Badpuppy Gay Today |
Monday, 02 June, 1997 |
Encryption technologies are the locks and keys of
the Information age--enabling individuals and businesses to protect
sensitive information as it is transmitted over the Internet.
As more and more individuals and businesses come on-line, the need for strong,
reliable, easy-to-use encryption technologies has become a critical
issue to the health and viability of the Net.
On May 14th, the House Judiciary Committee approved
a bill designed to dramatically enhance the ability of Internet
users to protect their privacy and security on-line.
The bill now moves to the House International Relations
Committee, where it is expected to face tougher opposition from
the FBI, NSA, and the Clinton Administration. The International
Relations Committee is expected to consider the bill soon.
The Security and Freedom through Encryption Act (SAFE
- HR 695) will prohibit the government from imposing mandatory
law enforcement access to private on-line communications inside
the U.S., affirm the right of American Citizens to use whatever
form of encryption they choose, and relax current export restrictions
which prevent the development of strong, easy-to-use encryption
technologies.
The Clinton Administration, led by the FBI and the
National Security agency, opposes SAFE and is pushing for a policy
of domestic restrictions on the use of encryption, guaranteed
law enforcement access to private communications via government
designed "key-recovery" systems, and continued reliance
on out-dated, cold-war era export controls.
For the first time in history, Congress is close
to passing real encryption policy reform legislation which will
protect privacy, promote electronic commerce, and recognizes the
realities of the global Internet.
Current U.S. encryption policy, which limits the
strength of encryption products U.S. companies can sell abroad,
also limits the availability of strong, easy-to-use encryption
technologies in the United States. U.S. hardware and software manufacturers who wish to sell
their products on the global market must either conform to U.S.
encryption export limits or produce two separate versions of the
same product, a costly and complicated alternative.
The export controls, which the NSA and FBI argue
help to keep strong encryption out of the hands of foreign adversaries,
are having the opposite effect. Strong encryption is available
abroad, but because of the export limits and the confusion created by nearly
four years of debate over U.S. encryption policy, strong, easy-to-use
privacy and security technologies are not widely available off
the shelf or "on the net" here in the U.S.
A recently discovered flaw in the security of the
new digital telephone network exposed the worst aspects of the
Administration's encryption policy. Because the designers needed
to be able to export their products, the system's security was
"dumbed down". Researchers subsequently discovered that
it is quite easy to break the security of the system and intrude
on what should be private conversations.
This incident underscores the larger policy problem:
U.S. companies are at a competitive disadvantage in the global
marketplace when competing against companies that do not have
such hindrances. And now, for the first time in history, the
Clinton Administration has DOMESTIC RESTRICTIONS on the ability
of Americans to protect their privacy and security on-line.
On Wednesday May 21, a group of leading cryptographers
and computer scientists released a report which for the first
time examines the risks and implications of government-designed
key-recovery systems.
The report cautions that "The deployment of
a general key-recovery-based encryption infrastructure to meet
law enforcement's stated requirements will result in substantial
sacrifices in security and cost to the end user. Building a secure
infrastructure of the breathtaking scale and complexity demanded
by these requirements is far beyond the experience and current
competency of the field."
The report substantially changes the terms of the
ongoing debate over U.S. encryption policy. For more than four
years, the Clinton Administration has pushed for a policy of continued
export restrictions on strong encryption, and the development
of global key escrow and key recovery systems to address the concerns
of law enforcement. The study, the first comprehensive analysis
of the risks of key recovery and key escrow systems, calls into
question the viability of the Administration's approach.
The Report's authors, recognized leaders in the cryptography
and computer science field, include Hal Abelson, Ross Anderson,
Steven M. Bellovin, Josh Benaloh, Matt Blaze, Whitfield Diffie,
John Gilmore, Peter G. Neumann, Ronald L. Rivest, Jeffery I. Schiller,
and Bruce Schneier
The report is available on-line at http://www.crypto.com/key_study/
All of us care about our national security, and no one wants to make it any easier for criminals and terrorists to commit criminal acts. But we must also recognize encryption technologies can aid law enforcement
and protect national security by limiting the threat
of industrial espionage and foreign spying, promote electronic
commerce and protecting privacy.
Congress needs to hear from you! If you value your
privacy and care about the future of the Net, please take a few
moments to join the Adopt Your Legislator campaign: http://www.crypto.com/adopt/
What's at stake in this debate is nothing less than the future of privacy and the fate of the Internet as a secure and trusted medium for commerce, education, and political discourse
|
© 1998 BEI;
All Rights Reserved. |
