New Clinton (anti-) Encryption Policy nnn

[forsvunnet at alpha.c2.org]

Thought you all might be interested in these documents.  They were put out as press releases internationaly on 7/25.

It occurs to me that the list of companies collaborating with the Department of Commerce on key escrow must be publically available.  If someone could get a copy it would allow us all to contact those companies with our views and (more importantly) begin a campaign against companies supporting the escrow project on the net.

Here are the press releases:

CLINTON ADMINISTRATION FACT SHEET: U.S. CRYPTOGRAPHY POLICY (Industry, international cooperation urged)

WASHINGTON -- Because advanced encryption technology is posing problems for  law-enforcement officials to investigate crimes and terrorism, the Clinton administration is  pressing for a global system for unlocking encrypted messages when necessary. 
A July 12 fact sheet from the U.S. Department of Commerce elaborates the administration  approach, called key recovery encryption.

While the United States sets no limit on the level of encryption technology that can be used  domestically, it does restrict exports of it.  The administration says it might relax those export  controls if U.S. industry cooperates on building a key recovery infrastructure. 

Following is the text of the fact sheet:

(begin text)

U.S. Cryptography Policy: Why We Are Taking the Current Approach 
We live in an age of electronic information.  Information technology is transforming society,  creating new businesses, new jobs and new careers.  The technology also creates new  opportunities for crime and new problems in investigating and prosecuting crime.  As a result,  electronic information, be it corporate trade secrets, pre-release government crop statistics, or a  patient's medical records, must have strong protection from uninvited modifications or disclosure.   Cryptography enables that protection. 

The United States is the world leader in information technology. U.S. firms continue to dominate  the U.S. and global information systems market.  Retaining this leadership is important to our  economic security.  The Clinton administration, through its National Information Infrastructure  initiative, has long recognized that government has an important role as a facilitator and catalyst  for the industry-led transformation of the way we use computer and  communications technology  to work and live.

In particular, government has a strong interest in promoting the legitimate use of robust  encryption to support U.S. international competitiveness, foster global electronic commerce,  prevent computer crime, and ensure that the information superhighway is a safe place to conduct  one's business.  At the same time, there is a growing recognition, affirmed most recently by the  National Academy of Sciences, that the use of encryption to conceal illegitimate activities "poses a  problem for society as a whole, not just for law enforcement and national security."  In brief,  criminals can use encryption to frustrate legal wiretaps and render useless search warrants for  stored electronic data.  We know of no technical solution to the problems that would result from  the global proliferation of strong cryptography.  The implications of this are no small matter. 
Encrypted computer files have hampered the prosecution of child pornographers.  Militia groups  advise their members to use encryption to hide illicit weapons, financial, and other criminal  activities.  Aldrich Ames was instructed by his Soviet handlers to encrypt computer files that he  passed to the Soviets.  And international terrorists and drug dealers increasingly use encryption to  prevent law enforcement officials from reading their voice and data transmissions.  Grave crimes,  such as a plot to shoot down several airliners over Chicago, have been foiled by the use of  wiretaps.  Had the FBI been unable to read those transmissions, however, a major tragedy might  have ensued.

Cracking Coded Messages

We should not underestimate how difficult it is to decode encrypted electronic information.  One  approach advanced in the popular debate is to provide our law enforcement officials with more  computing power.  At first glance, this suggestion seems promising because in theory any  encrypted message can be decoded if enough computing cycles are applied.  This approach fails  for five reasons: 

First, it relies on mathematical theory, not operational reality.  Digital technology reduces voice,  faxes, images, and text in any language to indistinguishable 1s and 0s.  A great variety of  encryption products are also available.  Under ideal conditions -- if the type of communication or  file, language, and encryption algorithm are known with certainty, and a short key is used to  encrypt the information -- a large, specially designed computer could decode a single message  relatively quickly.  But state, local, and federal law enforcement officials do not operate in the  clean confines of a high-tech computer center.  They must first capture the 1s and 0s and discern  what kind of encryption they have encountered.

