Previous Headlines | Legislative Tracking | CDT's Privacy Policy
Testimony of the Center for Democracy and Technology
before the
House Committee on the Judiciary
Subcommittee on Courts and Intellectual Property
March 4, 1999
The Center for Democracy and Technology (CDT) is pleased to have this opportunity once again to testify about encryption policy before the House Judiciary Committee. CDT is a non-profit public interest group dedicated to promoting civil liberties and democratic values on the Internet. CDT testified two years ago before this subcommittee in support of the Security and Freedom through Encryption (SAFE) Act, and we are happy to be here supporting the bill once again.
The last two years have made it more clear than ever that Congress should enact SAFE:
Two years ago, there were about 50 million people on the Internet. Today that number has nearly tripled to 140 million people worldwide. Surveys indicate that the number one issue for people as they move online and begin to participate in electronic commerce is privacy and security. The Internet has vast potential to reinvigorate democracy, provide access to information, create new forms of community, and promote economic growth. But the promise of the Internet will not be met unless people can trust it. Widespread availability of strong, encryption without backdoors built in is needed to provide that trust.
It is for all of these reasons that Congress should adopt the SAFE Act of 1999. The Administration has proven unable to change its basic approach to encryption. Congressional action is needed. The SAFE Act of 1999 improves on previous versions of the bill and would help provide Americans with the strong security and privacy products they so badly need. CDT commends Representatives Goodlatte and Lofgren, Chairman Coble, and the other cosponsors of the SAFE Act for their continued commitment to this essential debate about the electronic privacy of Americans.
Two years ago, this committee held a hearing on encryption strikingly similar to the one being held today. Privacy advocates and industry representatives testified about the need for new encryption policies, and Administration officials argued that new regulations would allow U.S. policy to satisfy the competing interests at hand. In retrospect, the rapid pace of technical and marketplace developments over the last two years have made it clearer than ever before that the U.S. approach to encryption policy remains fundamentally flawed.
Two years ago privacy advocates argued that 56-bit encryption, the maximum strength exportable for consumers without key recovery, was not secure enough for many applications. The Justice Department disputed this, claiming that "According to the National Security Agency’s estimates, the average time needed to decrypt a single message by means of a brute force cryptoanalytic attack on 56-bit DES — a strength whose export we are now allowing --- would be approximately one year and eighty-seven days using a thirty-million-dollar supercomputer." [ 1 ]
Technical developments have proven these comments wrong. In the Fall of 1998, a group of researchers sponsored by the Electronic Frontier Foundation built a "DES Cracker" system for less than $250,000 that broke a 56-bit key within 56 hours. [ 2 ] Less than six months later, in January 1999, encryption enthusiasts broke a 56-bit code in 22 hours using the DES Cracker and a network of distributed computers. If a non-profit and a group of part-time enthusiasts could develop such a system on a shoestring budget, we are only left to imagine what a foreign government, large corporation, or sophisticated criminal enterprise could do.
The U.S. Government has itself recognized the weakness in 56-bit encryption systems. In a January 1999 draft the National Institute of Standards and Technology (NIST) revised the encryption standard for government use from 56-bit DES to much stronger "Triple DES," citing the vulnerability of DES. [ 3 ] Meanwhile, NIST has been leading efforts to create an Advanced Encryption Standard based on the 128-bit (and higher) algorithms that are becoming the world standard for online security. If the government does not trust 56-bit security, why should everyday computer users and companies be expected to rely on this weaker level of security?
Two years ago before this Subcommittee, Administration witnesses touted key recovery as the compromise that met law enforcement desires and was "going to become the worldwide standard." [ 4 ] In fact, since then government-driven key recovery has been greeted with great skepticism and widely discredited.
Research has revealed the vulnerabilities of key recovery systems, which create backdoors to plaintext without the notice or consent of an encryption user. A 1997 report by a group of encryption experts found that "[t]he deployment of key-recovery-based encryption infrastructures to meet law enforcement’s stated specifications will result in substantial sacrifices in security and greatly increased costs to the end-user." A year later, with no substantive response from within the Administration or the technical community, the same group of experts confirmed its findings still held true in June 1998. [ 5 ] A copy of their report is being submitted to the Subcommittee along with this testimony.
