|
 |
|
|||||
|
In the Matter of |
) ) ) ) |
COMMENTS OF THE CENTER FOR DEMOCRACY AND TECHNOLOGY
I. Overview
The Center for Democracy and Technology (CDT) submits these comments on the Interim Rule on Encryption Items, as published in the Federal Register on December 31, 1998 (Volume 63, No. 251). CDT believes the Department of Commerce has taken an important step forward with its latest efforts to revise encryption export regulations, as embodied in the recent Interim Rule. Provisions to raise the key length limit on exports to 56-bits and provide increasing liberalization for online merchants are particularly welcome. However, CDT believes that the current regulations still do not go far enough towards allowing Internet users to adequately protect their security and privacy online.
Since the last major revisions to the U.S. encryption regulations in December 1996, the rapid pace of developments on the Internet have made it clear that some sort of broader reform of U.S. policy is urgently needed. Dramatic cracking efforts and the Department of Commerce's own standards processes have underscored the weaknesses in even the newly liberalized 56-bit encryption products. Research has revealed the vulnerabilities of key recovery systems, and the marketplace has failed to embrace these systems even for stored data. Foreign governments have proven increasingly unwilling to adopt U.S. export control and key recovery policies, and in fact are moving in the opposite direction, toward liberalization. Foreign availability of strong encryption products is rising, and U.S. companies are desperately scrambling for ways to export the products their customers want. On many fronts, U.S. encryption export policy is failing.
Perhaps most importantly, U.S. policy stands in the way of a growing urgent need for strong encryption products that people trust. The past two years have shown that people and businesses are moving more and more of their lives, economic activities, and sensitive data online. The federal government has identified the frightening vulnerability of our nation's critical infrastructure. Strong encryption, without built-in backdoors, is an essential part of protecting that sensitive data and critical infrastructure. CDT believes that current U.S. policy dangerously impedes the deployment of accessible, easy-to-use, global security systems for the Internet needed to protect our data and our critical infrastructure.
CDT is a non-profit, public interest organization dedicated to developing and implementing public policies to protect and advance civil liberties and democratic values in new digital media. One of our core goals is to enhance privacy and security protections for individuals in the digital age. The Internet provides enormous potential to promote electronic commerce, economic growth, and democratic values. To realize this potential, however, Americans must be assured of their privacy and security online.
II.Comments on Interim Rule
US export controls have affected the global availability of strong encryption — including use within the United States. Since their inception, the Administration’s encryption export regulations have effectively set standards not only for encryption products abroad, but also for domestic use of encryption by everyday Americans. American businesses and individuals often must conform to export regulations in order to communicate internationally. In addition, the importance of U.S. products in the global marketplace effectively allows export regulations to prevent the adoption of strong global encryption standards. Export controls thus force many computer users, both within the US and abroad, to use weaker encryption products that would otherwise be easily available.
Although the December 1998 Interim Rule raises the previous 40-bit ceiling to 56-bits, this is not strong enough to protect privacy and security online. Several independent sources have demonstrated that 56 bit-length encryption systems are vulnerable to attack. As early as 1996, an ad-hoc group of cryptographers and computer scientists published a study saying that 56-bit DES was "cheaper and easier to break than many believe." [ 1 ] At the January 1999 RSA Data Security Conference, a coalition of encryption enthusiasts were able to break a 56-bit code in 22 hours and 15 minutes. [ 2 ]
The Department of Commerce’s own National Institute of Standards and Technology (NIST) has also recognized that 56-bit encryption systems are weak. In a draft publication released in January, NIST revised the encryption standard for government use to Triple DES, citing the vulnerability of 56-bit DES to attack. "With regard to use of single DES, exhaustion of the DES (i.e. breaking a DES encryption ciphertext by trying all possible keys) has become increasingly more feasible with technology advances. Following a recent hardware based DES key exhaustion attack, NIST can no longer support the use of single DES for many applications." [ 3 ] If the government does not trust 56-bit level security, everyday Americans should not be expected to rely on this weaker level of security to protect their electronic data.
Furthermore, 128-bit encryption systems are rapidly becoming the global standard for adequate online security. The US government should recognize the changing global marketplace and allow American businesses and consumers to keep pace with the technology.
B. The current export regulations continue to promote key recovery and plaintext access.
The current regulations continue to create a strong incentive for widespread adoption of key recovery by maintaining license exemptions for encryption items with key recovery features. [ 4 ] License Exception KMI forces encryption users to choose between inadequate bit-lengths and risky key recovery features, both of which jeopardize privacy and security online.
