[Senate Hearing 106-892]
[From the U.S. Government Publishing Office]
S. Hrg. 106-892
S. 798, THE PROMOTE RELIABLE ON-LINE TRANSACTIONS TO ENCOURAGE COMMERCE
AND TRADE (PROTECT) ACT OF 1999
=======================================================================
HEARING
before the
COMMITTEE ON COMMERCE,
SCIENCE, AND TRANSPORTATION
UNITED STATES SENATE
ONE HUNDRED SIXTH CONGRESS
FIRST SESSION
__________
JUNE 10, 1999
__________
Printed for the use of the Committee on Commerce, Science, and
Transportation
69-984 U.S. GOVERNMENT PRINTING OFFICE
WASHINGTON : 2002
____________________________________________________________________________
For Sale by the Superintendent of Documents, U.S. Government Printing Office
Internet: bookstore.gpr.gov Phone: toll free (866) 512-1800; (202) 512�091800
Fax: (202) 512�092250 Mail: Stop SSOP, Washington, DC 20402�090001
SENATE COMMITTEE ON COMMERCE, SCIENCE, AND TRANSPORTATION
ONE HUNDRED SIXTH CONGRESS
FIRST SESSION
JOHN McCAIN, Arizona, Chairman
TED STEVENS, Alaska ERNEST F. HOLLINGS, South Carolina
CONRAD BURNS, Montana DANIEL K. INOUYE, Hawaii
SLADE GORTON, Washington JOHN D. ROCKEFELLER IV, West
TRENT LOTT, Mississippi Virginia
KAY BAILEY HUTCHISON, Texas JOHN F. KERRY, Massachusetts
OLYMPIA J. SNOWE, Maine JOHN B. BREAUX, Louisiana
JOHN ASHCROFT, Missouri RICHARD H. BRYAN, Nevada
BILL FRIST, Tennessee BYRON L. DORGAN, North Dakota
SPENCER ABRAHAM, Michigan RON WYDEN, Oregon
SAM BROWNBACK, Kansas MAX CLELAND, Georgia
Mark Buse, Staff Director
Martha P. Allbright, General Counsel
Ivan A. Schlager, Democratic Chief Counsel and Staff Director
Kevin D. Kayes, Democratic General Counsel
C O N T E N T S
----------
Page
Hearing held June 10, 1999....................................... 1
Statement of Senator Ashcroft.................................... 6
Statement of Senator Burns....................................... 1
Prepared statement........................................... 2
Statement of Senator Cleland..................................... 39
Statement of Senator Dorgan...................................... 42
Statement of Senator Frist....................................... 42
Statement of Senator Kerry....................................... 3
Article from New York Times.................................. 4
Statement of Senator Snowe....................................... 16
Prepared statement........................................... 16
Witnesses
Aucsmith, David, Chief Security Architect, Intel Corporation..... 45
Prepared statement........................................... 47
Bidzos, D. James, Vice Chair, Security Dynamics Technologies,
Inc............................................................ 60
Prepared statement........................................... 62
Goodlatte, Bob, U.S. Representative from Virginia, along with
added material for the record; China: Export of Technology
Would be Liberating Force...................................... 9
Prepared statement........................................... 14
Hoffman, Lance, Ph.D., Professor, Department of Electrical
Engineering and Computer Science, and Director of the School of
Engineering and Applied Science, Cyberspace Policy Institute,
The George Washington University,.............................. 71
Prepared statement........................................... 72
McNamara, Barbara A., Deputy Director, National Security Agency.. 30
Prepared statement........................................... 32
Reinsch, Hon. William A., Under Secretary of Export
Administration, U.S. Department of Commerce.................... 17
Prepared statement........................................... 20
Robinson, Hon. James K., Assistant Attorney General, Criminal
Division, U.S. Department of Justice........................... 24
Prepared statement........................................... 27
S. 798, THE PROMOTE RELIABLE ON-LINE TRANSACTIONS TO ENCOURAGE COMMERCE
AND TRADE (PROTECT) ACT OF 1999
----------
THURSDAY, JUNE 10, 1999
U.S. Senate,
Committee on Commerce, Science, and Transportation,
Washington, DC.
The committee met, pursuant to notice, at 9:32 a.m. in room
SR-253, Russell Senate Office Building, Hon. Conrad Burns
presiding.
Staff members assigned to this hearing: David Crane,
Republican professional staff; and Gregg Elias, Democratic
senior counsel.
OPENING STATEMENT OF HON. CONRAD BURNS,
U.S. SENATOR FROM MONTANA
Senator Burns. We will call the committee to order this
morning, and thank you for coming. We will try to get started
on time here.
Let me apologize for the chairman of the full committee,
John McCain. He has a bill on the floor, the Y2K bill. I told
him that he probably put the fox in charge of the henhouse here
when he lets me chair this hearing, but it is something that I
have been very much interested in for a long time.
Today's hearing will focus specifically on the ``PROTECT
Act of 1999.'' This bill reflects a number of discussions the
full Committee chairman and I have had about the importance of
encryption in the digital age. I would also like to thank
Senator Wyden and Senator Abraham for their instrumental role
in the creation of this pro-encryption legislation that I am
confident will be supported by the large majority of this
committee.
Along with several other members of this committee, I have
long advocated the enactment of legislation that would
facilitate the use of strong encryption. Strong encryption is
necessary if we are to promote electronic commerce, secure our
confidential business and our sensitive personal information,
to prevent crime and to protect our national security by
protecting our commercial information systems.
Beginning in the 104th Congress, I introduced legislation
that would ensure the private sector continues to take the lead
in developing innovative products to protect the security and
confidentiality of electronic information, including the
ability to export such American products, and I believe PROTECT
accomplishes these important objectives. Specifically, the bill
does the following:
It permits the immediate exportability of strong encryption
products whenever foreign products contain the same strength of
encryption are generally available. It prohibits domestic
controls on the use of products using strong encryption. It
also guarantees that American industry will continue to be able
to come up with new and innovative products.
It immediately decontrols encryption products using key
lengths of 64 bits or less. It permits the immediate
exportability of 128-bit encryption in all encryption products
to a broad group of users.
Today we are in a world that nearly everyone has a computer
and those computers are for the most part connected to one
another. In light of that fact, it is becoming more and more
important to ensure that our communications over these computer
networks are conducted in a secure way.
It is no longer possible to say that when we move into the
information age we will secure these networks, because we are
already there. We use computers in our homes and our businesses
in ways that we could not imagine only 10 years ago. These
computers are connected through networks, making it easier to
communicate than ever before.
This phenomenon holds promise for transforming life in a
bunch of areas in our country and especially in Montana, where
health care and state-of-the-art education can be delivered
over networks to people located in remote population centers.
These new technologies can improve the lives of real people,
but only if the security of information that moves over these
networks is safe and reliable.
The problem today is that our computer networks are not as
secure as they could be. It is fairly easy for amateur hackers
to break into our networks. The newspaper has been full of
those kind of activities for the last year. They can intercept
information, steal trade secrets and intellectual property, or
even alter medical records.
The solution to this problem is to let individuals and
businesses alike take steps to secure that information.
Encryption is a vital tool which helps to protect the integrity
of these electronic networks which have made so many modern
wonders available in this age.
I look forward to the testimony of our witnesses today
because this is a critical issue.
Now I would like to recognize the Senator from
Massachusetts, Senator Kerry, and thank you for coming this
morning.
[The prepared statement of Senator Burns follows:]
Prepared Statement of Hon. Conrad Burns, U.S. Senator from Montana
I am pleased to chair today's hearing in the Full Committee, which
is on a topic critical to the future of this country--reforming our
country's severely outdated encryption policy. Today's hearing will
focus specifically on the ``PROTECT Act of 1999.'' This bill reflects a
number of discussions the Full Committee Chairman and I have had about
the importance of encryption in the digital age. I would also like to
thank Sen. Wyden and Sen. Abraham for their instrumental role in the
creation of this pro-encryption legislation that I am confident will be
supported by a large majority of this Committee.
Along with several other members of this Committee, I have long
advocated the enactment of legislation that would facilitate the use of
strong encryption. Strong encryption is necessary to promote electronic
commerce, secure our confidential business and sensitive personal
information, prevent crime and protect our national security by
protecting our commercial information systems. Beginning in the 104th
Congress, I introduced legislation that would ensure that the private
sector continues to take the lead in developing innovative products to
protect the security and confidentiality of our electronic information
including the ability to export such American products. I believe
PROTECT accomplishes these important objectives.
Specifically, the bill does the following:
Permits the immediate exportability of strong encryption
products whenever foreign products containing the same strength of
encryption are generally available;
Prohibits domestic controls on the use of products using
strong encryption;
Guarantees that American industry will continue to be able
to come up with innovative products;
Immediately decontrols encryption products using key
lengths of 64 bits or less; and
Permits the immediate exportability of 128 bit encryption
in all encryption products to a broad group of users.
Today, we are in a world where nearly everyone has a computer and
that those computers are, for the most part, connected to one another.
In light of that fact, it is becoming more and more important to ensure
that our communications over these computer networks are conducted in a
secure way. It is no longer possible to say that when we move into the
information age, we'll secure these networks, because we are already
there. We use computers in our homes and businesses in a way that
couldn't have been imagined 10 years ago, and these computers are
connected through networks, making it easier to communicate than ever
before. This phenomenon holds the promise of transforming life in
states like Montana, where health care and state-of-the-art education
can be delivered over networks to people located far away from
population centers. These new technologies can improve the lives of
real people, but only if the security of information that moves over
these networks is safe and reliable.
The problem today is that our computer networks are not as secure
as they could be. It is fairly easy for amateur hackers to break into
our networks. Hackers can intercept information, steal trade secrets
and intellectual property or even alter medical records. The solution
to this problem is to let individuals and businesses alike to take
steps to secure that information. Encryption is a vital tool which
helps to protect the integrity of these electronic networks which have
made so many wonders of the modern age possible.
I look forward to the testimony of the witnesses on this critical
issue.
Thank you.
STATEMENT OF HON. JOHN F. KERRY, U.S. SENATOR
FROM MASSACHUSETTS
Senator Kerry. Mr. Chairman, thank you very much for your
continued efforts in this field.
I want to say up front, I need to go from here to the
export regime hearing in the Banking Committee, where we have
Messrs. Cox and Dicks. So I apologize for not being able to
stay throughout this, but my staff will.
Let me begin by saying that last session the Commerce
Committee became the first Senate committee to forge a
consensus on this question of some kind, at least, and to
report out comprehensive legislation. I am glad we are back
here now and it is my hope that we can make real progress this
year to develop a sensible encryption framework for the 21st
century.
We have been part of this debate for some time now. I serve
on the Intelligence Committee, the Foreign Relations Committee,
this committee, and the Banking Committee, all of which touch
on it one way or the other. I am a former prosecutor, so I have
been particularly sensitive to some of the warrant issues,
eavesdropping issues, intelligence-gathering issues, and so
forth.
For the past several years, frankly, we have received
relatively conflicting information from various interests in
the debate, and I think, to our frustration, at least to my
frustration, Mr. Chairman, we have been primarily debating the
current state of export markets. We have debated whether there
is a mature market abroad for export products and whether we
can use regulatory controls to shape that market.
I have adopted a relatively cautious approach, for a lot of
very obvious reasons. I am sensitive to our national security
needs and I have been very hopeful that the long and many
discussions of the White House and various entities on this
would retard the spread of encryption and actually shape market
demand abroad.
I have a change of mind at this point and I want to express
that. I think it is time to reframe the debate on encryption.
As time goes on and availability abroad of strong encryption
products continues to grow, it becomes more and more difficult
to accept that we alone can control the development of this
marketplace. If we cannot shape the development of the
marketplace and have not been able to reach an adequate
consensus in this country to do so in the last few years, then
we are forced to a point in time, which I think we are at now,
where we have to examine in a responsible way how to adjust our
regulatory regime.
For a long time we have been debating, Mr. Chairman,
whether to relax export controls to permit the export of
stronger encryption products. I think that question has to
change. It is now time to discuss how we go about creating a
new scheme that recognizes the realities of the new
marketplace.
I ask unanimous consent that an article from today's New
York Times, ``Encryption Products Found to Grow in Foreign
Markets'' by John Markoff, be made part of the committee
record.
Senator Burns. Without objection.