Second, after the decoding problem is isolated, acquiring a machine to decode a message is  neither quick, easy or inexpensive.  Commercially available computers could not be used because  they will not have sufficient capacity.  It would, for example, take years for the computers used to  process all Social Security claims, payments and earnings years to decode one message using the  Data Encryption Standard (DES), a widely used system originally developed by the U.S.  government that uses a 56-bit key.

Third, this approach betrays a misunderstanding of how crimes are prevented.  Used only in the  most critical cases, legally authorized wiretaps provide crucial information just before a crime is  to occur.  Thus a near real-time ability to decode messages is needed.  Days or weeks are too long  to wait to find out that a terrorist attack is about to happen. 
Fourth, this approach fails to acknowledge the volume of messages that could need decoding.   Each wiretap results in the collection of thousands of messages relevant to the investigative  purpose of the wiretap.  Even under the most ideal conditions, had these messages been  encrypted, the computing resources required to decrypt them quickly would simply not be  available.  And this example does not include the additional burden of decrypting, if possible, any  digital information such as computer disks that are seized as evidence after a crime has been  committed.

Finally, revealing the precise capabilities of law enforcement agencies to decode messages, as  would be necessary in order to present the fruits of that work as evidence in court, could provide  a tutorial to criminal elements bent on eluding law enforcement. 

No restrictions apply to the U.S. domestic use of cryptography, and the administration has no plan  to seek restrictions. Cryptography has long been controlled for export for national security  reasons, so as to keep it from getting into the hands of foreign governments.  But it has today  become a dual-use technology, and international businesses want to use the same security products  both domestically and abroad.  The administration is thus under strong pressure to provide relief  from cryptography export controls.

For our cryptography polIcy to succeed, it must be aligned with commercial market forces and  operate on an international basis.  Further, it should preserve and extend the strong position that  U.S. industry enjoys in the global information systems marketplace.  Accordingly, the U.S.  government is working with U.S. industry and our international trading partners on an approach  that will protect information used in legitimate activities, assure the continued safety of Americans  from enemies both foreign and domestic, and preserve the ability of the U.S. information systems  industry to compete worldwide.

Key Management and Recovery

A consensus is emerging around the vision of a global cryptography system that permits the use of  any encryption method the user chooses, with a stored key to unlock it when necessary. The  encryption key would be provided voluntarily by a computer user to a trusted party who holds it  for safe keeping.  This is what many people do with their house keys -- give them to a trusted  neighbor who can produce them when something unexpected goes wrong.  Businesses should find  this attractive because they do not want to lock up information and throw away the key or give an  employee -- not the company -- control over company information.  An individual might also use  this service to ensure that she can retrieve information stored years ago.  This will require a new  infrastructure, consisting of trusted parties who have defined responsibilities to key owners.   Under law, these trusted emergency key recovery organizations would also respond in a timely  manner to authorized reques!
!
ts from law enforcement officials who required the key to decode  information lawfully obtained or seized from a subject of investigation or prosecution. 

The federal government will use key recovery encryption on its own computers because it makes  good management sense.  It would be irresponsible for agencies to store critical records without  key recovery, risking the loss of the information for programmatic use and the inability to  investigate and prosecute fraud or misuse of the information. 

A number of U.S. and international companies are working with the U.S. and other governments  to create a system of trusted parties who are certified to safeguard the keys.  In some cases,  organizations might guard their own keys.  In other cases, persons will use the key recovery  services provided by third parties, one of a suite of services that will include electronic directories  and electronic "notaries" in support of online commerce.  Persons will be  free to choose the type  and strength of encryption that provide the degree of security they believe appropriate for their  use.  Taken together, an overall key management infrastructure is needed to make electronic  commerce practical on a global scale.

