[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Suggestion for "the serious encryption customers" to end ITAR battle
I think we can all agree that the level of confidence in software-only
approaches to security is clearly lower than combination software plus
hardware approaches.
It is clear that what is available over the Internet is software. (It
is much harder to distribute "hardware" as you can only really
distribute design information. The closest analogy could be a FPGA
program, a Verilog description or some other ASIC net list.)
How about the following as an approach to resolving the dispute over
encryption exports:
1. Allow arbitrary exports of software-only encryption.
This means that PGP is exportable as is DES crypt libraries.
2. Restrict exports of hardware-only or hardware/software encryption.
This means that smart cards, HP's crypto policy cards, crypto
processors with tamper-resistant casing, etc ... are restricted.
Why does this make sense?
1. Reality check on export control of software:
Software is just too transportable to be restricted, no matter
WHAT the software does. Any restriction on WHERE software may be
or may go is just not feasible, and it's not going to get any
easier in the foreseeable future.
2. Take John Deutch at his word:
Deutch has claimed that "serious users of cryptography" would not
trust software downloaded over the Internet. We clearly do not
agree with him on this aspect, but if he truly believes it (and is
not just making PR spin statements for the NSA), then he must
believe that allowing software exports will not significantly
increase the user base (and therefore, harm CIA's or NSA's
intelligence capabilities), but it will shut up the software
companies' complaints.
3. Give the NSA what it wants:
Software tends to standardize. Encryption is only a small part of
the chain of security measures. Other weaknesses are surely part
of the NSA's target for intercepts (no self-respecting
codebreaking agency should stick to exploiting only one class of
failures; if it is, we should question the value we are getting
out of the billions of dollars we blindly give to the NSA). If
the NSA stops whining about what is too hard to break, then
protocol weakness and other non-encryption problems could easily
creep into standards, and the NSA would surely have an analytical
advantage over anyone else.
Since the NSA is happily bragging that it does not even need to
crack the code to break in, it should be able to live with
hardware-only export restriction. The fact that the NSA is no
longer drawing any lines anywhere for software will leave the bad
guys guessing as to what it can really decode.
In addition, hardware manufacturers will probably have a tougher
overturning export restrictions on hardware-enhanced solutions
after that because software companies will probably not care. It
is clear that the NSA only trusts hardware implementations, as it
required Clipper to be manufactured in tamper-resistant cases.
All constructive replies welcome.
Ern