication of this was that three of them refused to get clearances. I'd say the report was a success based solely on the fact the Administration does not like it ;=| -- A host is a host from coast to coast.................wb8foz@nrk.com & no one will talk to a host that's close........[v].(301) 56-LINUX Unless the host (that isn't close).........................pob 1433 is busy, hung or dead....................................20915-1433
Hal writes: [ Good critique of NRC crypto report ] I completely agree. The *best* that could be said of this report is "56 bits instead of 40". B.F.D. And aside from that one concession, it's a step backward. BTW, does it seem to anyone else that recommendation 1 "no law should bar the .... use of ... encryption within the United States" is contradicted by recommendation 5.4: "Congress should seriously consider legislation that would impose criminal penalties on the use of encrypted communications in interstate commerce with the intent to commit a federal crime"? Maybe they meant to say "no law except those we propose below" :-(. -- Jeff
On Thu, 30 May 1996, Hal wrote:
Second, although they go to some lengths to emphasize the importance of an open, unclassified process, and that the report itself is completely unclassified, there are some curios omissions. For example, recommendation 4.1 is that 56-bit DES encryption should be exportable. However, they follow that by saying, "Products covered under Recommendation 4.1 must be designed in a way that would preclude their repeated use to increase confidentiality beyond the acceptable level."
That is a modest misreading of the statement -- what it says is a sort of "generally available" requirement that the committee did a _BIG_ job of trying to soft-pedal at the conference. Especially when PGP was mentioned, they said "well, it's not _really_ a 'generally available' recommendation." But it _is_. One Cypherpunk at the meeting suggested to me that they knew if PGP was mentioned, heads would roll, and this might be a quiet way of sneaking that in.
I also think it is sneaky that they bury this limitation in text which will not be seen by people who read only the recommendations.
Yep, but OTOH, how much can they fit into a decent blurb anyways, which is all the actual recommendation text is?
Overall, I am disappointed that the report seems to adopt so much of the point of view of those forces which will oppose the use of cryptography. At best it seems to be a recognition that change is inevitable, and that the most that can be hoped for is to ease the transition to a world where people have free access to privacy tools. But in the meantime it appears designed to delay the transition rather than advance it.
Which is as good as we could hope for from a government-sponsored report, whose team was required to include members of the intelligence community, and which those members know will be looked at seriously by congress. While on the one hand I'm disappointed, OTOH it was much better than I expected it to be. While it is essentially a "status quo" sort of report, it still allows us to deploy strong crypto now. What I was most disappointed with was that (as far as I've found so far -- I've not slogged my way through the entire 500+ page report quite yet) CAPIs are totally ignored (although described in an appendix, I haven't yet been able to find any reference with regards to exporting them) thus leaving the "crypto in the hole" issue up in the air... ---------- Jon Lasser (410)532-7138 - Obscenity is a crutch for jlasser@rwd.goucher.edu inarticulate motherfuckers. http://www.goucher.edu/~jlasser/ Finger for PGP key (1024/EC001E4D) - Fuck the CDA.
participants (6)
-
David Lesher -
Hal -
Jeff Barber -
John Gilmore -
Moltar Ramone -
watson@tds.com