[The material referred to follows:]
THE NEW YORK TIMES
ENCRYPTION PRODUCTS FOUND TO GROW IN FOREIGN MARKETS
BY JOHN MARKOFF
Commercial data-scrambling technology that is made outside the
United States has become significantly more available in the last 18
months, according to researchers at George Washington University.
The researchers' report, which is to be presented today in
testimony before the Senate Commerce Committee, is part of a growing
body of evidence suggesting that the Government's efforts to restrict
the spread of ``strong encryption'' technology for secret electronic
communications have largely failed.
``The Government must acknowledge that there are foreign produces,
and it must concede that they are of comparable quality to U.S.
technology,'' said Bruce Heiman, legislative counsel for Americans for
Computer Privacy, the Washington-based computer industry lobbying group
that financed the study.
The Government has long imposed export curbs on encryption
tecnologies, invoking national security and crime prevention concerns.
Officials have argued that scrambled messages would improve the ability
of terrorists and other criminals to organize and plan illegal
operations.
The new data, though, indicate that 805 encryption products are now
available in 35 countries outside the United States--a 22 percent
increase since December 1997. Moreover, 167 products are based on
encryption algorithms considered too strong to be cracked by even the
most powerful computers.
``In addition to the absolute increase in the number of products,
we've also found that six new countries have companies that are now
selling encryption technology,'' said Lance Hoffman, director of the
Cyberspace Policy Institute at George Washington University.
He pointed to companies like Cybernetica in Estonia that use the
United States export restrictions as a marketing tool.
``Cybernetica advertises: `Strong crypto. Long keys. No export
restrictions,''' he said.
The report also asserts that the United States has lost its
monopoly on the basic mathematical technologies underlying data
encryption.
For example, of the 15 algorithms now being considered by the
National Institute of Standards for a new American encryption standard,
10 have been developed outside the United States.
The report does not offer evidence of actual use of encryption
systems abroad. But Mr. Hoffman said researchers had compiled material
suggesting that the most powerful encryption software was now readily
accessible internationally.
``I'm holding in my hands a computer magazine we found on a French
newsstand,'' he said in a phone interview yesterday. The publication,
Magazine Dot Net, contained a CD-ROM with encryption programs including
Pretty Good Privacy and a program called Scramdisk that features
advanced encryption algorithms like DES, Triple DES, Blowfish and
Idea--any of which would present formidable challenges to code breakers
in the Federal Government.
http://www.nytimes.com
Senator Kerry. Let me just share very quickly. The new data
indicates that 805 encryption products are now available in 35
countries outside the United States, a 22 percent increase
since December 1997. Moreover, 167 products are based on
encryption algorithms considered too strong to be cracked by
even the most powerful computers. In addition to the absolute
increase in the number of products, we have also found that six
new countries have companies that are now selling encryption
technology.
One of them, Cybernetica in Estonia, uses the U.S. export
restrictions as a marketing tool: ``Cybernetica advertises
`Strong crypto, long keys, no export restrictions.' '' The
article goes on, Mr. Chairman.
I am pleased to join Chairman McCain as an original co-
sponsor of the PROTECT Act of 1999. The bill is an important
first step that recognizes that as the Internet becomes more of
a presence in global commerce there have to be guarantees and
assurances that business and personal information remains
confidential.
We have to also continue to recognize that U.S. companies
are leaders in creating encryption technology and these
companies are integral to our economy. We are debating a great
deal now about the impact of China stealing secrets and where
the long-term relationship may go. Mr. Chairman, I am
persuaded, as I have been for several years, but I think for
some time we have held out hope about our ability to control
and shape the market. I am persuaded that the national security
interest of the country is not only affected by the sort of law
enforcement/security side of this, but it is also affected by
the long-term economic side of it.
It seems to me that it is important for U.S. technology to
be out there, for people to be using it, and that there are
certain security values inherent in that happening.
The U.S. information technology companies have been deeply
frustrated by what they perceive as excessive stringent
controls on the export of their encryption products. Although
the United States is the leader in producing high quality
strong encryption products, other countries are increasingly
doing so. We have to recognize that reality and understand that
export controls are not going to stop the spread of encrypted
products and, importantly, controls that do not recognize this
reality put our software industry at a disadvantage as it tries
to compete in the global marketplace and has the potential to
put our security at risk.
Encryption is essential to hundreds of billions of dollars
of e-commerce. It is crucial to electronically transferred
funds and to overall use of the Internet, including e-mail, and
the United States must have a powerful presence in that future
development.
So I am open to arguments regarding whether we expand them
even further than the PROTECT Act, but I believe that is an
important first step and I am hopeful we can find a responsible
approach that would allow us to balance some of the other
interests.
I would simply ask witnesses to perhaps--I am sure they
will be asked this and address it: What happens with respect to
foreign companies filling the gap and what the relationship of
that is to our national security if foreign encryption is
produced worldwide and we are outside of that loop?; and also
whether it makes sense for our policy to work in a way that is
increasingly putting the United States' interests within the
field of commerce at a disadvantage.
Also, there are other articles regarding other types, the
Quantum code and other approaches to encryption, which raise a
whole lot of issues about where we may be heading in the long
run here and what we can control in terms of the market.
So Mr. Chairman, I think we are at a very important
juncture and I thank you for having this hearing today and
proceeding forward.
Senator Burns. Thank you. We always like conversions.
Senator Kerry. Beware of the convert. The zeal of the
convert is always the worst.
Senator Burns. I know.
Senator, I appreciate your words today and I think as far
back as 1994 and 1995, where we had security questions.
Before I recognize Senator Ashcroft, I want to make it
pretty clear that we should be as policymakers giving our
security people the funds and resources that their technology
can stay maybe a quarter step ahead of the technology that is
generally accepted around the world. I think there we have
fallen down a little bit.
But I think our security people can do the job that they
are paid to do and do a great job of it, but we have got to
give them the funds in order for them to adapt, to go into new
technology, because Moore's Law has taken over here. Our
technology is going to go. We have got to make sure that we
take care of our security people and they can stay with it.
That is where we should be focusing our attention, I think.
Senator Ashcroft.
STATEMENT OF HON. JOHN ASHCROFT,
U.S. SENATOR FROM MISSOURI
Senator Ashcroft. Thank you, Mr. Chairman. I want to thank
the Senator from Montana for his leadership in this area.
Leadership is not finding out where people already are and
going and standing at the front of the line. Leadership is
finding out where we need to go and helping people understand
how to get there, and certainly you have done that, especially
as it relates to this issue.
I want to thank the chairman of this committee for having
this hearing today to address an issue that I believe is
central to the future of our country's ability to remain a
worldwide leader in electronic technology. That is the
development and the availability of data encryption technology.
Encryption of sensitive electronic data is essential to our
modern economy. State and national infrastructures, financial
transactions, and of course the burgeoning field of Internet
commerce all depend on the ability of companies, institutions,
and individuals to securely transmit electronic data, and
American products are at the forefront of this industry.
I might add that if American products are not at the
forefront of this industry, other products will be at the
forefront of this industry.
For years now, since before I first came to the Capitol,
American manufacturers of encryption technology have been
hamstrung in their efforts to compete in the global marketplace
regarding these products by export controls that reflect a
complete misunderstanding of the incredibly dynamic and fluid
nature of encryption technology. We have tried for over 4 years
to remedy that situation.
I first introduced the E-PRIVACY bill in the last Congress
and intend to reintroduce it shortly in this Congress. But
unfortunately, nothing has been accomplished by way of
assistance to law enforcement and to industry or, most
importantly, to the users of encryption in this country.
Unfortunately, a significant barrier to progress on this
issue has been the Administration, which has taken an active
and open position against permitting the export of encryption
technology and indeed a fairly hostile view to the unregulated
domestic use of encryption. The Administration bases its
position on the grounds that robust encryption allegedly
presents risks to law enforcement and national security, a view
that I think will be shown to be mistaken by today's testimony.
We certainly have endured national security risks, but it has
not been from the industry's development of encryption.
In addition, there has not always been agreement here in
Congress about the need to free our technology industry from
these export restrictions. I am happy to note that this appears
to have changed. The chairman's PROTECT Act which we are here
to discuss, demonstrates that there is a growing consensus that
the Administration is mistaken and that deregulation of
encryption is necessary in order for us to maintain our
leadership position in this industry, and I want to commend the
chairman for helping us to build that consensus.
I think that the PROTECT Act is a big step in the right
direction on encryption. In fact, it shares many of the same
principles and provisions included in my E-PRIVACY bill.
However, I do think that the PROTECT Act needs to go further in
two ways.
First, the PROTECT Act needs to reflect the lightning-fast
nature of development in this industry and institute export
relief that will not make the products eligible for decontrol
obsolete by the time the approval process is complete. The
Administration has long taken the route of regulating
encryption exports based on the bit length of the product, with
little regard to the current state of the technology. It began
with permitting the export of 40-bit technology 7 years ago and
only agreed last fall to increase the limit to 56-bit
technology. Of course, the standard for generally available
products worldwide is already 128-bit technology. That is where
the competition is. So the Administration's position is already
sorely outdated.
In fact, months ago I came to a meeting of this committee
with an advertisement from the Internet which was from the
Siemens company in Germany advertising robust 128-bit
encryption, saying that you cannot get this from a U.S.
manufacturer, at least someone overseas could not. The
advertisement also indicated, however, that if you buy this you
can use it in the United States and you can use it overseas as
well. So if you want to have robust encryption, buy it from the
Germans, from Siemens.
The Administration has decided to tie the hands of the U.S.
encryption industry. To me that is a disaster. But it is also
compounded by people beginning to develop relationships with
foreign software providers as a result of the unavailability of
128-bit or robust encryption on the part of U.S. providers of
software.
To see the Germans eagerly promoting this potential and to
have people from my own State of Missouri say to me, ``John, we
have an office in Singapore''--this happened to me--we have not
been able to speak with them confidentially and communicate
with them and the government is making it impossible for us to
send the encryption that we can use domestically. We cannot
send it to our office in Singapore because we are ineligible to
export it.
I do not want that situation to be--well, I just do not
want the situation to be such that I have to say, ``Well, go to
Siemens in Germany, from Siemens you can buy the encryption
that can be sent into the United States and from Siemens in
Germany it can be sent to Singapore, so you can have your cake
and eat it, too, by dealing with a non-domestic firm.''
For us to have a policy which provides for the slitting of
our own throats in a technology arena that is developing at a
rapid pace is simply unwise. I think it is foolhardy. If we are
to mark the next century as an American century, or even to
celebrate the next week as high technology week in the Senate,
we must be forward-
thinking and acting.
The PROTECT Act deregulates products up to 64 bits. That is
a good start. The problem is that the Act delays general
decontrol of 128-bit technology until 2002, by which time it
will almost certainly be as obsolete as 56-bit encryption is
today. In the interim, PROTECT permits individual exceptions
for higher bit technology export, but it creates a regulatory
approval board and a process that can take up to 60 days to
determine whether a product is already generally available,
something that, quite frankly, can be determined by surfing the
Internet for a little while, I mean moments.
With all due respect, this process is too long, which is
why in the E-PRIVACY bill we give the administration a one-time
15-day review of products that are generally available before
they are permitted to export them.
I urge my colleagues to press our panelists on the second
panel for answers on whether they can remain competitive if we
wait as long as the PROTECT Act provides.
The second area where I think the PROTECT Act can go
farther is the explicit delineation of the rights and
procedural protections of Americans in their ability to use
encryption and to be secure in their use of encrypted data.
While the PROTECT Act clearly affirms this right, it is
relatively silent on the balance of procedural protections
between Americans' privacy interests and legitimate law
enforcement efforts. I do not think we can afford to be silent
on this issue.
The administration and the FBI have over time indicated
support for language that would mandate key recovery for all
domestic encryption and alternatively support several suggested
approaches that would make using domestic key escrow a
practical, although not legal, necessity. Director Freeh has
gone so far as to mention the need for a new fourth amendment
that considers the ``realities'' of the digital age.
I think we need a new and improved approach to domestic
encryption, not a new updated version of the fourth amendment,
and I for one am not eagerly awaiting the FBI's new release of
the fourth amendment 2.0 or first amendment 98. I am, however,
eager to hear what the Administration's current position is on
key recovery and key escrow.
My own E-PRIVACY bill sets out specific procedures for
balancing the legitimate interests of law enforcement with the
privacy rights of Americans, and I hope that any final
legislation passed by the Senate would include such provisions.
Those are my two observations.
Again, I want to say that the PROTECT Act is a strong step
in the right direction toward protecting American privacy
rights and American industry, but I think it should go further.
