[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

(fwd) May 4 House Hearing on Clipper, Raymond Kammer testimony




Forwarded message:

> 
> Newsgroups: talk.politics.crypto
> From: [email protected] (David Koontz )
> Subject: May 4 House Hearing on Clipper, Raymond Kammer testimony
> Message-ID: <[email protected]>
> Originator: koontzd@io
> Sender: [email protected]
> Organization: Loral Rolm Computer Systems
> Date: Thu, 5 May 1994 01:04:35 GMT
> Lines: 667
> 
>                                Statement of
>                              Raymond G. Kammer
>            Deputy Director, National Institute of Standards and
> Technology
>                                 Before the
> 
>                         Committee on the Judiciary
>                                U.S. Senate 
> 
>                                     and
> 
>                          House of Representatives
>                  Committee on Science, Space & Technology
>            Subcommittee on Technology, Environment and Aviation
> 
>                                 May 3, 1994
> 
> 
> Introduction
> 
> Good morning.  My name is Raymond G. Kammer, Deputy Director of
> the Commerce Department's National Institute of Standards and
> Technology (NIST).  Thank you for inviting me here today to
> testify on the Administration's key escrow encryption initiative. 
> The Computer Security Act of 1987 assigns NIST responsibility for
> the development of standards for protecting unclassified
> government computer systems, except those commonly known as
> "Warner Amendment systems" (as defined in Title 10 U.S.C. 2315).
> 
> In response to the topics in which the Committee expressed an
> interest, I would like to focus my remarks on the following:
> 
>      1)   the principal encryption policy issue confronting us, 
> 
>      2)   the importance of encryption technology, 
> 
>      3)   how voluntary key escrow encryption technically works
>           and how it ensures privacy and confidentiality,
> 
>      4)   alternatives to the voluntary key escrow initiative,
> 
>      5)   critical components of the Administration's policy on
>           encryption technology, 
> 
>      6)   recent initiative to modify Secure Hash Standard, and
> 
>      7)   the effectiveness of the Computer Security Act of 1987.
> 
> 1.  The Principal Encryption Policy Issue
> 
> First, I would like to broadly outline an important public policy
> and societal issue confronting us today regarding unclassified
> government and commercial cryptography.  In developing
> cryptographic standards, one can not avoid two often competing
> interests.  On the one hand are the needs of users -- corporate,
> government, and individual -- in protecting telecommunications
> transmissions of sensitive information.  Cryptography can be used
> for excellent information protection.  On the other hand are the
> interests of the national security and law enforcement
> communities in being able to monitor electronic communications. 
> In particular, I am focusing upon their need for continued
> ability to keep our society safe from crime and our nation
> secure. 
> 
> Rapid advances in digital telecommunications have brought this
> issue to a head.  Some experts have stated that, within ten
> years, most digital telecommunications will be encrypted.  Unless
> we address this issue expeditiously, law enforcement will lose an
> important tool in fighting crime--the ability to wiretap--and the
> mission of our Intelligence Community will be made more
> difficult.  The Committee is undoubtedly aware of the benefits
> such intelligence brings to the nation.  This matter raises broad
> societal issues of significant importance.  I have personally
> been involved in many meetings of a philosophical and wide-
> ranging nature to discuss this dilemma. 
> 
>       Four broad conceptual alternatives emerged:   
>      
>          Seek a legislative mandate criminalizing the use of
>           unauthorized cryptography. 
> 
>          Seek wide adoption of an encryption method with an
>           unannounced "trap door."  This was never seriously
>           considered.  
> 
>          Seek wide voluntary adoption of a technology
>           incorporating a secure "key escrow" scheme.
> 
>          Allow technology to evolve without government
>           intervention; in effect, do nothing.  
> 
> None of these options satisfies all interested parties fully.  I
> doubt such a solution even exists, but the Administration has
> chosen the voluntary key escrow technology approach as the most
> desirable alternative for protecting voice communications without
> impairing the ability of law enforcement agencies to continue to
> conduct wiretaps.   For data communication the long-standing Data
> Encryption Standard has recently been recertified for use.  
