[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
WaPo on Crypto-Genie Terrorism
The Washington Post, July 27, 1996, p. A22.
Speaking in Code on the Internet ... [Editorial]
The decibel level has been rising in the argument over how
much control the federal government should have over the
export of encryption technology. The Senate Commerce
Committee held hearings Thursday on a proposal dubbed
Pro-CODE (Promotion of Commerce On-line in the Digital Era)
that would lift current restrictions on exporting
encryption software above a certain level of complexity.
The move is opposed strongly by law enforcement and
national security authorities, who fear the consequences to
their tracking of terrorism or crime if uncrackable
cryptography becomes the global standard.
But encryption software -- which scrambles a person's
computer messages so no one can read them without a key --
also is thought by many in the computer industry to be the
missing piece that's preventing customers from a full-scale
move to the Internet for banking and other confidential
transactions, rather than, as now, worrying about the
security of their data. They also see it as a market in
which the United States maintains a comfortable lead, one
that is threatened if domestic encryption makers can't sell
their products elsewhere. The makers argue that foreign
encryption software will rush in to fill the gap, doing
nothing about the uncrackability problem -- indeed, making
it worse. The administration in turn is pursuing a wider
international agreement to maintain controls on cryptology
export by all the industrialized nations and has been
putting pressure on its colleagues in the Organization for
Economic Cooperation and Development, which will rule on
the matter in a Paris meeting in September.
Administration officials, including FBI chief Louis Freeh,
have been pushing for an alternative policy of "voluntary
key escrow" -- encryption makers would deposit a key to the
code with a neutral third body before exporting the
products and could then have access to the codes only by
court order, as happens now with wiretapping. Mr. Freeh,
testifying at Thursday's hearing in favor of an optional
key escrow plan, noted that the point is not to prevent all
copies of uncrackable code from going abroad -- that's
clearly impossible -- but to prevent such high-level code
from becoming the international standard, with architecture
and transmission channels all unreadable to world
authorities. To software companies and Internet users who
have been clamoring for the right to encrypt as securely as
possible, Mr. Freeh and others argue, "the genie is not yet
out of the bottle" on "robust," meaning uncrackable,
encryption.
It's far from obvious to anyone that an optional escrow
plan really can prevent the growth of inaccessible
transmissions by international terrorists or criminals.
Encryption, if widely used, could conceivably ease some
privacy problems concerning who gets to see personal and
financial data on individuals -- though such data usually
are vulnerable to being dug out of storage rather than
intercepted in transmission. But neither is it clear that
the encryption enthusiasts' desire for free development
should take precedence over the tracking of terrorism. At
the very least, Congress should be exceedingly cautious
about getting out ahead of administration concerns on
controls that, once lifted, are hardly reversible.
-----