ACM/IEEE Letter on Cryp

Sat Apr 6 14:18:06 PST 1996

[on the Burns bill]
At 04:55 PM 4/3/96 -0500, Dave Banisar wrote:
>The draft bill which currently exists only takes the export controls on
>crpyto. The provisions on key escrow, criminal penalities and other problems
>are not in there and Burns staff have no intention of letting them in. The
>actual bill will be introduced in about 2 weeks.
>-dave

That sounds okay as far as it goes, but I can see a potential problem.  Your 
wording above is unclear, but if the Burns bill totally eliminates export 
controls that's great. However, we've frequently heard talk of "compromises" 
like the Leahy bill which seem to relate exportable encryption to that which 
is already available overseas.  There have been suspicions around there that 
this is intended to keep the American producers out of the market as long as 
possible, which is still a problem.  I don't think that's acceptable.

It's also not logical.  Even if we assume that the strongest encryption 
available overseas is 2048-bit RSA, that's far more secure than 1024-bit 
PGP, which itself (I've heard...) is probably 1-10 million times stronger 
than 512-bit PGP, and the last is probably just barely within the reach of 
even the NSA with a reasonable amount of resources directed at the task.   
Obviously, this means that the best encryption commonly available is so far 
beyond what the NSA can decrypt, there appears to be no point in denying 
somebody the right to export 3000-bit RSA, when 2048-bit versions are 
already in use.

In addition, even if this condition is assumed, there is a question about 
whether or not export will or must be automatically approved for any program 
which uses encryption equally or less strong than, say, 2048 bit PGP, or 
whether they will refuse export of programs which use encryption to 
implement functions that are "politically incorrect" despite the fact they 
use only "exportable level" encryption.  I could mention a specific example, 
but if you've followed my essays you already know what I'm talking about.  
The government could still deter new and innovative ideas utilizing 
encryption that themselves don't already exist overseas.

I think there's a serious enough danger here that we should insist on (at 
least) wording that completely takes the decision-making authority out of 
the government's hands for encryption that uses the same or less key length 
than the maximum available overseas, regardless of its function.  I don't 
want even this minimal restriction, but if that's what it takes to pass the 
Burns bill, it's progress anyway.  I'm sure somebody can (or already has) 
extend foreign-source PGP to 4096-bit keys to push the limit well beyond any 
practical limit, if 2048 bits isn't  there already.

Jim Bell
jimbell at pacifier.com