I look forward to hearing from our panelists today and
engaging them in serious discussion on these issues, and I
thank the gentleman from Montana, whose leadership in this area
has been very valuable to America.
Senator Burns. Thank you very much, Senator. It has been an
issue that both of us have been around a day or two, so we are
not complete strangers to it.
Congressman Goodlatte is on his way. In the meantime--oh,
he is here.
Mr. Goodlatte. Hiding.
Senator Burns. You are still on your way, right?
Senator Ashcroft. On his way to the microphone.
Senator Burns. That is right, that is right.
Congressman, we thank you. You have been a great leader on
this issue in the House and we appreciate your coming over this
morning and offering your thoughts on this piece of
legislation.
STATEMENT OF HON. BOB GOODLATTE, U.S. REPRESENTATIVE FROM THE
STATE OF VIRGINIA
Mr. Goodlatte. Well, Senator, thank you for the opportunity
to testify before the Senate Commerce Committee today. I want
to commend you and Chairman McCain and Senator Ashcroft for
your hard work in this area. I was delighted to hear the
comments of Senator Kerry a little while ago. I had brought the
same New York Times article with me, so I will not need to ask
that it be made part of the record.
But I do want to point out that one of the items in here
that he did not mention is that the United States has lost its
monopoly on the basic mathematical technologies underlying data
encryption. For example, of the 15 algorithms now being
considered by the National Institute of Standards for a new
American Encryption Standard, 10 have been developed outside of
the United States. If we do not act on this soon, we are going
to be left behind in that regard.
I also would ask that the committee consider making part of
the record an article by Congressman Chris Cox, who is, as you
know, the chairman of the committee that just released the Cox
report and who is a strong supporter of changes in our export
controls laws related to encryption and a co-sponsor of our
legislation in the House, the SAFE Act. He has an article that
was published in the San Jose Mercury News entitled ``China:
Export of Technology Would be Liberating Force.'' I think it
makes a very strong case for why, while export controls are
appropriate in some sectors, liberalizing our export controls
on encryption would be of great benefit to our nations.
Senator Burns. That will be made part of the record.
[The material referred to follows:]
China: Export of technology Would be Liberating Force
(By Christopher Cox)
American Policy toward the People's Republic of China should
proceed from this central premise: It is our sincere hope for the
Chinese people that they will no longer live under a communist
government.
To this end, America's--and California's--world leadership in high-
tech enterprise promises far more than economic benefits. The export of
these products to the Chinese people can be a great democratizing and
liberating force.
In January, the People's Republic sentenced Lin Hai, a 30-year-old
software executive and Web page designer, to prison for supposedly
``inciting subversion of state power.'' His so-called ``crime''
consisted of exchanging e-mail addresses with an anti-communist group
in America.
But if Lin Hai had been able to keep the contents of his computer
messages away from the prying eyes of the Ministry of State Security--
using strong encryption in commercially available software--he would be
a free man today.
That is why America's companies, the leaders in encryption
technology, must be able to export their products to China and around
the world.
Strong encryption is--as Beijing's communist leadership is well
aware--a massive threat to totalitarian regimes and their government-
maintained monopoly on information, because it permits individuals to
communicate privately without fear of government eavesdropping or
interception.
In this and the previous Congress, I have sponsored the Security
and Freedom through Encryption Act, together with a broad coalition of
Republican and Democratic lawmakers, I disagree with the Clinton-Gore
administration, and with Sen. Dianne Feinstein, that the current
prohibition on American businesses exporting encryption software is
necessary for our national security.
Yet the Clinton-Gore administration would go beyond the current
prohibition, endorsing not just restrictions on encryption exports, but
also requiring every encryption program sold--even within the United
States--to have a secret key to permit eavesdropping by law enforcement
officials or foreign governments.
The Clinton-Gore administration seems to place a higher priority on
stopping the export of encryption software to the Chinese people than
on preventing the theft of our nuclear weapons technology by the
People's Liberation Army.
This is exactly backward. Rather than control commercially
available computers, software and technology, we should safeguard our
most critical military secrets.
TRANSFER OF TECHNOLOGY
For the past nine months, I've chaired a congressional select
committee investigating the transfer of militarily sensitive technology
to the People's Republic of China. The committee's classified report,
unanimously approved by all five Republicans and four Democrats, found
overwhelming evidence that such transfers--including theft through
espionage--have caused serious harm to U.S. national security, and
continue to this day.
But some have inferred that this should mean clamping down on
commercial exports. To the contrary: The committee found that the
current export-licensing process is riddled with errors and plagued by
delays. It often does very little to protect our national security--
while frequently doing a great deal to damage America's competitiveness
in world markets.
The committee has therefore recommended streamlining export rules.
The United States should provide a new ``fast track'' for most items,
while focusing greater resources and expertise on the limited targets
that we know from our intelligence are the subject of specific
collection efforts by the People's Republic of China and others.
Trade in innovative technologies, goods and services can help
undermine inefficient state-run industries and bring hope of a better
life to the Chinese people.
In areas like transportation, telecommunications and financial
services, it is the means by which communist China--whose economy is
smaller on a per capita basis than Guatemala's--can become a developed
nation.
In fields such as medicine, biotechnology and farming, U.S. trade
offers hope for the desperately poor millions who are still China's
majority that they will be able to each and survive.
Encouraging exports to China that promote individual freedom and
well-being is in the United States' national security interest. For
this reason, in addition to allowing the export of encryption software,
U.S. policy should focus on unleashing the Internet as an engine of
freedom in China.
Among the 1.2 billion people in the People's Republic of China,
only one in a thousand is an Internet user. But Internet use is growing
at a rate that threatens the Communist Party's grip on China.
As Chinese journalist Sang Ye has observed: ``New ways of thinking,
of communicating, of organizing people and information--the Net takes
aim squarely at things that since Mao's earliest days have been the
state's exclusive domain.''
Today's China's communist dictatorship is working hard to re-route
its citizens away from the information superhighway and onto the state-
controlled ``Intranet.'' This new Intranet allows communication only
among approved users who share communist-approved content. The Ministry
of Post and Telecommunications supervises and approves all networks,
and its screens virtually all news and even financial information that
citizens may receive from foreign sources.
While the Chinese Communist Party argues, on the Internet home page
of the People's Daily, that the open flow of communications would be
destabilizing, Americans know from our own experience that technology
is best used as a means to an end: a promise of greater freedom.
The United States should move aggressively to frustrate the Chinese
government's censorship of the Internet by condemning it as a barrier
to free trade, an impediment to joining the World Trade Organization,
and a violation of the several human rights covenants it has signed.
And we should encourage the construction of an expanded Internet
architecture that frustrates censorship and control by repressive
states.
At the same time, the United States should work with all nations
for the establishment of the Internet as a global free-trade zone,
which not only will make it increasingly difficult for governments
including China's to choke off access but also will pressure them
further to reduce protectionist trade barriers.
Finally, we should recognize that while our currently limited trade
with China's protectionist government may be better than nothing, the
object of U.S. policy must be a liberalization of trade that is
fundamentally at odds with the nation's communist system.
TRULY FREE TRADE
Despite America's free-trade policy, we still sell less to the
billion-plus People's Republic of China than to the 22 million people
of Taiwan. Instead of business ventures being approved one at a time by
the Communist Party's Politburo, truly free trade means a billion
Chinese interacting independently with a quarter-billion Americans.
A policy toward the People's Republic of China that frustrates this
objective is both shortsighted and cruel.
The recent public attention to espionage raises proper concerns
about our lack of security, but it should not distract us from our
objective of freedom for China's people--a result that American
technology exports can help bring about.
Today, we have the worst of both worlds: Military technology that
the communist government can use to hold the Chinese people in terror
is being stolen, while commercial technology that can liberate the
Chinese people is delayed in the export-
licensing bureaucracy.
It's time to focus not on whether to engage--we should all be
agreed on that--but rather on the terms of engagement. We should have
no illusions about with whom we are dealing. We should have no doubt
about where our policy is taking us. Freedom--not engagement and
possibly marriage to a communist dictatorship--is what our policy
toward China should be seeking to achieve. U.S. Rep. Christopher Cox,
R-Newport Beach, is chair of the House Select Committee on U.S.
National Security and Military-Commercial Concerns with the People's
Republic of China. He wrote this article for the San Jose Mercury News
Sunday Perspective section.
Mr. Goodlatte. Thank you, Mr. Chairman.
As you know, I have worked for many years on the encryption
issue in the House. The legislation I have introduced in this
Congress, H.R. 850, the Security and Freedom Through Encryption
Act of 1999, currently has 257 co-sponsors, including a
majority of both the Republicans and Democrats in the House and
a majority of both the Republican and Democratic leadership.
The SAFE Act has passed the House Judiciary Committee by
voice vote and is now pending before the Committees on
International Relations, Commerce, Armed Services, and
Intelligence. Each of these additional committees is expected
to act soon on the legislation and it is my hope that the SAFE
Act will be considered by the House in the summer or early
fall.
Encryption has many benefits. First, it aids law
enforcement by preventing piracy and white collar crime on the
Internet. Several studies over the past few years have
demonstrated that the theft of proprietary business information
costs American industry hundreds of billions of dollars each
year. The use of strong encryption to protect financial
transactions and information would prevent this theft from
occurring.
With the speed of transactions and communications on the
Internet, law enforcement cannot stop thieves and criminal
hackers by waiting to react until after the fact. Only by
allowing the use of strong encryption, not only domestically
but internationally as well, can we hope to make the Internet a
safe and secure environment.
As the National Research Council's Committee on National
Cryptography Policy concluded:
If cryptography can protect the trade secrets and
proprietary information of businesses and thereby reduce
economic espionage, which it can, it also supports in a most
important manner the job of law enforcement. If cryptography
can help protect nationally critical information systems and
networks against unauthorized penetration, which it can, it
also supports the national security of the United States.
Second, if the global information infrastructure is to
reach its true potential, citizens and companies alike must
have the confidence that their communications and transactions
will be secure.
Third, with the availability of strong encryption overseas
and on the Internet, the Administration's export restrictions
only serve to tie the hands of American business. Due in large
part to these export controls, foreign companies are winning an
increasing number of contracts by telling prospective clients
that American encryption products are weak and inferior, which
is robbing our economy of jobs and revenue. I understand you
are going to hear testimony further in regard to the new report
mentioned in the New York Times article, which Senator Kerry
made a part of the record.
In fact, one study, one noted study, found that failure to
address the current export restrictions by the year 2000 will
cost American industry $60 billion and 200,000 jobs. Under the
current system, America is surrendering our dominance of the
global marketplace.
The SAFE Act remedies this situation by allowing the export
of generally available American-made encryption products after
a 15-day, one-time technical review. Additionally, the bill
allows custom-designed encryption products to be exported after
the same review period if they are commercially available
overseas and will not be used for military or terrorist
purposes.
The SAFE Act enjoys the support of members, individuals,
and organizations across the entire spectrum of ideological and
political beliefs, not only because it is a common sense
approach to solving a serious problem, but also because
ordinary Americans' privacy and security is being assaulted by
this Administration.
Amazingly enough, some in the Administration want to
mandate a back door into people's computer systems in order to
access their private communications. In fact, some in the
Administration have stated that if people do not voluntarily
create this back door, they may seek legislation forcing them
to give the Government access to their information by mandating
a key recovery system requiring people to give the keys to
decode their communications to a government-approved third
party. This is the technological equivalent of mandating that
the Government be given a key to every home in America.
Mr. Chairman, I would also like to note that we will hear
from Administration representatives who will say that they do
not support a mandatory key recovery system. One of the
problems we have had in addressing this is that the
Administration has not been speaking with one voice and there
has been an inconsistency with regard to their policy.
I would like to note with great appreciation the position
you and Chairman McCain have taken on this issue in the PROTECT
Act. I could not agree more with the domestic-related
provisions of your legislation which, like the SAFE Act,
prevent the Administration from putting roadblocks on the
information superhighway by prohibiting the Government from
mandating a back door into the computer systems of private
citizens and businesses.
Additionally, both the PROTECT Act and the SAFE Act ensure
that all Americans have the right to choose any security system
to protect their confidential information.
I would like to encourage you to consider further changes
in this area with regard to export controls. Certainly the
immediate decontrol of 64-bit encryption is helpful to our
industry, as are the provisions allowing the export of strong
encryption to, as you have called them, legitimate and
responsible entities or organizations and their strategic
partners, and the unlimited export of encryption once the new
AES standard is developed and implemented. These are marked
improvements over Chairman McCain's legislation contained in S.