> 
> It is interesting to note that other countries have faced this
> same issue and chosen different solutions.  France, for example,
> outlaws the use of unregistered cryptographic devices within its
> borders.  
> 
> 2. The Importance of Encryption Technology
> 
> Encryption provides one of the best ways to guarantee information
> integrity and obtain cost-effective information confidentiality. 
> Encryption transforms intelligible information into an
> unintelligible form.  This is accomplished by using a
> mathematical algorithm and a "key" (or keys) to manipulate the
> data in a complex manner.  The resulting enciphered data can then
> be transmitted without fear of disclosure, provided, of course,
> that the implementation is secure and the mathematical-based
> algorithm is sound.  The original information can then be
> understood through a decryption process.  As I shall discuss,
> knowledge of the particular key utilized for a particular
> encryption of information (or, in the case of asymmetric
> cryptography, knowledge of the associated key of the key pair)
> allows decryption of the information.  For this reason, such keys
> are highly protected.
> 
> Uses of Cryptography 
> 
> Encryption can be used in many applications for assuring
> integrity and confidentiality, or both.  It can be used to
> protect the integrity and/or confidentiality of phone calls,
> computer files, electronic mail, electronic medical records, tax
> records, corporate proprietary data, credit records, fax
> transmissions and many other types of electronic information.  It
> is expected that cryptographic technologies will be used on a
> voluntary basis in the protection of information and services
> provided via the National Information Infrastructure.  
> 
> Encryption used with these and other types of information
> protects the individual privacy of our citizens including, for
> example, their records and transactions with government agencies
> and financial institutions.  Private sector organizations can
> also benefit from encryption by securing their product
> development and marketing plans, for example.  It also can
> protect against industrial espionage by making computers more
> secure against unauthorized break-ins and, if data is encrypted,
> making it useless for those without the necessary key.  
> 
> The government has long used cryptography for the protection of
> its information -- from that involving highly classified defense
> and foreign relations activities to unclassified records, such as
> those protected under the Privacy Act.  My point here is not to
> list all potential applications and benefits but to give you a
> feel for the innumerable applications and benefits which
> encryption, when securely implemented, can provide.  
> 
> Hazards of Cryptography
> 
> Counterbalanced against its benefits, encryption also can present
> many substantial drawbacks -- to both the government and other
> users.  First and foremost, encryption can frustrate legally
> authorized criminal investigations by the federal, state, and
> local law enforcement agencies.  As their representatives can
> better explain, lawful electronic surveillance has proven to be
> of the utmost benefit in both investigating and prosecuting
> serious criminal activity, including violent crime. 
> Cryptographic technologies can also seriously harm our national
> security and intelligence capabilities.  As I shall discuss, the
> Administration recognizes that the consequences of wide-spread,
> high quality encryption upon law enforcement and national
> security are considerable.
> 
> Encryption may also prove a potential hazard to other users, such
> as private sector firms, particularly as we move into the
> Information Age.  Private firms, too, are concerned about the
> misuses of cryptography by their employees.  For example, a rogue
> employee may encrypt files and offer the "key" for ransom.  This
> is often referred to as the "data hostage" issue.  Keys can also
> be lost or forgotten, resulting in the unavailability of data. 
> Additionally, users of encryption may gain a false sense of
> security by using poorly designed or implemented encryption.  To
> protect against such hazards, some corporations have expressed
> interest in a "corporate" key escrowing capability to minimize
> harm to their organizations from internal misuse of cryptography. 
>  As security experts point out, such a false sense of security
> can be worse than if no security measures were taken at all. 
> Encryption is not a "cure-all" to all security problems.
> 
> Let me now turn to the details of the Administration's key escrow
> encryption initiative.  