Some commercial products and services which provide emergency key recovery are already  available.  Testing and refinement is needed before a widespread, robust infrastructure is put in  place.  The U.S. government is committed to supporting the development of such a key  management infrastructure through pilots and experimental trials.  The State Department is  expediting the review of several export license applications that test commercial key recovery on  an international scale.  An interagency working group is identifying several potential  governmental uses of commercial cryptography -- both internal transactions and in  communications with the public -- where key recovery can be tested.  A plan outlining these  government tests will be available in August.  The government will be purchasing key recovery  products for its own use and will adopt a federal standard for evaluating such products to assure  agency purchasers that the key recovery features operate properly.  T!
!
he Department of  Commerce will be establishing an industry-led advisory committee to make recommendations  regarding such a standard this summer.

While we are open to other alternatives, a key recovery system is the only approach we know of  that accommodates all public safety interests.  And even it is imperfect.  Some people will not join  voluntary systems, preferring to run the risk of losing their keys and being unable to recover their  encrypted information.  Although in some countries (e.g., France) mandatory key escrowing is  already in effect, we are pursuing a market-driven approach in part because we hope and believe  that key recovery will develop as a cost-effective service in an electronic commerce  infrastructure.  We are encouraged in this effort by recent discussions we have had at the  Organization for Economic Cooperation and Development (OECD) that are leading to  international cryptography management principles which support key recovery. 

Export Controls

No matter how successful we are in realizing this vision, American users of computer technology  are demanding stronger encryption for international use now.  Although we do not control the use  of encryption within the U.S., we do, with some exceptions, limit the export of non-escrowed  mass market encryption to products using a key length of 40 bits. (The length of the encryption  key is one way of measuring the strength of an encryption product.  Systems using longer keys  are harder to decrypt.)  U.S. industry asserts that it is losing overseas sales to its European and  Japanese competitors because it cannot include stronger cryptography as a component of its  commercial software and hardware products.  It warns that loss of a significant share of the world  information systems market would cause serious economic damage to the U.S.  economy and  could reduce the U.S. government's ability to influence the long-term future of global  cryptography.  It also argues that, beca!
!
use customers do not want to use one product in the U.S.  and a different one overseas, export controls are causing U.S. firms to provide an unsatisfactory  level of protection to their electronic information, making them vulnerable to industrial espionage  by their competitors and foreign governments.

While 40 bit encryption products are still strong enough for many uses, the administration  recognizes that some export liberalization may be useful to build support for a key management  regime.  Accordingly, we are actively considering measures that would provide limited,  temporary relief from cryptographic export controls in exchange for real, measurable  commitments from industry (e.g., investments in products that support key recovery) toward the  building of a key management infrastructure.  The liberalization proposals under discussion,  which would continue the current one-time review of products by the National Security Agency,  include: permitting products using longer key lengths to be exported to specific industry sectors  such as health care or insurance (similar to current policy for the financial sector); allowing export  of non-escrowed products to a list of trustworthy firms beyond those sectors, with provisions for  monitoring compliance to prevent product d!
!
iversion to other firms; export of cryptography-ready  operating systems; and, most dramatically, the transfer of jurisdiction over commercial encryption  products from the State Department's munitions list to the Commerce Department's list of  dual-use technologies.   Our goal is to obtain commitments from industry by the fall. 

We must, however, be careful in any relaxation of controls.  Other governments' law  enforcement and national security needs to access material encrypted with U.S. products could  drive them to erect trade barriers by imposing import controls on strong non-escrow encryption  products.  In addition, we do not want to do anything that would damage our own national  security or public safety by spreading unbreakable encryption, especially given the international  nature of terrorism.  Even 40 bit encryption, if widespread and not escrowed, defeats law  enforcement.

It is for these reasons that we oppose the legislation (S. 1726) introduced in this Congress by  Senator Burns and co-sponsored by Senator Lott and former Senator Dole.  Although it contains  some provisions, such as the transfer of export control jurisdiction for commercial cryptography  to the Commerce Department, with which we could agree if constructed with appropriate  safeguards, the bill is unbalanced and makes no effort to take into account  the serious  consequences of the proliferation it would permit.