909 from the last Congress.
Our industry needs export relief now and I do not believe
that it can afford to wait until the AES standard is adopted a
few years from now. While the immediate decontrol of 64-bit
encryption is better than the Administration's current 56-bit
level, the industry standard is, as has been noted here today,
128 bits, which consumers and companies alike are demanding to
protect their communications and transactions.
So as the PROTECT Act moves through the Senate, I encourage
you to continue to look for ways to provide further export
relief to U.S. industry.
I would also like to note that the SAFE Act does not
completely eliminate export controls on encryption products.
Like the PROTECT Act, the SAFE Act allows the President to
prohibit encryption exports to terrorist states and impose
embargoes and allows the Secretary of Commerce to stop the
export of specific products to specific individuals or
organizations in specific countries if there is substantial
evidence that they will be used for military or terrorist
purposes.
As NSA Deputy Director Barbara McNamara recently testified
before the House Commerce Committee, ``end uses and end users
are what the Administration uses to determine whether a product
should be exported. This is official government policy.'' With
the millions of communications, transmissions, and transactions
that occur on the Internet every day, American citizens and
businesses must have the confidence that their private
information and communications are safe and secure.
I want to again thank you for allowing me to testify today
and I look forward to working with you and Senator Ashcroft as
you move forward on this legislation. We hope you can pass a
good bill out of the Senate. We will try to do the same thing
in the House and work together to resolve this problem.
Thank you.
[The prepared statement of Representative Goodlatte
follows:]
Prepared Statement of Hon. Bob Goodlatte, U.S. Representative
from Virginia
Mr. Chairman, I would like to thank you for inviting me to testify
today on legislation you have introduced--S. 798, the PROTECT Act of
1999--to encourage the use of strong encryption.
As you know, I have worked for many years on the encryption issue
in the House. The legislation I have introduced this Congress, H.R.
850, the Security And Freedom through Encryption (SAFE) Act of 1999,
currently has 257 cosponsors, including a majority of both the
Republican and Democratic leadership. The SAFE Act has passed the House
Judiciary Committee by voice vote, and is now pending before the
committees on International Relations, Commerce, Armed Services, and
Intelligence. Each of these additional committees is expected to act
soon on the legislation, and it is my hope that the SAFE Act will be
considered by the House in the summer or early fall.
Encryption has many benefits. First, it aids law enforcement by
preventing piracy and white-collar crime on the Internet. Several
studies over the past few years have demonstrated that the theft of
proprietary business information costs American industry hundreds of
billions of dollars each year. The use of strong encryption to protect
financial transactions and information would prevent this theft from
occurring. With the speed of transactions and communications on the
Internet, law enforcement cannot stop thieves and criminal hackers by
waiting to react until after the fact.
Only by allowing the use of strong encryption, not only
domestically but internationally as well, can we hope to make the
Internet a safe and secure environment. As the National Research
Council's Committee on National Cryptography Policy concluded, ``If
cryptography can protect the trade secrets and proprietary information
of businesses and thereby reduce economic espionage (which it can), it
also supports in a most important manner the job of law enforcement. If
cryptography can help protect nationally critical information systems
and networks against unauthorized penetration (which it can), it also
supports the national security of the United States.''
Second, if the Global Information Infrastructure is to reach its
true potential, citizens and companies alike must have the confidence
that their communications and transactions will be secure.
Third, with the availability of strong encryption overseas and on
the Internet, the Administration's export restrictions only serve to
tie the hands of American business. Due in large part to these export
controls, foreign companies are winning an increasing number of
contracts by telling prospective clients that American encryption
products are weak and inferior, which is robbing our economy of jobs
and revenue. In fact, one noted study found that failure to address the
current export restrictions by the year 2000 will cost American
industry $60 billion and 200,000 jobs. Under the current system,
America is surrendering our dominance of the global marketplace.
The SAFE Act remedies this situation by allowing the export of
generally available American-made encryption products after a 15-day,
one-time technical review. Additionally, the bill allows custom-
designed encryption products to be exported, after the same review
period, if they are commercially available overseas and will not be
used for military or terrorist purposes.
The SAFE Act enjoys the support of members, individuals and
organizations across the entire spectrum of ideological and political
beliefs, not only because it is a common-sense approach to solving a
serious problem, but also because ordinary Americans' privacy and
security is being assaulted by this Administration.
Amazingly enough, the Administration wants to mandate a back door
into peoples' computer systems in order to access their private
communications. In fact, the Administration has stated that if people
do not ``voluntarily'' create this back door, it may seek legislation
forcing them to give the government access to their information, by
mandating a ``key recovery'' system requiring people to give the keys
to decode their communications to a government-approved third party.
This is the technological equivalent of mandating that the government
be given a key to every home in America.
Mr. Chairman, I would like to note with great appreciation the
position you have taken on this issue in the PROTECT Act. I couldn't
agree more with the domestic-related provisions of your legislation,
which--like the SAFE Act--prevent the Administration from placing
roadblocks on the information superhighway by prohibiting the
government from mandating a back door into the computer systems of
private citizens and businesses. Additionally, both the PROTECT Act and
the SAFE Act ensure that all Americans have the right to choose any
security system to protect their confidential information.
On the issue of export relief, I would also like to commend you for
the changes you have made in this year's bill. Certainly the immediate
decontrol of 64-bit encryption is helpful to our industry, as are the
provisions allowing the export of stronger encryption to, as you have
called them, ``legitimate and responsible entities or organizations and
their strategic partners,'' and the unlimited export of encryption once
the new AES standard is developed and implemented. These are marked
improvements over the export restrictions contained in S. 909 from the
last Congress.
However, I would like to encourage you to consider further changes
in this area, along the lines of those contained in the SAFE Act. Our
industry needs export relief now--I do not believe that it can afford
to wait until the AES standard is adopted a few years from now. And
while the immediate decontrol of 64-bit encryption is better than the
Administration's current 56-bit level, the industry standard is
currently 128-bit encryption--which consumers and companies alike are
demanding to protect their communications and transactions. So as the
PROTECT Act moves through the Senate, I encourage you to continue to
look for ways to provide further export relief to U.S. industry.
I would also like to note that the SAFE Act does not completely
eliminate export controls on encryption products. Like the PROTECT Act,
the SAFE Act allows the President to prohibit encryption exports to
terrorist states and impose embargoes, and allows the Secretary of
Commerce to stop the export of specific products to specific
individuals or organizations in specific countries if there is
substantial evidence that they will be used for military or terrorist
purposes. And as NSA Deputy Director Barbara McNamara recently
testified before the House Commerce Committee, ``end uses and end users
are what we use to determine whether a product should be exported--this
is official government policy.''
With the millions of communications, transmissions, and
transactions that occur on the Internet every day, American citizens
and businesses must have the confidence that their private information
and communications are safe and secure. Again, thank you for allowing
me to testify today, and I look forward to working together with you as
the PROTECT Act moves through the Senate and the SAFE Act moves through
the House.
Senator Burns. Thank you very much, Congressman. We
appreciate your interest and leadership in this issue.
I am going to call the panel. Any questions for the
Congressman?
Senator Ashcroft. May I just commend the Congressman. I
have had the opportunity and good fortune to work with him, and
his understanding of the issues related to encryption is
unsurpassed in the Congress. I appreciate that, and I think,
frankly, the American people and the data industry owes you a
debt of gratitude. I know that I do, and I thank you for your
leadership.
Mr. Goodlatte. Thank you for your kind words.
Senator Snowe. Mr. Chairman.
Senator Burns. The Senator from Maine.
STATEMENT OF HON. OLYMPIA J. SNOWE, U.S. SENATOR
FROM MAINE
Senator Snowe. Thank you, Mr. Chairman. I want to welcome
my good friend and former colleague from the House here today,
and commend you for your leadership on this issue and your
presentation before the committee.
Mr. Goodlatte. Thank you, Senator Snowe. I would like to
tell you that I will be in your State, in fact in your home
town, tomorrow and Saturday for my 25th reunion at Bates
College. So I appreciate your kind words.
Senator Snowe. I wish you good weather and great lobsters.
Mr. Goodlatte. Thank you.
Senator Burns. At least they have got a warning up there,
right?
Mr. Goodlatte. That is right.
Senator Burns. We like these warnings.
I will call the first panel to the table, and while they
are coming up, Senator Snowe, do you have a statement that you
would like to make?
Senator Snowe. No, Mr. Chairman. I have a statement for the
record.
Senator Burns. It will be made part of the record.
[The prepared statement of Senator Snowe follows:]
Prepared Statement of Hon. Olympia J. Snowe, U.S. Senator from Maine
Thank you, Mr. Chairman. Today's hearing is extremely important
because it addresses an issue that will only grow in importance as the
Global Information Infrastructure (GII) continues to develop and
evolve: the availability of strong encryption technology.
Without the knowledge that one's information is private and secure,
the full potential of the Global Information Infrastructure--and the
transmission and utilization of information on the Internet in
particular--will never be realized.
On the one hand, if one is certain that their proprietary or
personal information can only be accessed by those for whom it is
intended, one will be at ease putting business plans, personal medical
records, and other confidential files ``on-line''. But if security is
inadequate for the prevention of unauthorized ``browsing'' or outright
``piracy,'' one's willingness to utilize the countless benefits of on-
line commerce will be severely hampered.
The United States imposes limits on the export of encrypted
products-- in part--to ensure that law enforcement and intelligence
agencies have easier access to the information these products contain.
Presumably, if the products exported by the United States do not allow
for encryption beyond a certain level, the threat to national security
will be lessened.
While I believe we would all agree that national security is of the
utmost importance--and any policy that protects American citizens from
``on-line crime'' is beneficial--it is also important that we be
realistic in setting these policies. If our policies do not reflect the
reality of the global marketplace, we will not only fail to accomplish
the goals we are pursuing, but we may also risk harming businesses and
consumers in the United States that we are seeking to protect.
In addition, high-tech industries in the United States have a great
deal at stake in the ongoing debate on encryption export restrictions.
If our current export policies are ``behind the times,'' domestic
producers of computer hardware and software risk being at a competitive
disadvantage in the global marketplace. At the same time, other U.S.
companies that rely on the use of these encrypted technologies to
manufacture consumer products--such as cellular telephones--could also
be adversely impacted by a poorly conceived export policy.
Accordingly, today's hearing will give us a chance to review the
need for, and impact of, S. 798, the PROTECT Act--legislation that
would fundamentally alter the manner in which encryption export
restrictions are established. Ultimately, it is my hope that this
hearing will assist us in determining whether or not our current export
restrictions are both practical and effective, and if changes such as
those contained in S. 798 would be a step forward or a step back for
the United States.
I would like to thank our witnesses for being with us this morning,
and look forward to the discussion this hearing will generate on a
topic that is so fundamental to the development of the world's
information infrastructure. Thank you, Mr. Chairman.
Senator Burns. We have William Reinsch, who is the Under
Secretary of Export Administration, Department of Commerce;
James Robinson, Assistant Attorney General from the Criminal
Division; and we have Barbara McNamara, Deputy Director of the
National Security Agency.
We appreciate all of you taking time in your busy days and
your responsibilities and duties to come and visit with us
today about this very important subject. We will just go in
order, I guess. So Secretary Reinsch, we look forward to
hearing from you and some of yours.
I might add that your complete statement will be made part
of the record. If you want to consolidate that and offer your
views, that is perfectly OK, too. We appreciate you coming
today.
Mr. Secretary, good to see you again.
STATEMENT OF HON. WILLIAM A. REINSCH, UNDER SECRETARY OF EXPORT
ADMINISTRATION, U.S. DEPARTMENT OF COMMERCE
Mr. Reinsch. Thank you, Mr. Chairman. It is good to be
back. I do have a shorter statement. We have a lot to say about
this bill, however, so it is not quite as short as it could be,
I suppose.
I want to thank you for the opportunity to be back to
discuss this difficult subject. I think we made a lot of
progress since I was here the last time, and that is one of the
subjects I want to discuss with you.
It should be obvious from the testimony today that
encryption is a hotly debated issue. I want to make clear what
the Administration's policy is. We support a balanced approach
which considers privacy and commerce, as well as protecting
important law enforcement and national security equities. We
have been consulting closely with industry and its customers to
develop a policy that provides that balance in a way that also
reflects the evolving realities of the marketplace.