Despite Administration predictions, the marketplace has shown little interest in even stored data recovery, and there is virtually no demand for key recovery for communications. To CDT's knowledge not one major key recovery encryption product is being widely used by consumers today. [ 6 ]
Encryption controls are ultimately only effective if other countries control encryption products as well. In 1997, the Administration testified, "We have engaged in extensive international discussions on this topic over the last year, and a consensus is now emerging throughout much of the world that the way to achieve this balance is through the use of a ‘key recovery’ or ‘trusted third party’ system. . . We believe that key recovery will become the worldwide standard for users of the GII." [ 7 ] To date, the opposite has been true. The OECD Cryptography Policy Guidelines and the Ministerial Declaration of the European Union, both released in 1997, failed to embrace key recovery despite lobbying by the U.S. government. In the past year, Canada, Ireland and Finland have announced encryption policies allowing free use and export of strong encryption products without key recovery.Even France, a country with sweeping controls on encryption use in the past, recently liberalized its policies.
Two years ago the national security community seemed to speak with one voice about the danger of strong encryption. Today there has been an increasing recognition of the cost of U.S. encryption policy. The last two years have seen Americans moving their lives online in unprecedented numbers. A Presidential Commission has highlighted the vulnerability of our nation's critical information infrastructure. Together these developments have underscored the importance today of securing the Internet, and deploying strong encryption to do so.
Today many in the national security and law enforcement community have acknowledged the limitations of current U.S. policy. As Sam Nunn testified before the Senate last year, "[I]f the deadlock continues as it is today, building the trust required between the public and private sectors in the broad area of infrastructure protection will be even more difficult." [ 8 ] Nunn went on to note that "limiting the power of encryption over the long-haul is simply not going to be feasible. Senator Bob Kerrey, an early proponent of encryption controls, argued in an October 1998 speech that "the encryption debate has hobbled our efforts to write laws that enable our law enforcement and national security agencies to carry out their mission" and argued that it was time to "remove export restrictions on encryption products of any strength." [ 9 ]
The Department of Commerce has taken a step forward in its recently released encryption regulations, easing exports of 56-bit products and allowing export of strong encryption products to online merchants. However, U.S. policy remains focused on export controls and incentives to use key recovery. The mass market products needed by individual users remain controlled. The special relief for certain industry sectors, while surely welcome by those businesses, does little to change the encryption available to individual computer users or small organizations.
Taken together, these developments argue for a more comprehensive change to U.S. encryption policy, away from export controls and key recovery and towards a view where public safety is best protected by giving people the encryption tools they need to protect themselves on line. The past two years have also shown that such comprehensive reform will most likely only come with the involvement of Congress, as the interests in favor of current policy continue to dominate the Administration's approach to encryption.
U.S. Encryption Policy Continues to Deny Computer Users Essential Tools That Protect Their Privacy
Encryption protects privacy and prevents crime online. In early 1999, it is more clear than ever that the widespread use of encryption is of critical importance for public safety, national security, and law enforcement in the Information Age. The flow of sensitive information over the Internet leaves people increasingly vulnerable to the prying eyes of potential criminals, terrorists, or even foreign governments. Encryption gives people an easy and inexpensive way to protect that information. The need for encryption is becoming ever more acute as sensitive data is finding its way into electronic form:
If broad participation in electronic commerce and the information society is to become a reality, the adoption of encryption in most phases of electronic existence will be required.
Encryption is particularly important because of the inherent difficulties of securing the new digital media. The open, decentralized architecture that is the Internet’s greatest strength also makes it hard to secure. Internet communications often travel "in the clear" over many different computers in an unpredictable path, leaving them open for interception. An email message from Washington to Geneva might pass through New York one day or Nairobi the next -- leaving it susceptible to interception in any country where lax privacy standards leave it unprotected. Encryption provides one of the only ways for computer users to guarantee that their sensitive data remains secure regardless of what network -- or what country -- it might pass through.
Current U.S. policy prevents users from getting the encryption tools they need to protect security online. Today's export controls continue to limit the availability of strong encryption products both domestically and abroad. Such controls directly limit the availability of strong encryption products outside of the U.S., of particular concern to human rights groups and other organizations abroad. Export controls affect people in the U.S. when they communicate abroad, since they may be forced to use the lower levels of encryption available to parties worldwide. Most importantly, export controls have slowed the deployment of strong encryption standards. While some strong encryption products are available to consumers, export controls have largely slowed the seamless integration of good security systems into operating systems, network protocols, and many applications. Encryption should be easy for consumers; because of federal regulations, it is not.
The most recent December 1998 encryption regulations, while a welcome step forward by the Administration, do not change the fundamental premise of U.S. policy: export controls on all but the weakest encryption for mass market consumers, and strong incentives for the use of key recovery and plaintext access systems. The sector relief provided for foreign subsidiaries of U.S. companies, certain industries, and online merchants does little to provide regular consumers with strong encryption. Export controls remain a powerful incentive to adopt key recovery and plaintext access systems. The piecemeal relief offered by the regulations raises the question: When do regular people get to protect their privacy online?
Computer users remain at risk, awaiting the widespread deployment of encryption and facing increasing threats to their unprotected information.