> 
> 3.  Voluntary Key Escrow Encryption Initiative
> 
> Goals of the Voluntary Key Escrow Encryption Initiative 
> 
> I will begin my remarks about the government-developed key escrow
> encryption chips (referred to as "chips" herein) by discussing
> the goals that we were trying to achieve in developing this
> technology for application to voice-grade communication. 
> 
> At the outset, we sought to develop a technology which provides
> very strong protection for government information requiring
> confidentiality protection.  Much of the sensitive information
> which the government holds, processes, and transmits is personal
> and requires strong protection.  Tax records and census data are
> two such examples.  We sought nothing less than excellent
> protection for government communications.  In order to allow
> agencies to easily take advantage of this technology, its
> voluntary use (in Federal Information Processing Standards (FIPS)
> 185) to protect telephone communications has been approved by the
> Secretary of Commerce. 
> 
> The chips implementing FIPS 185 efficiently support applications
> within the its scope.  They far exceed the speed requirements of
> commercial modems existing today or envisioned for the near
> future.  
> 
> In addition to the need for strong information protection, the
> increasingly digitized nature of advanced telecommunications is
> expected to significantly hamper the ability of domestic law
> enforcement to carry out lawfully authorized wiretapping.  Their
> problem has two dimensions.  
> 
> First, the design and complexity of the nation's
> telecommunications networks makes locating those communications
> which can be lawfully tapped very difficult.  This is the digital
> telephony issue, which my law enforcement colleague will discuss
> today.
> 
> Second, the proliferation of encryption is expected to make law
> enforcement's tasks more difficult.  If a telephone conversation
> is encrypted, resources must be expended for decryption, where
> feasible.  Such expenditures and technical capabilities are
> normally far outside the ability of local law enforcement
> organizations and could be quite significant at the federal
> level.  In seeking to make available a strong encryption
> technology, we have sought to take in to account the needs of the
> law enforcement community.  For example, one of the reasons that
> the SKIPJACK algorithm, the formula on which the key escrow chip
> is based, is being kept classified is that its release would make
> their job much harder were it to be used to hide criminal
> activity.  
> 
> Misconceptions Concerning the Purpose of the Voluntary Key Escrow
> Encryption Initiative
> 
> A number of those opposed to this Administration initiative have
> expressed doubt about whether the key escrow encryption
> initiative can do anything to solve this nation's crime problem. 
> Of course, this initiative cannot by itself do so.  The basic
> intent of the program is the provision of sound security, without
> adversely affecting other government interests, including, when
> necessary, the protection of society through lawfully authorized
> electronic surveillance.
> 
> The voluntary key escrow encryption initiative, first and
> foremost, was devised to provide solid, first-rate cryptographic
> security for the protection of information held by the government
> when government agencies decide such protection is needed for
> unclassified government communications -- for example, tax,
> social security and proprietary information.  (The Escrowed
> Encryption Standard (FIPS 185) allows federal agencies to use
> this technology for protection of telephone communications.) 
> This was done, in part, with the realization that the current
> government cryptographic technique, the Data Encryption Standard
> (which was recently re-approved) is over fifteen years old; while
> DES is still sound, its usefulness will not continue
> indefinitely.  We also recognized that were we to disclose an
> even stronger algorithm (with the government's "seal of
> approval"), it could be misused to hamper lawful investigations,
> particularly electronic surveillance.  
> 
> In approving this initiative, we felt it important that
> protective measures be taken to prevent its misuse -- a safety
> catch, if you will.  This will help assure that this powerful
> technology is not misused if adopted and used voluntarily by
> others.  Our method of providing this safety mechanism relies
> upon escrowing cryptographic key components so that, if the
> technology is misused, lawful investigations will not be
> thwarted.  Additionally, the algorithm (SKIPJACK) will remain
> classified so that its only uses will be consistent with our
> safety mechanism, key escrowing.  I think it is fair to say that
> use of this powerful algorithm without key escrowing could pose a
> serious threat to our public safety and our national security.  
> 
> Key Escrow Encryption Technology
> 
> The National Security Agency, in consultation with NIST and the
> federal law enforcement community, undertook to apply voluntary
> key escrow encryption technology to voice-grade communications.