There is no question about the evolving role of encryption
in the marketplace and in e-commerce, and my full statement has
a lot to say about that in terms of details, I will not pass
that on to this committee at this time because you are already
well familiar with it.
But I do want to say that developing a balanced policy is
complicated because we do not want to hinder encryption's
legitimate use, but at the same time we do want to protect
national security and law enforcement. Now, over the last
several years as we have been studying this problem we have
learned that there are many ways to assist lawful access beyond
key escrow or key recovery and that there is no one-size-fits-
all solution. We believe our policy reflects that, and I would
like to describe it for you.
We published a regulation in September 1998, which allows
the export of unlimited strength encryption to banks and
financial institutions. This allows U.S. companies new
opportunities to sell encryption products to a key market for
encryption products.
Last September, the Vice President also unveiled an update
to our policy, and we published regulations implementing it
last December. It permits the free export of unlimited strength
encryption products to several key sectors of the market. In
addition to banks and financial institutions, we now allow
health facilities and online merchants to purchase U.S.
encryption to secure their sensitive financial, medical, and
online transactions in digital form. U.S. companies can now
export 128-bit or greater encryption products, including
encryption technology, to subsidiaries located worldwide to
protect proprietary information and to develop new products.
Furthermore, this update allows the export of unlimited
strength recovery-capable or recoverable products. These
products do not require a third party to hold any key, are not
key escrow, but allow for law enforcement access under proper
court authority. They are readily available in the marketplace
and include general purpose routers, firewalls, and virtual
private networks.
We have also made progress with other countries, Mr.
Chairman, through the hard work of Ambassador David Aaron, the
President's Special Envoy on Cryptography. We agreed in the
Wassenaar arrangement last December on several changes relating
to encryption controls. We removed multilateral controls on all
encryption products at or below 56 bits and certain consumer
items regardless of key length.
We also agreed to amend the General Software Note on this
issue. Drafted in 1991 when banks, governments, and militaries
were the primary users of encryption, the General Software Note
did not give countries the legal authority to require a license
for the export of mass market encryption software. The note was
created to release general purpose software used on PCs, but it
inadvertently also released encryption.
We believed it was essential to modernize the note and
close the loophole. Under a new Cryptography Note adopted in
December, a 64-bit key length threshold has been set for mass
market encryption software and hardware. This enables
governments to review export mass market products stronger than
64 bits.
I want to be clear. This does not mean that encryption
products of more than 64 bits cannot be exported. Our own
policy permits that, as I just made clear, as does the policy
of most other Wassenaar members. It does mean the products must
be reviewed by governments consistent with their national
policies before export.
Now, let me comment in conclusion, Mr. Chairman, on the
PROTECT Act. With respect to S. 798, the Administration opposes
this legislation for a number of reasons. Overall, we believe
it does not promote the balance that we worked so hard to
achieve over the last several years and which I have just
defined.
Let me discuss several, but not all, of the more
problematic sections. Under section 505, the removal of export
controls on publicly or generally available encryption is left
to an advisory board. We believe such a board would be
unworkable. The broad definitions used in the bill would give
the board wide latitude in making its findings on what is
available. This could place the Secretary in the position of
having to routinely object to the removal of export controls
when important national security and law enforcement interests
are at stake.
The bill also makes this decision subject to judicial
review. The Administration does not think it is wise public
policy for the courts to adjudicate executive branch decisions
on national security matters like the ones that would be rolled
into these kinds of decisions.
Section 501 of the bill removes the Department of Justice
from the encryption export license consultation process. Since
law enforcement interests are an important consideration in
regard to encryption, we cannot support that provision. We do
support the provisions that require a technical review for
eligibility for export under a license exception. That is
consistent with our current regulations. What we cannot
support, however, is the portion of section 504 that would
provide automatic eligibility after 15 days if there has been
no decision from the government.
That same section also proposes control parameters and
export liberalizations beyond what we can entertain and which
would be contrary to our international export control
obligations. For example, Wassenaar agreed to decontrol
products up to 56 bits. This bill would decontrol products
using a key length of 64 bits or less.
Section 504 also expands the products, end users, and
countries eligible beyond what we are willing to consider at
this point.
Section 102 is also troubling, as it would permit a U.S.
person located anywhere in the world to develop, manufacture,
sell or use any type of encryption. This would in effect
prevent the government from requiring a license for U.S.
persons to develop and manufacture encryption abroad. As a
result, U.S. companies would likely move all development and
manufacture of encryption out of the United States in order to
take advantage of this loophole. This is not in our country's
economic or national security interests.
Section 103 contains a provision that would prohibit the
U.S. Government from conditioning any approval on the fact that
a product is recoverable. A fundamental feature of our
encryption policy is that we provide incentives for companies
to develop products that provide strong security and also meet
the needs of national security and law enforcement. The bill
would eliminate this laudable feature of our policy that
industry had asked us to include in last year's update. This
provision is also inconsistent with section 504, which allows
license exception treatment for recoverable products.
Now, we have also some problems, Mr. Chairman, with other
non-export control provisions of the bill. Section 202 requires
that encryption products used by the Government must
interoperate with other commercial encryption products. The
extent to which interoperability is required is unclear in the
bill as drafted, but we believe that the practical result of
the bill would be that the Government could not use encryption
because no single encryption product interoperates with all
other products.
It also appears that this provision could prohibit the use
of encryption developed by the Government for its own internal
use in closed systems that are purposefully designed not to
interoperate with other systems, such as those used by the
Department of Defense or the National Security Agency.
I want to make clear we do not seek encryption export
control legislation, nor do we believe that legislation is
needed. We believe the current regulatory structure is
sufficient for balanced oversight. As the Senators here today
know, public debate on this issue has often been lively and on
some occasions acrimonious, although certainly not in this
room. We hope to find a middle ground that can meet all of our
needs.
Our dialog with industry has gone a long way toward
bridging that gap and finding that middle ground. We will
continue this policy of cooperative exchange, which is clearly
the best way to pursue our policy objectives of balancing
public safety, national security, and the competitive interests
of our companies.
Thank you, Mr. Chairman.
[The prepared statement of Mr. Reinsch follows:]
Prepared Statement of William A. Reinsch, Under Secretary for
Export Administration, U.S. Department of Commerce
Thank you, Mr. Chairman, for the opportunity to testify on the
direction of the Administration's encryption policy. We have made a
great deal of progress since my last testimony before this Committee on
this subject.
Even so, encryption remains a hotly debated issue. The
Administration continues to support a balanced approach which considers
privacy and commerce as well as protecting important law enforcement
and national security equities. We have been consulting closely with
industry and its customers to develop a policy that provides that
balance in a way that also reflects the evolving realities of the
market place.
One of the many uses of the Internet which will have a significant
affect on our everyday lives is electronic commerce. The Internet and
other digital media are becoming increasingly important to the conduct
of international business. There were 43.2 million Internet hosts
worldwide last January compared to only 5.8 million in January 1995.
According to a recent study, the value of e-commerce transactions in
1996 was $12 million. The projected value of e-commerce in 2000 is
$2.16 billion. To cite one example, travel booked on Microsoft's
Website has doubled every year since 1997, going from 500,000 to an
estimated 2.2 million this year. Many service industries which
traditionally required face-to-face interaction such as banks,
financial institutions and retail merchants are now providing cyber
service. Customers can now sit at their home computers and access their
banking and investment accounts or buy a winter jacket with a few
strokes of their keyboard.
Furthermore, most businesses maintain their records and other
proprietary information digitally. They now conduct many of their day-
to-day communications and business transactions via the Internet and E-
mail. An inevitable byproduct of this growth of electronic commerce is
the need for strong encryption to provide the necessary secure
infrastructure for digital communications, transactions and networks.
The disturbing increase in computer crime and electronic espionage has
made people and businesses wary of posting their private and company
proprietary information on electronic networks if they believe the
infrastructure may not be secure. A robust secure infrastructure can
help allay these fears, and allow electronic commerce to continue its
explosive growth.
Developing an encryption policy has been complicated because we do
not want to hinder its legitimate use--particularly for electronic
commerce; yet at the same time we want to protect our vital national
security, foreign policy and law enforcement interests. We have
concluded that the best way to accomplish this is to continue a
balanced approach: to promote the development of strong encryption
products that would allow lawful government access to plain text under
carefully defined circumstances; to promote the legitimate uses of
strong encryption to protect confidentiality; and continue looking for
additional ways to protect important law enforcement and national
security interests.
During the past three years, we have learned that there are many
ways to assist lawful access. There is no one-size-fits-all solution.
The plans for recovery encryption products we received from more than
60 companies showed that a number of different technical approaches to
recovery exist. In licensing exports of encryption products under
individual licenses, we also learned that, while some products may not
meet the strict technical criteria of our regulations, they are
nevertheless consistent with our policy goals.
Additionally, we decided that the use of strong non-recovery
encryption within certain trusted industry sectors is an important
component of our policy to protect private consumer information and
allow our U.S. high-tech industry to maintain its lead in the
information security market. Taking into account all that we have
learned and reviewing international market trends and realities, we
made several changes in 1998 to our encryption policy that I will now
summarize.
In September 1998, we published a regulation allowing the export,
under a license exception, of unlimited strength encryption to banks
and financial institutions located in 46 countries which allows U.S.
companies new opportunities to sell encryption products to the world's
leading economy. This policy recognizes the need to secure our
financial networks, and the history of cooperation which the banking
and financial communities have with government authorities when
information is required to combat financial and other crimes.
More importantly, on September 16th, Vice President Gore unveiled
an update to our encryption policy. This Policy Update was the result
of a dialogue with U.S. industry, law enforcement, and privacy groups
on how our policy might be improved to find technical solutions, in
addition to key recovery, that can assist law enforcement in its
efforts to combat crime. At the same time, we wanted to find ways to
assure continued U.S. technology leadership, promote secure electronic
commerce, and protect privacy concerns. We believed then and now that
the best way to make progress on this issue is through a constructive,
cooperative dialogue, rather than by legislative solutions. Through
dialogue lasting more than a year, there has been increased
understanding among the parties and we have made progress.
On December 31, we published regulations implementing the Vice
President's policy announcement. These regulations will not end the
debate over encryption controls, but we believe the regulation
addresses some private sector concerns by opening large markets and
further streamlining exports.
The Update permits the export of 128-bit encryption products and
higher (with or without key recovery) to several important industry
sectors. Now, banks, financial institutions, health facilities, and on-
line merchants can secure their sensitive financial, medical, and on-
line transactions in digital form. This update also allows U.S.
companies to export 128-bit or greater encryption products, including
technology to subsidiaries around the world, to protect its proprietary
information and to develop new products. Further, this update allows
the export of 128-bit or greater ``recovery capable'' or
``recoverable'' encryption products under an encryption licensing
arrangement. Such products include those that are readily available in
the marketplace such as general purpose routers, firewalls, and virtual
private networks. These recoverable products are usually managed by a
network or corporate security administrator without any involvement by
a third party. Since the Update announcement, Industry has been taking
advantage of this new liberalization and the streamlined process
awarded to such products.
Many of the updates permit the export of encryption to these end-
users under a license exception. That is, after the product receives a
technical review, it can be exported by manufacturers, resellers and
distributors without the need for a license or other additional review.
These license exceptions currently apply to a list of countries or a
set of end users. We also have a general policy of approval for exports
to those sectors through encryption licensing arrangements (ELA), a
kind of bulk license, to allow unlimited shipments of strong encryption
to the sectors worldwide.
We also further streamlined exports of key recovery products by no
longer requiring a review of foreign key recovery agents and no longer
requiring companies to submit business plans.
We recognize that the development of our policy is an evolutionary
process, and we intend to continue our dialogue with industry. Our
policy will continue to adapt to technology and market changes. We will
review our policy again this year with a view toward making further
changes. An important component of our review is input from industry,
which we are receiving through our continuing dialogue.
This past year, we also made progress on developing a common
international approach to encryption controls through the Wassenaar
Arrangement. Established in 1996 as the successor to COCOM, it is a
multilateral export control arrangement among 33 countries whose
purpose is to prevent destabilizing accumulations of arms and
industrial equipment with military uses in countries or regions of
concern. Wassenaar provides the basis for many of our export controls.
In December, through the hard work of Ambassador David Aaron, the
President's special envoy on encryption, the Wassenaar Arrangement
members agreed on several changes relating to encryption controls.
