[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
NRC crypto breifing
"Did the NRC discuss the State Department's GROSS FAILURE to
prosecute Phil Zimmermann? (PGP) is military strength, and it's
out there!" -- Audience member at NRC crypto briefing
Dr. Herb Lin <[email protected]> of the National Research Council's
Computer Science and Tecommunications Board gave a briefing this afternoon
to address the Council's recent report, Cryptography's Role in Securing
the Information Society. The briefing was sponsored by the Georgia
Institute of Technology in Atlanta.
One of the most striking aspects of the briefing was the diversity
of perspectives on the issue. Most of our discussions on cryptography have
been with people in the cypherpunk community; this was the first time we
had ever come face to face with people on the other side of the fence. It
is quite obvious that there is much emotional intensity here and we do not
feel that this issue is going to go away soon. However, the NRC seems to
be a voice of reason.
We are faced a policy problem: the developing information society is
vulnerable to security threats. Cryptography can be a powerful tool to
thwart these threats, but it is also a dangerous weapon in the hands
of criminals.
As a result of concentration on the above issues, the cryptography
debate has often been framed as a conflict between privacy rights and law
enforcement. The NRC feels that the current policy on cryptography
discourages its use by the private sector. Lin states that cryptography is a
very valuable tool for crime prevention and thus benefits Law Enforcement.
Policy makers should promote cryptography because it can help legitimate
businesses better secure themselves against would-be attackers. However,
cryptography also assists criminals in circumventing surveillance. So there
are both positive and negative impacts for Law Enforcement, but Dr. Lin
notes an important statement made in the NRC report:
"The benefits of the widespread use of cryptography
far outweigh the risks."
Dr. Lin and the NRC believe that there will be an explosion of
interest in computer security in the coming years, and that government
should provide guidance and technical input, both to industry and law
enforcement. The upcoming debate can (and should) be carried out on an
unclassified basis. He said that open standards should be promoted in an
effort to reach consensus between government and industry interests.
Interested parties should be encouraged to study and understand the
algorithms employed by their cryptosystems so that market forces may drive
crypto policy to that which best fulfills the needs of US industry. NRC
promotes the growth and leadership in the private sector and encourages
all organizations to invest in information security. In addition, the NRC
supports the use of link-level encryption in public networks, especially
the cellular network. In this mode, LEOs can still access plaintext, but
it is much more difficult for unauthorized listeners to get it. It should
be noted that Cryptography is just one part of a comprehensive information
security program. While it is useful to prevent eavesdropping, provide user
authentication, and ensure data integrity, it is not particularly
effective in overcoming the problems of insecure operating systems,
and corruptible employees.
One of the more controversial points in the report is the recommendation
for domestic cryptography policy. The NRC recommends that no
restrictions be placed on the use of domestic cryptography, and that the
market should be allowed to choose the best systems. This was met with
incredulty by many members of the audience, particularly those
representing the government. They seemed to feel that "the people"
should not be allowed to make this decision and that many important
aspects of cryptography policy are not necessarily reflected in market
interests. While NRC recognizes Law Enforcement's growing problem in
adapting to new technologies, Dr. Lin said that the FBI could provide
not one example of a class three wiretap that had been thwarted by means
of encryption. Access to encrypted files seemed to be a bigger issue for
LEOs. This takes us naturally to the topic of key escrow.
NRC cautions that key escrow is an unproven technology. Of
particular concern is the integrity of escrow agents: how it is to be
evaluated, and what level of integrity is sufficient in any particular
instance? Who is liable if keys are incorrectly disclosed? What are the
liability issues if the key escrow system fails to provide LEOs with
access? There just isn't enough information at this time to make these
judgments. Many audience members commented that the administration had
rushed into key escrow without forethought or open discourse. The NRC
discourages the hurried passage of new legislation without clear, thorough
discussion of the issues involved by those who will be most directly
affected by the law. Furthermore, any government supported cryptography
system must provide additional value to the end users. The Clipper system
does not do this. Dr. Lin mentioned that data recovery might be of
significant value to most users. If encryption systems are too strong then
users will have a bigger problem with lost keys than they ever had with
stolen intellectual property. The NRC recommends that the US government
act as a test market for key recovery rather than pushing it out to the
public before it is fully developed.
The NRC also recommends that Congress consider criminalizing the
criminal use of cryptography. This issue has already been discussed at
length in academic fora, and the general consensus is that this concept is
much easier said than done. We feel that such a policy is not likely to be
a serious deterrent unless the additional penalty outweighs the benefits of
secure crypto. It is also worth noting that if crypto is the default in
system people shouldn't be charged with additional crimes for not turning
it off.
As for export issues, the NRC recommends that the government allow
export of 56-bit DES without special approval, effective immediately. The
recommendation also suggested that the allowable key length should be
increased over time in order to keep up with improvements in cryptanalysis
and computing power. They feel that export controls should be lessened but
not fully removed. Law Enforcement needs time to develop the skills and
technology necessary to deal with new situations.
We would take issue with the NRC's assertion that 56 bit DES is
"good enough for most commercial applications," and that algorithms be
designed to preclude multiple encryption. It certainly depends on the threat
model involved. DES would be an improvement over plaintext networks, but it
is certainly not strong enough to defend against industrial espionage
efforts. We feel that strong cryptography should be exportable now to
defend against such attacks. We feel that legitimate law enforcement
interests can get access to the information they require in most cases
without even having to employ cryptanalysis, especially if systems are
secured at the link level as the NRC recommends. We would also point to
the reality that wiretapping is not often used by Law Enforcement, and we
don't feel that they have justified any increase in it's use.
The NRC briefing was very helpful in understanding the meaning of the
report and highlighted many important issues. NRC will have a number of
briefings in major cities all over the US, in hopes that this will spark
more debate over these issues. Attendance at this briefing was much
smaller than we had expected. We would encourage anyone who is
interested in cryptography to attend a future briefing. It is a very good
opportunity to hear and meet people on all sides of this issue. We would
also encourage the cyber-rights crowd to seriously consider the NRC's
recommendations. It seems to be a realistic look at these issues, and
there is plenty of room here to defend fundamental civil liberties.
Tom Cross and Jeremy Mineweaser
Electronic Frontiers Georgia