> The product of this effort was announced in the April 16, 1993
> White House release concerning the key escrow encryption chip.  I
> note that we have chosen to discontinue use of the term "Clipper
> Chip" to avoid potential confusion with products and services
> with similar names. 
> 
> The state-of-the-art microcircuit, the key escrow encryption
> chip, can be used in new, relatively inexpensive encryption
> devices that can be attached to an ordinary telephone.  It
> scrambles telephone communications using an encryption algorithm
> more powerful than many in commercial use today.  The SKIPJACK
> algorithm, with an 80-bit long cryptographic key,is approximately
> 16 million times stronger than DES.  For the record, I will
> restate my earlier public statements that there is no trapdoor in
> the algorithm.  
> 
> Each key escrow encryption chip has two basic functions. The
> first is an encryption function, which is accomplished by the
> SKIPJACK algorithm, developed and rigorously tested by NSA.  The
> second function is a law enforcement access method.  I will
> discuss each briefly. 
> 
> The SKIPJACK algorithm is a symmetric algorithm (as opposed to
> "public-key" algorithms).  Basically, this means that the same
> cryptographic key (the session key) is used for both encryption
> and decryption.  The algorithm is so strong that the Department
> of Defense will evaluate it for use in protecting selected
> classified applications.  
> 
> The second basic function of the chip is the provision for law
> enforcement access under lawful authorization.  To do so, each
> chip is programmed with three values:  a cryptographic family
> key, a device unique key, and a serial number.  (The device
> unique key is split into two key components which are then
> encrypted and are provided to the two current escrow agents, NIST
> and the Automated Systems Division of the Department of the
> Treasury, for secure storage.)  These three values are used in
> conjunction with the session key (which itself encrypts the
> message) in the creation of the law enforcement access field. 
> When law enforcement has obtained lawful authorization for
> electronic surveillance, the serial number can be obtained
> electronically.  Law enforcement can then take the serial number
> and a certification of their legal authorization to the two
> escrow agents.  (Detailed procedures for the release of these key
> components were issued by the Department of Justice in early
> February.)  After these certifications are received, the
> encrypted components will be transmitted by escrow agent
> officials for combination in the decrypt-processor.   
> 
> After decryption of the key components within the decrypt
> processor, the two key components are then mathematically
> combined, yielding the device unique key.  This key is used to
> obtain another key, the session key, which is used to decrypt and
> understand the message.  This device unique key may be used by
> law enforcement only for the decryption of communications
> obtained during the applicable period of time of the lawful
> electronic surveillance authorization.  It can also only be used
> to decrypt communications transmitted or received by the device
> in question.
> 
> Security and Privacy Using Key Escrow Encryption
> 
> When the Administration announced the voluntary key escrow
> encryption initiative, we anticipated that questions would be
> raised about the strength and integrity of the SKIPJACK
> algorithm, which is at the heart of the system.  We assured the
> public that we knew of no weakness in the algorithm and that
> there was not an undisclosed point of entry, commonly referred to
> as a trapdoor.  The algorithm was designed by cryptographic
> experts at the National Security Agency and withstood a rigorous
> testing and analysis process.    
> 
> As a further way to indicate the fundamental strength of
> SKIPJACK, we invited a group of independent experts in
> cryptography to review the algorithm, under appropriate security
> conditions, and make their results publicly known, again,
> consistent with the classified nature of the algorithm.  This
> group consisted of Ernest Brickell (Sandia National
> Laboratories), Dorothy Denning (Georgetown University), Stephen
> Kent (BBN Communications Corp.), David Maher (AT&T) and Walter
> Tuchman (Amperif Corp.).  These experts reported that:  
> 
>          Under an assumption that the cost of processing power
>           is halved every eighteen months, it will be 36 years
>           before the cost of breaking SKIPJACK by exhaustive
>           search will be equal to the cost of breaking DES today;
>           
> 
>           and 
> 
>          There is no significant risk that SKIPJACK can be
>           broken through a shortcut method of attack. 