The importance of the U.S. information technology industry, the security stakes, and increasing  congressional interest make it clear that there is an urgent need for clear policy and direction.   The administration's proposed approach is broadly consistent with industry suggestions and the  conclusions reached by the National Academy of Sciences in its report.  That report recognizes  the need to address a complex mix of commercial and security issues  in a balanced manner.  We  agree with that need.  We also agree with the report's recommendation that export controls on  encryption products need to be relaxed but not eliminated, and are actively considering ways of  providing short-term relief.  (We do not agree with the report's recommendation that we eliminate  most controls on 56-bit key length products.)  Finally, we agree that key escrow is a promising  but not fully tested solution, and are promoting the kinds of testing the report recommends as a  way of demonstrating!
!
 the solution's viability while providing stronger encryption internationally. 

We will continue discussions with industry, other members of the private sector, the Congress,  and governments at all levels to arrive at a solution that promotes a future of safe computing in a  safe society.

(end text)

TEXT: ADMINISTRATION STATEMENT ON COMMERCIAL ENCRYPTION
(International agreement sought for security, safety)

WASHINGTON -- The Clinton administration has proposed a framework for an international  agreement that would give law-enforcement officials around the world some access to encrypted  information in telephone transmissions, electronic mail and Internet communications. 
A July 12 press release from the U.S. Department of Commerce gives the essence of the  proposal, which would entail use of private-sector third parties who would hold spare keys to  encryption tools and would surrender them to law-enforcement officials having proper ‹uthority. 
While developing this proposal, the administration would consider relaxing U.S. export controls  on encryption technology.

Following is the text of the administration statement:

(begin text)

Administration Statement on Commercial Encryption Policy

The Clinton administration is proposing a framework that will encourage the use of strong  encryption in commerce and private communications while protecting the public safety and  national security.  It would be developed by industry and will be available for both domestic and  international use.

The framework will permit U.S. industry to take advantage of advances in technology pioneered  in this country and to compete effectively in the rapidly changing international marketplace of  communications, computer networks, and software.  Retaining U.S. industry's leadership in the  global information technology market is of longstanding importance to the Clinton administration. 
The framework will ensure that everyone who communicates or stores information electronically  can protect his or her privacy from prying eyes and ears as well as against theft of, or tampering  with, their data.  The framework is voluntary; any American will remain free to use any  encryption system domestically.

The framework is based on a global key management infrastructure that supports digital signatures  and confidentiality.  Trusted private-sector parties will verify digital signatures and also will hold  spare keys to confidential data.  Those keys could be ortained only by persons or entities that have  lost the key to their own encrypted data, or by law enforcement officials acting under proper  authority.  It represents a flexible approach to expanding the use of strong encryption in the  private sector.

This framework will encourage commerce both here and abroad.  It is similar to the approach  other countries are taking and will permit nations to establish an internationally inter-operable key  management infrastructure with rules for access appropriate to each country's needs and  consistent with law enforcement agreements.  Administration officials are currently working with  other nations to develop the framework for that infrastructure. 
In the expectation of industry action to develop this framework internationally and recognizing  that this development will take time, the administration intends to take action in the near term to  facilitate the transition to the key management infrastructure. 
The measures the administration is considering include:

1.   Liberalizing export controls for certain commercial encryption products. 
2.   Developing, in cooperation with industry, performance standards for key recovery systems  and products that will be eligible for general export licenses and technical standards for products  the government will purchase.

3.   Launching several key recovery pilot projects in cooperation with industry and involving  international participation.

4.   Transferring export control jurisdiction over encryption products for commercial use from the  Department of State to the Department of Commerce.

Administration officials continue to discuss the details of these actions with experts from the  communications equipment, computer hardware and software industries, civil liberties groups and  other members of the public to ensure that the final proposal balances industry actions towards the  proposed framework, short-term liberalization initiatives, and public safety concerns.  
The administration does not support the bills pending in Congress that would decontrol the export  of commercial encryption products because of their serious negative impact on national security  and law enforcement.  Immediate export decontrol by the U.S. could also adversely affect the  security interests of our trading partners and lead them to control imports of U.S. commercial  encryption products.