Several recent studies have confirmed that key recovery imposes both serious security risks and economic costs on encryption users. A 1998 report by a group of encryption experts confirms that "[t]he deployment of key-recovery-based encryption infrastructures to meet law enforcement’s stated specifications will result in substantial sacrifices in security and greatly increased costs to the end-user." [ 5 ] The Business Software Alliance recently published a study citing the cost of key escrow systems at $7.7 billion per year and $38.5 billion over a five year period. [ 6 ]
In addition these security risks posed, a key recovery infrastructure leaves encryption end-users vulnerable to law enforcement intrusions because current law does not provide legal access standards. The Administration has made an attempt to recognize changes in the encryption technology market by expanding the criteria necessary for classification under key escrow or key recoverable products to include plaintext access through a network administrator. [ 7 ] However, the revised definition continues to mandate plaintext access without the knowledge or assistance of the end-user, retaining the fundamental features of key recovery that have proven most problematic.
C. Stifling the growth of encryption technology is actually contrary to the goal of protecting national security.
The Administration has a legitimate goal in promoting the needs of law enforcement officials. However, preventing the use and development of strong encryption does not effectively achieve this goal. According to a study on cyberterrorism conducted by the Center for Strategic and International Studies, "Continued reliance on limited availability of strong encryption without the development of alternative sources and means seriously harms law enforcement and national security." [ 8 ]
Rather than preventing crime, export controls keep strong security out of the hands of law-abiding American citizens, leaving them vulnerable to hackers and terrorist attacks. Encryption protects Internet users from criminals who would like to exploit their sensitive personal and financial information, helping law enforcement to protect US citizens. Without encryption, our nation’s critical infrastructure is at serious risk and vulnerable to attack. As the seminal report by the National Research Council argues, "If cryptography can help protect nationally critical information systems and networks against unauthorized penetration (which it can), it also supports the national security of the United States." [ 9 ]
D. While American encryption users are forced by export controls to adopt weak security systems, the availability of strong encryption abroad continues to grow.
Despite the intended goals, the Administration’s export controls on encryption technologies do not prevent hackers and criminals from gaining access to strong encryption. Encryption software can be purchased from many other countries across the globe, and easily downloaded over the Internet. [ 10 ] According to a recent study by the Economic Strategy Institute, 1,601 encryption products were available as of September 1997 from 941 firms in thirty countries. Of this total, 653 are made outside the United States by 472 foreign firms. [ 11 ]
Several US companies have established foreign subsidiaries to avoid US export controls. For example, RSA Data Securities, a leading encryption software supplier, recently established a branch plant in Australia [ 12 ] to enable the production of technology that can compete on the global market. Zero Knowledge Systems, a company that creates anonymizer software programs, distributes their products through their headquarters in Canada [ 13 ] to avoid US encryption policies on worldwide shipping.
E.Contrary to U.S. government predictions, foreign governments have liberalized their export control.
Despite economic and diplomatic pressure from the United States to adopt export restrictions, other countries are affirming the rights of users to choose encryption systems with strong security features, as well as calling for international standards that keep pace with changing technology. The OECD Cryptography Policy Guidelines and the Ministerial Declaration of the European Union, both released in 1997, argue for the liberalization of controls on cryptography and the development of market-based, user-driven cryptography products and services. In the past year, Canada, Ireland [ 14 ] and Finland [ 15 ] have announced national encryption policies based on the OECD Guidelines, favoring the free use of encryption. Even France, a country with traditionally conservative policies on encryption export, recently liberalized their policies to allow export of 128-bit systems. [ 16 ] While the United States is a global leader in technology development, our export policies are outdated in comparison to other governments. According to a recent international cryptography survey by the Global Internet Liberty Campaign, "in the vast majority of countries, cryptography may be freely used, manufactured, and sold without restriction….The policies of the United States are the most surprising, given the fact that virtually all of the other democratic, industrial nations have few if any controls on the use of cryptography. The position may be explained, in part, by the dominant role that state security agencies in the U.S. hold in the development of encryption policy." [ 17 ] The United States is sacrificing its position as a global leader by failing to participate in the international consensus for liberalization of encryption export controls. In negotiating the Wassenaar Arrangement, the US government agreed with 32 other nations to set a 64-bit length ceiling on encryption exports, but then continues to domestically enforce a key length limitation that is much weaker than this global standard.