> 
> Let me also repeat the reasons why the algorithm must remain
> classified.  First, we believe it would be irresponsible to
> publish the technical details.  This would be tantamount to
> handing over this strong algorithm to those who may use it to
> hide criminal activity.  Publishing the algorithm may also reveal
> some of the classified design techniques that NSA uses to design
> military-strength technology.  It would also allow devices to be
> built without the key escrowing feature, again allowing criminals
> to take advantage of the strength of this very powerful
> technology without any safeguard for society.
> 
> With regard to privacy, key escrow encryption can, of course, be
> used to protect personal information contained in telephone
> communications.  Moreover, the voluntary key escrow encryption
> initiative does not expand the government's authority for the
> conduct of electronic surveillance, as my colleague from the
> Federal Bureau of Investigation will discuss.  It is important to
> understand that the escrow agents will not track the devices by
> individual owners; they will simply maintain a database of chip
> ID numbers and associated chip unique key components (which
> themselves are encrypted).  
> 
> 
> 4.  Alternatives to the Voluntary Key Escrow Initiative
> 
> In reaction to industry's concerns about our hardware-only
> implementation of key escrow encryption, we announced an
> opportunity for industry to work with us on developing secure
> software-based key escrow encryption.  Unfortunately, initial
> industry interest was minimal; our offer, however, remains open. 
> We are also willing to work on hardware alternatives to key
> escrowing as we emphasized in our recent announcements. 
> 
> The Administration has been seeking to meet with members of the
> computer, software, and telecommunications industries to discuss
> the importance of this matter.  We are open to other approaches.  
> 
> 
> 5.  Key Government Policies on Unclassified/Commercial Encryption
> 
> Encryption is an important tool to protect privacy and
> confidentiality.
> 
> As I discussed earlier, encryption is powerful technology that
> can protect the confidentiality of data and the privacy of
> individuals.  The government will continue to rely on this
> technology to protect its secrets as well as the personal and
> proprietary data it maintains.  Use of encryption by federal
> agencies is encouraged when it cost-effectively meets their
> security requirements.  
> 
> No legislation restricting domestic use of cryptography.
> 
> Early in the policy review process, we stated that the
> Administration would not be seeking legislation to restrict the
> use, manufacture, or sale of encryption products in the U.S. 
> This was a fear that was expressed in the public comments we
> received, and one that continues, despite our repeated assertions
> to the contrary.  Let me be clear - this Administration does not
> seek legislation to prohibit or in any way restrict the domestic
> use of cryptography.  
> 
> Export Controls on encryption are necessary but administrative
> procedures can be streamlined.
> 
> Encryption use worldwide affects our national security.  While
> this matter cannot be discussed in detail publicly without harm
> to this nation's intelligence sources and methods, I can point to
> the Vice President's public statement that encryption has "huge
> strategic value."  The Vice President's description of the
> critical importance of encryption is important to bear in mind as
> we discuss these issues today.  
> 
> In recent months, the Administration has dramatically relaxed
> export controls on computer and telecommunications equipment. 
> However, we have retained export controls on encryption
> technology, in both hardware and software.  These controls
> strongly promote our national security.  These export controls
> include mass market software implementing the Data Encryption
> Standard.  The Administration determined, however, that there are
> a number of reforms the government can implement to reduce the
> burden of these controls on U.S. industry.  
> 
> These reforms are part of the Administration's goal to eliminate
> unnecessary controls and ensure efficient implementation of those
> controls that must remain.  For example, fewer licenses will be
> required by exporters since manufacturers will be able to ship
> their approved products from the U.S. directly to customers
> within approved regions without obtaining individual licenses for
> each end user.  Additionally, the State Department has set a
> license review turnaround goal of two working days for most
> applications.  Moreover, the State Department will no longer
> require that U.S. citizens obtain an export license prior to
> taking encryption products out of the U.S. temporarily for their
> own personal use.  Lastly, after a one-time initial technical
> review, key escrow encryption products may now be exported to
> most end users.  These reforms should help to minimize the effect
> of export controls on U.S. industry.