Government-Driven "Key Recovery" and "Plaintext Access" is Not a Solution
The law enforcement community in general has variously endorsed "key escrow," "key recovery," and other forms of "plaintext access" as its favored approach to encryption policy. These variations on the failed "Clipper Chip" policy seek to guarantee third-party access to the keys for all encrypted communications and stored data without the notice or consent of the key owners. Such proposals have been greeted with much skepticism and concern from the global Internet community.
The attempt to institutionalize key recovery worldwide is a fundamental threat to privacy and security both domestically and abroad:
Despite these concerns, current encryption regulations continue to give many encryption producers a Hobbesian choice: accept key recovery or be forced to export lower strength encryption. Moreover, proposals backed by the FBI in the past have sought to further force U.S. encryption users to adopt key recovery through a number of coercive regulations, including outright domestic mandates. While we are encouraged that the Administration appears to have backed away from mandatory domestic controls, we are wary that it has not denounced this approach. And even the current U.S. encryption policy based on key recovery and export controls threatens to leave global Internet users without the technical means to secure their communications or the international legal standards needed to protect their privacy.
National security and law enforcement are best served by policies supporting the widespread use of strong, unescrowed encryption
The state of the emerging information society is making it increasingly clear that the law enforcement benefits of widespread encryption far outweigh the costs. The national security and law enforcement community has begun to recognize the limits of current U.S. policy. As Sam Nunn, Co-Chair of the Advisory Committee to the President’s Commission on Critical Infrastructure Protection, noted in 1998 Senate testimony, "I do think we are in a different era of technology now and I do not think the nostalgia for the old-fashioned wiretap by law enforcement is going to be realistic in this age we are in now. " [ 12 ]
The benefits of current U.S. policy to law enforcement are uncertain. U.S. policy will not stop sophisticated criminals from using encryption to evade law enforcement. Strong, non-escrowed encryption is already available both inside and outside of the United States today. Foreign governments and criminals have access to these powerful tools and will be able to encrypt data despite continued export controls or key recovery. Furthermore, nothing in the Administration policies prevents users from "super-encrypting" communications even within a key recovery framework.
The law enforcement problems with encryption are important but more limited than claimed. Law enforcement faces a real, but narrowly focused, problem with encryption. Most encrypted information will still be accessible to law enforcement by legal process even in an encrypted world. For example, businesses will be still be required to produce the plaintext of encrypted business records under proper legal process. Stored information, corporate and business information, and even a great deal of electronic communication will most likely be largely available to law enforcement through legal process similar to that available today.
Important challenges remain for law enforcement interceptions of communications or seizures of data without notice to the party under surveillance. This narrower problem must be put into the context of the benefits provided by encryption and the costs associated with key recovery systems. Moreover, the information economy presents new and powerful tools and opportunities for law enforcement. Online interaction leaves a detailed trail of electronic transactions, credit card purchases, online communications, and Web-based clickstream data presenting new traffic analysis opportunities. In fact, law enforcement is operating today in a Golden Age of surveillance, with online collections of personal data offering unprecedented new tools to obtain evidence of criminal activity and raising important privacy concerns that must be dealt with as well.
U.S. policy is creating a deficit of trust around important issues we could all be working on together. U.S. policy stands in the way of a growing urgent need for strong encryption products that people trust. CDT believes that current U.S. policy dangerously impedes the deployment of accessible, easy-to-use, global security systems for the Internet that are needed to protect our privacy and our critical infrastructure.
On balance, national security demands strong encryption. CDT agrees with the conclusion of the National Research Council's major study of encryption, which argued in its 1996 encryption study, "On balance, the advantages of more widespread use of cryptography outweigh the disadvantages." [ 13 ]
Conclusion
U.S. policy stands in the way of a growing urgent need for strong encryption products that people trust. The past two years have shown that people and businesses are moving more and more of their lives, economic activities, and sensitive data online. The federal government has identified the vulnerability of our nation's critical information infrastructure. Strong encryption, without built-in backdoors, is an essential part of protecting that sensitive data and critical infrastructure.
That is why the SAFE Act is so important. In the current policy standoff between eroding law enforcement arguments and the emerging and acute privacy and security needs of the Information Age, it is Congressional action that is needed. Only Congress is in the position today to change U.S. encryption policy and get Americans the privacy and security tools they need. The private sector cannot do it. The Administration will not do it. The courts may do it, but not without a protracted struggle. Congress must act. CDT believes that immediate liberalization of export controls in the SAFE Act will help provide Americans on the Internet with the strong security and privacy they so badly need.