These changes go a long way toward increasing international security
and public safety by providing countries with a stronger regulatory
framework for managing the spread of robust encryption. Specific
changes to multilateral encryption controls include removing
multilateral controls on all encryption products at or below 56 bit and
certain consumer items regardless of key length, such as entertainment
TV systems, DVD products, and on cordless telephone systems designed
for home or office use.
Most importantly, the Wassenaar members agreed to remove encryption
software from Wassenaar's General Software Note and replace it with a
new cryptography note. Drafted in 1991, when banks, government and
militaries were the primary users of encryption, the General Software
Note allowed countries to export mass market encryption software
without restriction. The GSN was created to release general purpose
software used on personal computers, but it inadvertently also
permitted countries to release encryption. It was essential to
modernize the GSN and close the loophole that permitted the
uncontrolled export of encryption with unlimited key length. Under the
new cryptography note, mass market hardware has been added and a 64-bit
key length or below has been set as an appropriate threshold. This will
lead governments to review the dissemination of 64-bit and above
encryption.
I want to be clear that this does not mean encryption products of
more than 64 bits cannot be exported. Our own policy permits that, as
does the policy of most other Wassenaar members. It does mean, however,
that such exports now can be reviewed by governments consistent with
their national export control procedures.
Export control policies without a multilateral approach have little
chance of success. Agreement among the Wassenaar members on the
treatment of mass market encryption products is a strong indication
that other countries share our public safety and national security
concerns. Contrary to what many people thought two years ago, we have
found that most major encryption producing countries are interested in
developing a common approach to encryption controls.
THE PROTECT ACT
With respect to S. 789, the Administration opposes this legislation
for a number of reasons. Overall the bill does not promote the balance
that this Administration has worked so hard to achieve over the past
several years. Let me now discuss some of the more problematic
sections.
Under section 505, the removal of export controls on publicly or
generally available encryption is in effect left to an advisory board
composed of private sector and government representatives, with the
concurrences of the Secretary. We believe such a board would be
unworkable. Although availability is one of the factors we use to
decide whether an encryption product may be exported, it is not the
only factor and should not be elevated above the others. We need to be
able to take all factors, including national security and public
safety, into account when making export control decisions. Disallowing
or downgrading important considerations will only serve to weaken our
export control system. The broad definitions used in the bill would
give the Board wide latitude in making its findings on what is
available. This could place the Secretary in the position of having to
routinely object to the removal of export controls when important
national security and law enforcement interests are at stake. The bill
makes this decision subject to judicial review. The Administration does
not think it is wise public policy for the courts to adjudicate
Executive Branch decisions on these matters.
Section 501 removes the Department of Justice from the encryption
export license consultation process. Since law enforcement interests
are an important consideration in regard to encryption, we cannot
support this provision.
We support the provisions in the bill that require a technical
review for eligibility to export encryption under a license exception.
In fact, this is consistent with current regulations. What we cannot
support, however, is the portion of section 504 that would provide
automatic eligibility after 15 days if the exporter has not received a
decision from the government. In all cases, a very careful technical
review is completed in order to determine that a product is technically
eligible for a particular license exception. Although we try to perform
these reviews as quickly as possible, a 15-day automatic approval will
severely limit our ability to do a careful review.
Section 504 also proposes control parameters and export
liberalizations beyond what the Administration can entertain and which
would be contrary to our international export control obligations. For
example, Wassenaar agreed to decontrol encryption products up to 56-
bits whereas this bill would decontrol encryption products using a key
length at 64-bits or less. Section 504 also expands the set of
products, end users, and countries eligible to receive encryption under
a license exception beyond what we believe is prudent.
Another troubling part of this bill is section 102, which would
permit a U.S. person located anywhere in the world to develop,
manufacture, sell or use any type of encryption. If this provision were
construed to permit U.S. citizens to develop, manufacture and sell
encryption products overseas, even with the use of non-public
controlled technology that they had acquired in the United States, it
would, in effect, prevent the government from requiring a license for
U.S. persons to develop and manufacture encryption abroad. As a result,
U.S. companies would likely move all development and manufacture of
encryption out of the United States in order to take advantage of this
loophole. This is not in our country's economic or national security
interest.
Section 103 contains a provision that would prohibit the U.S.
Government from conditioning any approval on the fact that a product is
recoverable. A fundamental feature of our encryption policy is that we
provide incentives for companies to develop products that provide
strong security and also meet the needs of national security and law
enforcement. The bill would eliminate this laudable feature of our
policy that industry wanted us to include in last year's update. In
addition, this provision of the bill is inconsistent with section 504
which allows license exception treatment for recoverable products.
Section 506 would eliminate any export controls on products using
the forthcoming Advanced Encryption Standard (AES). We oppose the
removal of export controls on encryption products simply because they
implement a government standard. Products incorporating the AES should
be exportable to the same extent as any other product incorporating
encryption of similar strength. Under our current policy, AES-based
products could be exported to banks, large corporations, on-line
merchants without restriction and to many other safe endusers depending
on the nature of the product. We do not think it is wise to link
development of the AES to export controls. Such a linkage might bring
undue pressure on NIST to complete the AES process faster than planned,
and may therefore not allow prudent study of the security features of
the candidate algorithms before selection.
With respect to the provisions of the bill that do not relate to
export controls, we have a number of questions and concerns.
One such provision in Section 202 requires that encryption products
used by the Government must interoperate with other commercial
encryption products. The extent to which interoperability is required
is unclear in the bill, but we believe the practical result of this
requirement is that the Government could not use encryption because no
single encryption product interoperates with all other products. It
also appears that this provision could prohibit the use of encryption
developed by the government for its own internal use in ``closed''
systems that are purposefully designed not to interoperate with other
systems.
Section 202 also appears to prevent mandatory use of recoverable
encryption when communicating with U.S. Federal, state and local
governments. This would appear to preclude an agency from requiring key
recovery or recoverable products for business purposes. We believe the
effect of this provision may be much broader than simply preventing
government from using recoverable encryption when dealing with the
public. The practical effect would be that Government sites would have
to be capable of supporting secure communications using all encryption
methodologies on the market. This is absurd.
We are concerned that section 302 of the bill may preclude NIST's
work with voluntary standards organizations because it prohibits the
Secretary of Commerce from carrying out any policy that establishes an
encryption standard for use by businesses or other entities other than
for computer systems operated by the United States Government. The
Secretary of Commerce is prohibited from establishing standards for
business; however, when invited by standards organizations to do so,
NIST does, as a matter of policy, work together with those
organizations. Cooperation between NIST and standards organizations is
important for both NIST and industry, and it is consistent with
government policy to use voluntary standards and to purchase commercial
off-the-shelf products. If the government cannot have input to the
standards process, we may end up with less secure products available
for government agencies. We want to encourage, to the extent possible,
the development of voluntary standards that meet the needs of the
government. This reduces costs for both government and industry.
In regard to section 401 dealing with the ``Information Technology
Laboratory,'' we have two concerns. First, we do not think it is
appropriate for NIST to undertake research and development of new
technologies to facilitate lawful access to communications and
electronic information. This activity is more appropriately done by the
FBI. Second, we are concerned that the bill will provide NIST with new
tasks but no new funding to carry out this work. We have similar
concerns with section 402. The advisory board, whose correct statutory
name is ``Computer System Security and Privacy Advisory Board,'' is
made up of 13 volunteers. Again, any additional tasks assigned to this
board would require necessary funding.
The Administration does not seek encryption export control
legislation, nor do we believe such legislation is needed. The current
regulatory structure provides for balanced oversight of export controls
and the flexibility needed to adjust to our economic, foreign policy
and national security interests to advances in technology. This is the
best approach to an encryption policy that promotes secure electronic
commerce, maintains U.S. lead in information technology, protects
privacy, and protects public safety and national security interests.
As you know, public debate over encryption policy has been lively
and often acrimonious. Some of those on both sides of the debate are
not interested in searching for a middle ground that can meet all of
our needs. Our dialogue with industry has gone a long way toward
bridging that gap and finding common ground. We will continue this
policy of cooperative exchange, which is clearly the best way to pursue
our policy objectives of balancing public safety, national security,
and the competitive interests of U.S. companies.
Senator Burns. Thank you, Mr. Secretary. I want to also
thank you for the dialog we have had. We are not new to this
debate. We have been going through it. But we have learned, I
think, from each other. It is enlightening to know how the
evolution of the mind set changes as technology moves forward.
We are pleased to welcome Jim Robinson, Assistant Attorney
General for the Criminal Division. Thank you for coming this
morning.
STATEMENT OF HON. JAMES K. ROBINSON, ASSISTANT ATTORNEY
GENERAL, CRIMINAL DIVISION, U.S. DEPARTMENT OF JUSTICE
Mr. Robinson. Mr. Chairman, members of the committee: I
appreciate the opportunity to appear to--
Senator Burns. Do you want to pull the microphone a little
closer to you.
Mr. Robinson. I will, Senator. Thank you.
I appreciate the opportunity to present the views of the
Justice Department on the issue of encryption and export
controls. As you would expect, the Justice Department is
particularly interested in the important public safety
interests implicated in the encryption debate. I would like to
emphasize some of the key points outlined in my written
statement submitted to the committee and to place those
thoughts in a more personal context.
When I took office as the Assistant Attorney General for
the Criminal Division about a year ago this month, I quickly
learned how important the encryption debate is to law
enforcement. I served as the U.S. Attorney for the eastern
district of Michigan from 1977 to 1980. From a technological
point of view, the world was a very different place in those
days, both for our society in general and certainly for law
enforcement.
Technological advances have made important new tools
available to law enforcement for the successful investigation
and prosecution of criminal activity. These tools have enhanced
law enforcement's ability to protect public safety and to
achieve just results. The use of DNA evidence is a prime
example. DNA evidence can not only provide strong evidence of
guilt, it can be powerful evidence of innocence.
Technology has also enhanced law enforcement's capacity for
early detection and prevention of criminal acts. But
technological progress has also had its costs. The potential
dark side of this progress is that well-financed criminal
elements are also using new technology to commit crimes, avoid
detection, and to cover their tracks. Traditional highly-
effective law enforcement techniques are threatened by these
developments.
The issue of encryption starkly presents both aspects of
technological progress. Encryption supports public safety and
law enforcement by protecting sensitive and personal
information from unauthorized access. Encryption is therefore,
as many have said here this morning, an absolutely essential
tool for preventing crime in the information age.
The Department is, however, deeply concerned about the
other side of encryption, the threat to public safety posed by
the widespread use of nonrecoverable encryption by criminals.
Thus the Justice Department supports the spread of strong
recoverable encryption both to protect the privacy and safety
of American citizens and the security of our information
infrastructure.
Assessing the benefits versus the risks of encryption for
law enforcement in today's world is complex enough, but the
issue is made even more complex and problematic by the
expanding use of global information networks like the Internet.
Technological advances in electronic commerce and
communication, as we all know, have led to the explosive growth
of the Internet. This development has made the use of robust
encryption essential for protecting the privacy and security of
communications and stored electronic data.
This new technology, however, has also made it possible for
international criminals and terrorists to target America in an
unprecedented number of ways, such as fraud over the Internet,
computer hacking, economic and governmental espionage, and
cyberterrorism. We are also seeing a dramatic growth of
international crime with grave potential consequences for the
Nation.
Law enforcement must be concerned not only with the use of
encryption by domestic criminals, but increasingly we must be
concerned by the ability of foreign criminals and terrorists to
target America and use robust encryption to hide their criminal
activity. Law enforcement agencies in the United States and
abroad have already begun to see cases where encryption has
been used in an attempt to conceal criminal activity. The
number and complexity of these cases will certainly increase as
increasingly powerful encryption proliferates.
As this committee considers the issue of encryption, we
trust that it will consider also, as we know it will, the very
real cost to public safety that the use of nonrecoverable
encryption by terrorists, drug dealers, and other criminals
will pose. Faced with the use of such encryption, agents
frequently and increasingly will be unable to make effective
use of search warrants, wiretap orders, and other legal
processes authorized by Congress and sanctioned by the courts.
Law enforcement will find it increasingly difficult to obtain
important evidence of criminal activities. Critical evidence to
support successful prosecution may simply be unavailable. In
short, this will mean that fewer crimes will be prevented and
fewer criminals will be caught, prosecuted, and taken off the
streets.