> 
> The Government requires a mechanism to deal with continuing
> encryption policy issues.
> 
> In recognition of this, the Interagency Working Group on
> Encryption and Telecommunications was formed in recognition of
> the possibility that the economic significance of our current
> encryption policy could change.  The Working Group has been
> assigned to monitor changes in the balance that the President has
> struck with these policy decisions and to recommend changes in
> policy as circumstances warrant.  The Working Group will work
> with industry on technologies like the key escrow encryption chip
> and in the development and evaluation of possible alternatives to
> the chip.
> 
> The group is co-chaired by the White House Office of Science and
> Technology Policy and the National Security Council.  It includes
> representatives from all departments and agencies which
> participated in the policy review and others as appropriate, and
> keeps the Information Policy Committee of the Information
> Infrastructure Task Force apprised of its activities.  
> 
> Flexibility on Encryption Approaches. 
> 
> >From the time of the initial White House announcement of this
> technology, we have stated that this key escrow encryption
> technology provides 1) exceptionally strong protection and 2) a
> feature to protect society against those that would seek to
> misuse it.  I have personally expressed our flexibility in
> seeking solutions to these difficult issues.  We have offered to
> work with industry in developing alternative software and
> hardware approaches to key escrowing.  We actively seek
> additional solutions to these difficult problems.  
> 
> We also stand willing to assist the Congressionally-directed
> study of these issues by the National Research Council.
> 
> Use of EES is voluntary and limited to telephone systems.
> 
> The Escrowed Encryption Standard, which was approved on February
> 3, 1994, is a voluntary standard for use both within and outside
> of the federal government.  It is applicable for protecting
> telephone communications, including voice, fax and modem.  No
> decisions have been made about applying key escrow encryption
> technology to computer-to-computer communications (e.g., e-mail)
> for the federal government. 
> 
> Government standards should not harm law enforcement/national
> security
> 
> This is fairly straightforward, but can be difficult to achieve. 
> In setting standards, the interests of all the components of the
> government should be taken into account.  In the case of
> encryption, this means not only the user community, but also the
> law enforcement and national security communities, particularly
> since standards setting activities can have long-term impacts 
> (which, unfortunately, can sometimes be hard to forecast).
> 
> 6. Secure Hash Standard
> 
> As the Committee may be aware, NIST has recently initiated the
> process to issue a technical modification to Federal Information
> Processing Standard 180, the Secure Hash Standard.  The Secure
> Hash Standard uses a cryptographic-type algorithm to produce a
> short hash value (also known as a "representation" or "message
> digest") of a longer message or file.  This hash value is
> calculated such that any change to the file or message being
> hashed, will, to a very high degree of probability, change the
> hash value.  This standard can be used alone to protect the
> integrity of data files against inadvertent modification.  When
> used in conjunction with a digital signature, it can be used to
> detect any unauthorized modification to data.  
> 
> Our intent to modify the standard was announced by NIST after the
> National Security Agency informed me that their mathematicians
> had discovered a previously unknown weakness in the algorithm. 
> This meant that the standard, while still very strong, was not as
> robust as we had originally intended.  This correction will
> return the standard to its intended level of strength.  
> 
> I think this announcement illustrates two useful issues with
> regard to cryptographic-based standards.  First, developing sound
> cryptographic technology is very difficult.  This is also seen
> with commercial algorithms, including those used for hashing and
> encryption.  Secondly, this incident demonstrates the commitment
> of NIST, with NSA's technical assistance, to promulgating sound
> security standards.  In this case, a weakness was found, and is
> being quickly corrected.