About the Center for Democracy and Technology
CDT is an independent, non-profit public interest policy organization in Washington, D.C. The Center's mission is to develop and implement public policies to protect and advance individual liberty and democratic values in new digital communications media. The Center achieves its goals through policy development, public education, and coalition building. CDT also coordinates the Digital Privacy and Security Working Group (DPSWG), an ad hoc coalition of more than 50 computer, communications, and public interest organizations and associations working on communications privacy issues. Members of DPSWG assisted in the drafting of the Electronic Communications Privacy Act in 1986 and since have been involved in ongoing policy work regarding privacy and security online.
House Rule XI, clause 2(g)(4) disclosures: Neither Alan Davidson nor the Center for Democracy and Technology have received any federal grant, contract or subcontract in the current or preceding two fiscal years.
Alan B. Davidson, Staff Counsel<abd@cdt.org>
James X. Dempsey, Senior Staff Counsel<jdempsey@cdt.org>
Center for Democracy and Technologyhttp://www.cdt.org/
202.637.9800 (v)
202.637.0968 (f)
1 .Security and Freedom Through Encryption (SAFE) Act: Hearing on H.R. 695 Before the Subcomm. on Courts and Intellectual Property of the House Comm. on the Judiciary, 105th Cong., 2nd Sess, No. 9 (1997) (Statement of Robert S. Litt, Deputy Assistant Attorney General, Department of Justice).
2. See ELECTRONIC FRONTIER FOUNDATION, CRACKING DES (1998).
3. "With regard to use of single DES, exhaustion of the DES (i.e. breaking a DES encryption ciphertext by trying all possible keys) has become increasingly more feasible with technology advances. Following a recent hardware based DES key exhaustion attack, NIST can no longer support the use of single DES for many applications." 64 FED. REG. 10, 2625-2628 (1999) (proposed January 15, 1999).
4."[W]e believe that key recovery encryption is going to become the worldwide standard." Security and Freedom Through Encryption (SAFE) Act: Hearing on H.R. 695 Before the Subcomm. on Courts and Intellectual Property of the House Comm. on the Judiciary, 105th Cong., 2nd Sess, No. 9 (1997) (Statement of Robert S. Litt, Deputy Assistant Attorney General, Department of Justice).
5. AN AD-HOC GROUP CRYPTOGRAPHERS AND COMPUTER SCIENTISTS, THE RISKS OF KEY RECOVERY, KEY ESCROW, & TRUSTED THIRD PARTY ENCRYPTION (1997). (Updated 1998 report available at http://www.cdt.org/crypto/risks98/.)
6. Cost may play a role. A recent study by the Business Software Alliance estimated the cost of key escrow systems at $7.7 billion per year and $38.5 billion over a five year period. BUSINESS SOFTWARE ALLLIANCE, THE COST OF GOVERNMENT-DRIVEN KEY ESCROW ENCRYPTION (1998).
7.Security and Freedom Through Encryption (SAFE) Act: Hearing on H.R. 695 Before the Subcomm. on Courts and Intellectual Property of the House Comm. on the Judiciary, 105th Cong., 2nd Sess, No. 9 (1997) (Statement of Robert S. Litt, Deputy Assistant Attorney General, Department of Justice).
8. Hearing before the Subcommittee on Technology, Terrorism, and Government Information of the Senate Committee on the Judiciary, 105th Cong., 2nd Sess, (March 17. 1998) (Statement of Sam Nunn, Co-Chair, Advisory Committee to the President's Commission on Critical Infrastructure Protection).
9. 144 CONG.REC. S12359 (1998).
10. AN AD-HOC GROUP CRYPTOGRAPHERS AND COMPUTER SCIENTISTS, THE RISKS OF KEY RECOVERY, KEY ESCROW, & TRUSTED THIRD PARTY ENCRYPTION (1997). (Updated 1998 report available at http://www.cdt.org/crypto/risks98/.)
11. American Association for the Advancement of Science, Comments on Bureau of Export Administration Interim Rule on Encryption Controls (Feb. 7, 1997).
12. Hearing before the Subcommittee on Technology, Terrorism, and Government Information of the Senate Committee on the Judiciary, 105th Cong., 2nd Sess, (March 17. 1998) (Statement of Sam Nunn, Co-Chair, Advisory Committee to the President's Commission on Critical Infrastructure Protection).
13. NATIONAL RESEARCH COUNCIL, CRYPTOGRAPHY'S ROLE IN SECURING THE INFORMATION SOCIETY (1996).
And see CDT's Encryption Policy Resource Page on the World Wide Web: http://www.cdt.org/crypto
|
The Center For Democracy & Technology 1634 Eye Street NW, Suite 1100 Washington, DC 20006 (v) 202.637.9800 (f) 202.637.0968 Contact CDT Copyright © 2005 by Center for Democracy and Technology. |