Despite these challenges to effective law enforcement, we
cannot and must not ignore the significant benefits of
encryption. That is why the Department supports a carefully
balanced approach to export controls, an approach that seeks to
encourage the favorable uses of encryption while minimizing its
negative effects on public safety and national security. The
Department believes that the rapid elimination of export
controls as proposed in the PROTECT Act would upset this
delicate balance. It is likely that the passage of this act
would cause in the near term the easy acquisition of robust
nonrecoverable encryption products, not only by people we want
to have them, but by terrorist organizations and international
criminals on a global scale. This development will
substantially frustrate the ability of law enforcement to
combat international criminal activity.
Instead of encryption decontrol, we believe that a
continuing dialogue offers the best hope of developing workable
solutions to the encryption dilemma. Law enforcement has been
engaging industry leaders in a continuing and cooperative
dialogue in an attempt to work toward voluntary solutions that
accommodate the needs of privacy, electronic commerce, national
security, and public safety. We will continue to work hard to
make sure that these productive discussions will continue to
bear fruit.
We are realists. We understand that no matter what
solutions industry develops and no matter what policy is
adopted by the Administration and by Congress, some criminals
will obtain and use robust nonrecoverable encryption that will
deny law enforcement the ability to obtain useable evidence. We
cannot afford to stand still while technology passes us by.
Therefore, in addition to an intensive dialogue with industry
and continuing to work with the international community on this
important topic, law enforcement must continue developing its
own technical expertise to deal effectively with encrypted
evidence of criminal activity.
The Department has begun initiatives such as the funding of
a centralized technical resource within the FBI which will
support Federal, State and local law enforcement personnel in
developing a broad range of expertise, technologies, and tools
to respond directly to the threat to public safety posed by the
use of encryption by criminals and terrorists.
In conclusion, we believe that an approach that balances
the need for secure private communications and data storage
with the equally important need to protect the safety of the
public against threats from terrorists and criminals is the
best policy.
We appreciate your willingness to consider these important
public safety concerns and we look forward to working with you
on this important issue. Thank you very much.
[The prepared statement of Mr. Robinson follows:]
Prepared Statement of James K. Robinson, Assistant Attorney General,
Criminal Division, U.S. Department of Justice
Mr. Chairman, thank you for the opportunity to testify about the
Department of Justice's views on encryption, and particularly the
proposed Promote Reliable On-Line Transactions to Encourage Commerce
and Trade (PROTECT) Act, introduced by you as S. 798. As you are aware,
encryption, and specifically export controls on encryption, presents
complex and difficult issues that we are attempting to address with our
colleagues throughout the Administration. In my testimony, I will first
outline the basic perspective and recent initiatives of the Department
of Justice on encryption issues, and will then discuss some specific
concerns with the PROTECT Act.
ENCRYPTION, THE LAW ENFORCEMENT PERSPECTIVE
The Department of Justice supports the spread of strong,
recoverable encryption. Law enforcement's responsibilities and concerns
include protecting privacy and commerce over our nation's
communications networks. For example, we prosecute under existing laws
those who violate the privacy of others by illegal eavesdropping,
computer hacking or theft of confidential information. Over the last
few years, the Department has continually pressed for laws protecting
confidential information and the privacy of citizens. Furthermore, we
help protect commerce by enforcing the laws, including those that
protect intellectual property rights, and that combat computer and
communications fraud. (In particular, we help to protect the
confidentiality of business data through enforcement of the recently
enacted Economic Espionage Act.) Our support for robust encryption is a
natural outgrowth of our commitment to protecting privacy for personal
and commercial interests. As the head of the Criminal Division of the
Department of Justice, I hold these values dear.
But the Department of Justice protects more than just privacy. We
also protect public safety and national security against the threats
posed by terrorists, organized crime, foreign intelligence agents, and
others. Moreover, we have the responsibility for preventing,
investigating, and prosecuting serious criminal and terrorist acts when
they are directed against the United States. We are gravely concerned
that the proliferation and use of non-recoverable encryption by
criminal elements would seriously undermine these duties to protect the
American people. Therefore, we favor the spread of strong encryption
products that permit timely and legal law enforcement access to
plaintext.
The most easily understood example is electronic surveillance.
Court-authorized wiretaps have proven to be one of the most successful
law enforcement tools in preventing and prosecuting serious crimes,
including drug trafficking and terrorism. We have used legal wiretaps
to bring down entire narcotics trafficking organizations, to rescue
young children kidnaped and held hostage, and to assist in a variety of
matters affecting our public safety and national security. In addition,
as society becomes more proficient in its use of computers, evidence of
crimes is increasingly found in stored computer data, which can be
searched and seized pursuant to court-authorized warrants. But if non-
recoverable encryption proliferates, these critical law enforcement
tools would be nullified. Thus, for example, even if the government
satisfies the rigorous legal and procedural requirements for obtaining
a wiretap order, the wiretap would be worthless if the intercepted
communications of the targeted criminals amount to an unintelligible
jumble of noises or symbols. Or we might legally seize the computer of
a terrorist and be unable to read the data identifying his or her
targets, plans and co-conspirators. The potential harm to public
safety, law enforcement, and to the nation's domestic security could be
devastating.
I want to emphasize that this concern is not theoretical, nor is it
exaggerated. Although use of encryption is far from universal, we have
already begun to encounter its harmful effects. For example, in an
investigation of a multinational child pornography ring, investigators
discovered sophisticated encryption used to conceal thousands of images
of child pornography that were exchanged among members. Similarly, in
several major computer hacker cases, the subjects have encrypted
computer files, thereby concealing evidence of serious crimes. In one
such case, the government was unable to determine the full scope of the
hacker's activity because of the use of encryption. Finally, criminal
use of encryption is becoming increasingly international--the United
Kingdom recently reported that in 1996 it seized encrypted files from a
Northern Irish terrorist group concerning terrorist targets such as
police officers and politicians. In that case, law enforcement was able
to read the data, but only after considerable effort.
The lessons learned from these investigations are clear: criminals
are beginning to learn that encryption is a powerful tool for keeping
their crimes from coming to light. Moreover, as encryption proliferates
and becomes an ordinary component of mass market items, and as the
strength of encryption products increases, the threat to public safety
will increase proportionately.
Given both the benefits presented and risks posed by encryption,
the Department believes that encouraging the use of recoverable
encryption products--which protect business and personal data as well
as public safety--is an important part of the Administration's balanced
encryption policy. Recoverable products also fulfill business needs.
Information technology companies have told us that their customers
recognize the need to ensure recoverability of their data when using
strong encryption; otherwise, they risk losing access to their data
forever. For example, a company might find that one of its employees
lost his encryption key, thus accidentally depriving the business of
important and time-sensitive business data. We should point out that
loss of an encryption key is not theoretical. One company told us that
employees commonly lose or forget their passwords, which must then be
restored by system administrators. The same capability must exist for
encryption systems. Similarly, a business may find that a disgruntled
employee has encrypted confidential information and then absconded with
the key. In these cases, a plaintext recovery system promotes important
private sector interests. Indeed, as the Government implements
encryption in our own information technology systems, it also has a
business need for plaintext recovery to assure that data and
information that we are statutorily required to maintain are in fact
available at all times. For these reasons, as well as to protect public
safety, the Department has been affirmatively encouraging the voluntary
development of ``plaintext'' recovery products, recognizing that only
their ubiquitous use will provide both protection for data and
protection of public safety. We also want to underscore that in most
recoverable systems, businesses will manage their own keys.
Because we remain concerned with the impact of encryption on the
ability of law enforcement at all levels of government to protect the
public safety, the Department and the FBI are engaged in continuing
discussions with industry in a number of different fora. These ongoing,
productive discussions seek to find creative solutions, in addition to
key recovery, to the dual needs for strong encryption to protect
privacy and plaintext recovery to protect public safety and business
interests. While we still have work to do, these dialogues have been
useful because we have discovered areas of agreement and consensus, and
have found promising areas for seeking compromise solutions to these
difficult issues. While we do not think that there is one magic
technology or solution to all the needs of industry, private citizens,
and law enforcement, we believe that by working with those in industry
who create and market encryption products, we can benefit from the
accumulated expertise of industry to gain a better understanding of
technology trends and develop advanced tools that balance privacy and
security.
Furthermore, we believe that a constructive dialogue on these
issues is the best way to make progress, rather than export control
legislation. Although export controls on encryption products have been
in place for years and exist primarily to protect national security and
foreign policy interests, they are in no sense inflexible, and have
been updated in recent years in a continuing effort to balance the
needs of privacy, electronic commerce, public safety, and national
security. Indeed, largely as a result of the dialogue the
Administration has had with industry, significant progress has been
made on export controls. Recent updates were announced by Vice
President Gore on September 16, 1998, and implemented in an interim
rule, which was issued on December 31, 1998. The Department of Justice
supports these updates to export controls, which permit the export of
products that have a bit length of 56-bits or less, and also permit the
easy export of unlimited-strength encryption to certain industry
sectors, including medical facilities and banks, financial
institutions, and insurance companies in most jurisdictions. These
changes allow these sectors, which possess large amounts of highly
sensitive and personal information, to use products that will protect
the privacy of their clients. The Administration also expanded its
policy to permit recoverable exports, such as encryption systems
managed by network administrators, to foreign commercial firms. We
learned about these systems through our dialogue with industry.
According to industry, such systems are demanded by the market today
and are in use. They are also largely consistent with the needs of law
enforcement.
The Department, in conjunction with the rest of the Administration,
intends to continue our dialogue with industry, and will evaluate the
export control process on an ongoing basis in order to ensure that the
balance of interests remains fair to all concerned. We agree that there
are a wide range of national interests that must be supported,
including U.S. industry competitiveness. Hence, we are committed to
continued review and dialogue with industry.
At the same time, we must recognize that market forces will only
take us so far. To the extent that criminal activity, such as terrorism
or child pornography, occurs outside the business environment,
criminals would rather lose data than have it seized by law
enforcement. Thus, more must be done. Therefore, the Department of
Justice is also trying to address the threat to public safety from the
widespread use of encryption by enhancing the ability of the Federal
Bureau of Investigation and other law enforcement entities to obtain
the plaintext of encrypted commu-
nications. Among the initiatives is the funding of a centralized
technical resource within the FBI. This resource, when fully
established, will support federal, state, and local law enforcement in
developing a broad range of expertise, technologies, tools, and
techniques to respond directly to the threat to public safety posed by
the widespread use of encryption by criminals and terrorists. It will
also allow law enforcement to stay abreast of rapid changes in
technology. Finally, it will enhance the ability of law enforcement to
fully execute the wiretap orders, search warrants, and other lawful
process issued by courts to obtain evidence in criminal investigations
when encryption is encountered. However, we must recognize that these
efforts--while critical--do not (like market forces) alone provide an
adequate solution to the encryption problem, as the widespread use of
non-recoverable encryption by criminals would quickly overwhelm any
possible law enforcement technical response.
THE PROTECT ACT
In light of the above, the proposed Promote Reliable On-Line
Transactions to Encourage Commerce and Trade Act raises several
concerns from the perspective of the Department of Justice. First, the
Act may impede the voluntary development of products that could assist
law enforcement in obtaining access to plaintext. The Administration
believes that the development of such products is important for a safe
society. For example, the Act might preclude the United States
government from utilizing useful and appropriate incentives to develop
or use key recovery techniques, such as purchasing key recovery
products for its own use and supporting pilot projects that demonstrate
the viability of key recovery.
Second, the Act also could impair the government's ability to
engage in secure electronic commerce. We are concerned that the breadth
of the language in subsection 202(c) may limit the ability of an agency
to require a certain type of authentication mechanism for transactions
between the public and the government. (For example, in the context of
an electronic filing of a regulatory report, a tax return, or an
application for benefits, authentication of the filer's identity is
critical, including for any subsequent enforcement action.) This
concern is raised because the definition of ``encryption'' includes the
use of mathematical formulas to preserve not only confidentiality, but
also integrity or authenticity.
Third, the PROTECT Act places responsibility for developing
techniques for obtaining lawful access to the plaintext of
communications and data in the National Institute for Standards and
Technology (NIST). As I noted above, the Department of Justice has
already begun to create a centralized technical resource within the FBI
to develop a broad range of expertise, technologies, tools, and
techniques to respond to the use of encryption by criminals and
terrorists. In my view, the responsibility for developing such tools
and techniques should in this case lie with law enforcement, because it
is law enforcement that has the operational expertise to understand the
requirements for such tools and techniques to be effective. Moreover,
it is law enforcement that will actually have to put the techniques
into practice. Instead of conferring this new responsibility on NIST, I
would request that Congress continue to support our efforts to develop
technical expertise within the law enforcement community.