> 
> 
> 
> 7.  Effectiveness of the Computer Security Act of 1987
> 
> Lastly, as requested in your invitation to appear here today, let
> me briefly address the effectiveness of the Computer Security Act
> of 1987 (P.L. 100-235).  I will first briefly  comment on what we
> learned about the state of computer security in the federal
> government during our agency visit process and then turn to
> cryptographic-specific issues.  
> As part of our efforts to increase awareness of the need for
> computer security, during 1991-1992, officials from OMB, NIST and
> NSA visited 28 federal departments and agencies.  Each visit was
> designed to increase senior managers' awareness of security
> issues and to motivate them to improve security.  I believe that
> what we learned during those visits remains valid -- and
> indicates that we still need to focus on basic computer security
> issues in the government.  
> 
> Specifically, OMB, NIST and NSA proposed the following steps to
> improve security:
> 
>          Focus management attention on computer security.
>          Improve planning for security.
>          Update security awareness and training programs. 
>          Improve contingency planning and incident response
> capabilities.
>          Improve communication of useful security techniques.
>          Assess security vulnerabilities in emerging information
>           technologies.
> 
> Actions are being taken by NIST and other agencies to address
> each of these areas.  The background and discussion of the need
> for these measures is discussed in the summary report prepared by
> OMB on "Observations of Agency Computer Security Practices and
> Implementation of OMB Bulletin No. 90-08" (February 1993).  In
> short, the Computer Security Act provides an appropriate
> framework for agencies to continue improving the security of
> their automated systems -- but much work remains to be done, by
> NIST and individual federal agencies.  
> 
> One of the questions that the Committee was interested in was
> whether there is a need to modify this legislation in response to
> the same advancements in technology that led to the key escrow
> initiative and digital telephony proposal.  First, I would
> observe that the Act, as a broad framework, is not tied to a
> specific technology.  I think it would be unworkable if the Act
> were to address specific computer technologies, since this is a
> rapidly evolving field.  Also, I would note that the Act does not
> address digital telephony concerns -- the Administration is
> proposing separate legislation in that area.  In short, no
> modifications to the Act are necessary because of technology
> advances.  
> 
> Before leaving the subject of the Computer Security Act, however,
> let me briefly comment on the Escrowed Encryption Standard.  I
> strongly believe that NIST and NSA have complied with the spirit
> and intent of the Act.  At the same time, this issue underscores
> the complex issues which arise in the course of developing
> computer security standards, particularly cryptographic-based
> standards for unclassified systems.  
> 
> The Act, as you are aware, authorizes NIST to draw upon computer
> security guidelines developed by NSA to the extent that NIST
> determines they are consistent with the requirements for
> protecting sensitive information in federal computer systems.  In
> the area of cryptography, we believe that federal agencies have
> valid requirements for access to strong encryption (and other
> cryptographic-related standards) for the protection of their
> information.  We were also aware of other requirements of the law
> enforcement and national security community.  Since NSA is
> considered to have the world's foremost cryptographic
> capabilities, it only makes sense (from both a technological and
> economic point of view) to draw upon their guidelines and skills
> as useful inputs to the development of standards.  The use of
> NSA-designed and -tested algorithms is fully consistent with the
> Act.  We also work jointly with NSA in many other areas,
> including the development of criteria for the security evaluation
> of computer systems.  They have had more experience than anyone
> else in such evaluations.  As in the case of cryptography, this
> is an area in which NIST can benefit from NSA's expertise.  
> 
> Summary 
> 
> Key escrow encryption can help protect proprietary information,
> protect the privacy of personal phone conversations and prevent
> unauthorized release of data transmitted telephonically.  Key
> escrow encryption is available as a valuable tool for protecting
> federal agencies' critical information communicated by telephone. 
> At the same time, this technology preserves the ability of
> federal, state and local law enforcement agencies to intercept
> lawfully the phone conversations of criminals.
> 
> Encryption technology will play an increasingly important
> security role in future computer applications. Its use for
> security must be balanced with the need to protect all Americans 
> from those who break the law. 
> 
> Thank you, Mr. Chairman.  I would be pleased to answer your
> questions.   
> 
>