A Cabinet committee continues to address the details of this proposal.  The committee intends to  send detailed recommendations to the president by early September, including any  recommendations for legislation and executive orders.  The committee comprises the secretaries  of State, Defense, Commerce and Treasury; the attorney general; the directors of Central  Intelligence and the Federal Bureau of Investigation; and senior representatives from the Office of  the Vice President, the Office of Management and Budget, and the National Economic Council. 
(end text)

SENATORS, ADMINISTRATION CLASH OVER ENCRYPTION CONTROLS
(Bill would allow more exports)
By Bruce Odessey
USIA Staff Writer

WASHINGTON -- Clinton administration officials and members of a Senate committee have  clashed over policy on export controls for advanced encryption technology. 
At issue at a July 25 Senate Commerce Committee hearing was a bill that would relax those  controls by allowing U.S. exports of any encryption technology that was already generally  available for sale in foreign markets.

Encryption is the use of a string of letters or numbers -- known as a "key" -- that renders  computer files and digital transmissions unreadable to those without access to the code.  The  complexity of the key is measured in bits.

Present regulations prohibit U.S. exports of encryption products using a key length of more than  40 bits.

"It is widely agreed that 40-bit security equals no security.  It is simply too easy to break," said  Senator Larry Pressler, committee chairman.  "However, U.S. companies are not allowed to  provide products at this level abroad ....  This is a boon for our foreign competitors.  They are  actively developing markets we are forced to abandon."

Senators of both parties expressed dissatisfaction with an administration policy announced July 12.   The policy would allow some relaxation of the export controls but only if U.S. industry lent  support to an administration proposal for a global cryptography system -- called an internationally  inter-operable key management infrastructure, or a key escrow system. 
A number of governments in the Organization for Economic Cooperation and Development  (OECD) are already working to create such a system.  Under it, non-government parties would  hold encryption keys in escrow; law-enforcement officials with court authority would have access  to the keys to unscramble data transmissions, telephone conversations and electronic mail in  criminal or terrorism investigations.

Supporters of the bill and administration officials opposed to it differed not only about interpreting  the facts but also about the facts themselves.


For example, one issue concerns whether attempts to control  encryption technology are already too late because advanced products -- including 56-bit  products available for downloading for free from sites on the Internet -- are already widely  available.

"Some observers say the encryption genie is out of the bottle and that attempts to influence the  future use of encryption are futile," said Louis Freeh, director of the Federal Bureau of  Investigation (FBI).  "This is not true, in my view."

He argued that a little time remains to protect public safety because few people use encryption  technology yet.

"Some strong encryption products can be found overseas, but they have not yet become  embedded in mainstream operating systems, which I think is a critical distinction," Freeh said.   "There is still a window of opportunity for us to act here. 
Administration officials guessed that countries might have two years yet to reach international  agreement before the infrastructure builds up to make robust encryption products widely useful. 
An agreement could help create an infrastructure open to scrutiny by law-enforcement officials  around the world through key management.  Then, even if wealthy criminal or terrorist  organizations used advanced non-key escrow technology to block interception of communications  among their own members, law-enforcement officials could still scrutinize their external  communications to banks and other legitimate businesses conducted with key escrow products. 
That was the Clinton administration view, anyway, but it was not shared by many on the Senate  Commerce Committee.

"Is it possible to get every country on the planet to agree to this approach," asked Senator Conrad  Burns, a Montana Republican who is sponsoring the bill, "and, if we cannot, wouldn't the entire  approach be undermined if one or more countries chose not to adopt such an approach?" 
Senator Ron Wyden, an Oregon Democrat, said the Clinton policy would force U.S. industry  permanently behind foreign competitors.

"The terrorists and drug merchants of the 21st century are not going to be encryption simpletons,"  Wyden said.  "Many of them are going to be savvy and sophisticated, and they are going to be  hunting worldwide for these data-scrambling products," not just from U.S. suppliers.