F. A piecemeal approach to export liberalization neglects the needs of individual encryption users to communicate securely online.
The December 1998 Interim Rule acknowledges the importance of encryption in promoting the growth of electronic commerce by granting export relief to industry groups and US subsidiaries abroad under License Exception ENC. However, the current regulations continue to ignore the needs of individual Internet users, for mass market, strong encryption products. The current regulations specifically prohibit customer-to-customer communications, an essential part of the global Internet community. Individual consumers are the backbone of electronic commerce. The Internet can not thrive without individuals who trust the privacy and security of their networked communications. Furthermore, those engaged in electronic commerce should not have an exclusive right to communicate securely online. Everyday Americans who conduct personal communications — from home banking to e-mail — over the Internet should have the right to protect their information online. These basic civil liberties are true for domestic encrypted communications, as well as on an international level. Human rights groups are increasingly using encrypted communications to protect their work and the lives of investigators, witnesses, and victims overseas. [ 18 ] These groups and individuals have a legitimate need to preserve their privacy and security on the Internet.
Conclusion
CDT appreciates the efforts of the Department of Commerce to strike a balance between the stated interests law enforcement, national security, civil liberties and industry. However, we believe that the latest encryption export regulations remain dominated by law enforcement and national security demands and represent a flawed view of how best to promote America's interests in the Information Age. Public safety and national security are best served by the spread of strong encryption. A more comprehensive, rather than merely incremental, revision of the encryption export controls is necessary for Americans to fully realize the promise of the global information economy. Until controls are eased on mass market software and key recovery requirements are eliminated, the Administration will not have achieved that comprehensive reform.
The Department of Commerce has shown its sensitivity to these concerns with its latest steps towards encryption export reform. We look forward to working with the Administration to develop a more comprehensive easing of export controls.
Footnotes
1. Minimal Key Lengths for Symmetric Ciphers to Provide Adequate Commercial Security, A Report by An Ad Hoc Group of Cryptographers and Computer Scientists. (http://www.bsa.org/policy/encryption/cryptographers_c.html)
3. Federal Information Processing Standards Publications, draft FIPS 46-3. US Department of Commerce/National Institute of Standards and Technology.
4. Supplement No. 5 of Part 742.
5. The Risks of Key Recovery and Trusted Third Party Encryption, A Report by an Ad Hoc Group of Cryptographers and Computer Scientists, June 1998. (http://www.cdt.org/crypto/risks98/)
6. The Cost of Government-Driven Key Escrow Encryption, Business Software Alliance.
7. Supplement No. 4 to Part 742.
8. Cybercrime, Cyberterrorism, Cyberwarfare, Center for Strategic and International Studies, 1998.
9. Cryptography's Role in Securing the Information Society, National Research Council.
10. For example, encryption software can be downloaded at http://online.offshore.com.ai/arms-trafficker/.
11 Finding the Key: Reconciling National and Economic Security Interests in Cryptography Policy, Economic Strategy Institute, March 1998.
12. Please refer to http://www.anu.edu.au/people/Roger.Clarke/DV/OzHistory.html#StateL
13. In October 1998, the Canadian Electronic Commerce Strategy was issued permitting the export of strong encryption without mandatory key recovery requirements. (http://www.ic.gc.ca/cmb/welcomeic.nsf/Pages/speechesefr.htm)
14. On June 24, 1998, the Irish government announced a new cryptography policy that rejects key escrow and recovery regimes in favor of court-ordered access to the plaintext data. (Source:Cryptography and Liberty 1999: An International Survey of Encryption Policy, Global Internet Liberty Campaign.)
15. A revised Finnish encryption policy was announced in January of 1999. In this new policy, Finland commits itself to reduce unnecessary restrictions on encryption policy that impede the development of industry or trade. (http://www.vn.fi/muuttunut.html)
16. On January 19, 1999, Prime Minister Lionel Jospin announced a policy allowing immediate use of 128 bit encryption without government review and removing mandatory key recovery laws. (http://www.premier-ministre.gouv.fr/GB/INFO/FICHE1GB.HTM)
17. Cryptography and Liberty 1999: An International Survey of Encryption Policy, Global Internet Liberty Campaign.
18. Encryption in the Service of Human Rights, Center for Democracy and Technology, March 1998.
|
The Center For Democracy & Technology 1634 Eye Street NW, Suite 1100 Washington, DC 20006 (v) 202.637.9800 (f) 202.637.0968 Contact CDT Copyright © 2005 by Center for Democracy and Technology. |