Fourth, we share the deep concern of the National Security Agency
that the proposed PROTECT Act would harm national security and public
safety interests through the liberalization of export controls far
beyond our current policy. Among other decontrols, the proposed Act
provides that a product is to be exportable if a product of equivalent
strength or key length will be available outside the United States in
the next 12 months--even if the product of supposedly equivalent
strength is intended for different uses, is not user-friendly or widely
used, is not cost-competitive, or does not present the same threats to
national security. We are concerned that this considerable decontrol of
robust encryption will cause in the near term the easy acquisition of
robust encryption products by terrorist organizations and international
criminals and frustrate the ability of law enforcement to combat these
problems internationally. Moreover, the structure and functions of the
proposed Encryption Export Advisory Board raise concerns under
separation of powers principles and the Appointments Clause.
It is also important to consider that our allies concur that
unrestricted export of encryption poses a significant risk to national
security, especially to regions of concern. As recently as December
1998, the thirty-three members of the Wassenaar Arrangement reaffirmed
the importance of export controls on encryption for national security
and public safety purposes and adopted agreements to enable governments
to review exports of hardware and software with a 56-bit key length and
above and mass-market products above 64 bits, consistent with national
export control procedures. Thus, the elimination of U.S. export
controls, as provided by the proposed Act, would severely hamper the
international community's efforts to combat such international public
safety concerns as terrorism, narcotics trafficking, and organized
crime.
In light of these factors, we believe that the Administration's
more cautious balanced approach is the best way to protect our
commercial interests, including our interest in ensuring the success of
U.S. industry and electronic commerce, while simultaneously protecting
law enforcement and national security interests. We believe that
legislation that eliminates or substantially reduces export controls on
encryption could upset that delicate balance and is unwise.
The recent decision of the United States Court of Appeals for the
Ninth Circuit in Daniel Bernstein v. United States Department of
Justice and United States Department of Commerce has not changed our
view that legislation eliminating or substantially reducing export
controls is contrary to our national interests. The Department of
Commerce and the Department of Justice are currently reviewing the
Ninth Circuit's decision in Daniel Bernstein v. United States
Department of Justice and United States Department of Commerce, and we
are considering possible avenues for further review, including seeking
a rehearing of the appeal en banc in the Ninth Circuit. In the interim,
the regulations controlling the export of encryption products remain in
full effect, even as to Professor Bernstein's own software.
In sum, we as government leaders should embark upon the course of
action that best preserves the balance long ago set by the Framers of
the Constitution, preserving both individual privacy and society's
interest in effective law enforcement. We should promote encryption
products which contain robust cryptography but that also provide for
timely and legal law enforcement access to encrypted evidence of
criminal activity. We should also find ways to support secure
electronic commerce while minimizing risk to national security and
public safety. This is the Administration's approach. We look forward
to working with this Committee as it enters the markup phase of this
bill.
Senator Burns. Thank you very much. We will get into some
questions this morning in a few moments.
We welcome this morning Barbara McNamara, Deputy Director,
National Security Agency. Thank you for coming this morning.
STATEMENT OF BARBARA A. McNAMARA, DEPUTY DIRECTOR, NATIONAL
SECURITY AGENCY
Ms. McNamara. Thank you, Mr. Chairman, members.
Senator Burns. Pull up that microphone a little. You have
such a sweet, soft voice.
Ms. McNamara. Thank you, Mr. Chairman. There are other
people in this room who would probably take issue with that
comment, but I am pleased to hear it.
Senator Burns. They are not the chairman.
Ms. McNamara. But thank you very much, and it is a pleasure
to be here today to talk about this particular bill and its
impact on national security from NSA's standpoint.
NSA plays a critical role in our national security. We
intercept and analyze the communications signals of foreign
adversaries to produce critically unique and actionable
intelligence reports for our national leaders and military
commanders. Very often time is of the essence. Intelligence is
perishable. It is worthless if we cannot get it to the
decision-maker in time to make a difference.
Signals intelligence proved its worth in World War II when
the United States broke the Japanese naval code and learned of
their plans to invade Midway Island. This significantly aided
the U.S. defeat of the Japanese fleet and helped shorten the
war. Today NSA is providing that same kind of intelligence
support to our troops in the former Yugoslavia and other
locations around the world wherever U.S. military forces are
deployed.
Demands on NSA for timely intelligence have only grown
since the breakup of the Soviet Union and have expanded into
national security areas of terrorism, weapons proliferation,
and narcotics trafficking. Currently many of the world's
communications are unencrypted. If not controlled, encryption
will spread and be widely used by foreign adversaries that have
traditionally relied upon unencrypted communications. As a
result, much of the crucial information we are able to provide
today could quickly become unavailable to U.S. decision-makers.
As you review the PROTECT Act, it is very important that
you understand the significant effect certain provisions of
this bill will have on national security. In particular, NSA is
concerned about the establishment of an Encryption Export
Advisory Board heavily weighted to private sector
representation. This effectively cedes control over U.S. export
policy to the private sector.
Furthermore, the board is to base its recommendation for
export on the foreign availability or public availability of
comparable products. In the interests of national security,
encryption export policy should not and cannot be based solely
on foreign availability.
The PROTECT Act calls for the export of a product greater
than 64 bits if it will generally be widely available from a
foreign supplier within the next 12 months. Any policy based on
the foreign or public availability of a comparable product,
especially a year in advance of its actual appearance in the
marketplace, will force administration policy to be driven by
unfounded market trends without consideration of national
security or foreign policy interests.
Foreign products are often not as widely used as reported,
as secure as advertised, or as easy to use for lack of an
infrastructure as represented. In many cases, a foreign
encryption product is subject to the export controls of the
country in which it is manufactured. In the case of the other
32 Wassenaar nations, an encryption product is held to the same
or similar standards as U.S. products.
In addition, there are other important concerns that must
be taken into consideration when deciding if a product should
be exported, such as to whom the product is exported and for
what purpose. In that regard, the PROTECT Act also eliminates
the end user reporting that is so valuable to national
security.
The PROTECT Act permits strong encryption products to be
approved under a license exception for export to so-called
``trustworthy entities and regions'' without prior government
knowledge of intended end users. These include any foreign
partners of U.S. companies, other governments, and almost any
foreign commercial firm in any country. Some end users could in
fact be targets of national security interests, such as
narcotics traffickers.
The PROTECT Act also automatically decontrols the export of
strong encryption in the form of systems using the Advanced
Encryption Standard to any destination upon adoption of AES,
but at least by January 1, 2002. While current U.S. policy has
opened up many sectors in many nations, it has done this in a
thoughtful manner that miniminizes the risks to important
national security interests. The PROTECT Act upsets this
delicate balance by widely expanding exports without due
consideration to national security.
Finally, the PROTECT Act's 15-day technical review period
is too rigid to permit a meaningful technical review. The
government needs the opportunity to review a proposed export to
assure it is compatible with U.S. national security interests
and requires the ability to deny an export application if
national security concerns are not adequately addressed.
The ability to know what is being considered for export is
a key part of U.S. export control policy. In some cases today,
this process takes longer than 15 days because insufficient
information is provided as part of the initial application.
Let me make it clear. We want U.S. companies to effectively
compete in world markets. In fact, it is something that we
strongly support as long as it is consistent with national
security needs.
In summary, the PROTECT Act will harm national security. It
will make NSA's job of providing critical actionable
intelligence to our leaders and military commanders difficult,
if not impossible, thus putting our Nation's security at
considerable risk. The United States cannot have an effective
decision-making process or a strong fighting force or a
responsive law enforcement community or a strong
counterterrorism capability unless the information required to
support them is available in time to make that difference.
Thank you, gentlemen.
[The prepared statement of Ms. McNamara follows:]
Prepared Statement of Barbara A. McNamara, Deputy Director, National
Security Agency
Mr. Chairman, thank you for giving me the opportunity today to
discuss the important issue of encryption. I will be discussing the
national security needs for export controls on encryption and why we
oppose legislation that would effectively lift those controls. I will
then address specific concerns NSA has with provisions of the PROTECT
Act. However, I should like to begin by briefly introducing the
National Security Agency (NSA) and its mission.
The National Security Agency was founded in 1952 by President
Truman. As a separately organized agency within the Department of
Defense, NSA provides signals intelligence to a variety of users in the
Federal Government and secures information systems for the Department
of Defense and other U.S. Government agencies. NSA was designated a
Combat Support Agency in 1988 by the Secretary of Defense in response
to the Goldwater-Nichols Department of Defense Reorganization Act.
The ability to understand the secret communications of our foreign
adversaries while protecting our own communications--a capability in
which the United States leads the world--gives our nation a unique
advantage. The key to this accomplishment is cryptology, the
fundamental mission and core competency of NSA. Cryptology is the study
of making and deciphering codes, ciphers, and other forms of secret
communications. NSA is charged with two complementary tasks in
cryptology: first, exploiting foreign communications signals and
second, protecting the information critical to U.S. national security.
By ``exploitation,'' I am referring to signals intelligence, or the
process of deriving important intelligence information from foreign
communications signals; by ``protection'' I am referring to providing
security for information systems. Maintaining this global advantage for
the United States requires preservation of a healthy cryptologic
capability in the face of unparalleled technical challenges.
It is the signals intelligence (SIGINT) role that I want to address
today. Our principal responsibility is to ensure a strong national
security environment by providing timely information that is essential
to critical military and policy decision making. NSA intercepts and
analyzes the communications signals of our foreign adversaries, many of
which are guarded by codes and other complex electronic
countermeasures. From these signals, we produce vital intelligence
reports for national deci-
sion makers and military commanders. Very often, time is of the
essence. Intelligence is perishable; it is worthless if we can not
provide it in time to make a
difference in rendering vital decisions.
For example, SIGINT proved its worth in World War II when the
United States broke the Japanese naval code and learned of their plans
to invade Midway Island. This intelligence significantly aided the U.S.
defeat of the Japanese fleet. Subsequent use of SIGINT helped shorten
the war. NSA continues today to provide vital intelligence to the
warfighter and the policy maker in time to make a difference for our
nation's security. Demands on us in this arena have only gown since the
break-up of the Soviet Union and have expanded to address other
national security threats such as terrorism, weapons proliferation, and
narcotic trafficking, to name a few.
Because of these growing serious threats to our national security,
care must be taken to protect our nation's intelligence equities.
Passage of legislation that decontrols the export of strong encryption
will significantly harm NSA's ability to carry out our mission and will
ultimately result in the loss of essential intelligence reporting. This
will greatly complicate our exploitation of foreign targets and the
timely delivery of intelligence to decision makers because it will take
too long to decrypt a message--if indeed we can decrypt it at all.
Today, many of the worst's communications are unencrypted.
Historically, encryption has been used primarily by governments and the
military. It was employed for confidentiality in hardware-based systems
and was often cumbersome to use. As encryption moves to software-based
implementations and the infrastructure develops to provide a host of
encryption-related security services, encryption will spread and be
widely used by other foreign adversaries that have traditionally relied
upon unencrypted communications. The decontrol of encryption exports
would accelerate the use of encryption by many of these adversaries and
as a result, much of the crucial information we are able to gather
today could quickly become unavailable to us. National security must
have an opportunity to conduct a meaningful review of encryption
products prior to their export. In the past, this review process has
provide us with valuable insight into what is being exported, to whom,
and for what purpose. Without this review and the ability to deny an
export application, it will be impossible to control exports of
encryption to individuals and organizations that threaten the United
States. For instance, decontrol will undermine international efforts to
prevent terrorist attacks, and catch terrorists, drug traffickers, and
proliferators of weapons of mass destruction.
Please do not confuse the needs of national security with the needs
of law enforcement. The two sets of interests and methods vary
considerably and must be addressed separately. The law enforcement
community is primarily concerned about the use of non-recoverable
encryption by persons engaged in illegal activity. At NSA, we are
primarily focused on preserving export controls on encryption to
protect national security.
While our mission is to provide intelligence to help protect the
country's security, we also recognize that there must be a balanced
approach to the encryption issue. The interests of industry and privacy
groups, as well as of the Government, must be taken into account.
Encryption is a technology that will allow our citizens to fully
participate in the 21st Century world of electronic commerce. It will
enhance the economic competitiveness of U.S industry. It will combat
unauthorized access to private information and it will deny adversaries
from gaining access to U.S. information wherever it may be in the
world.
To promote this balanced approach, we are engaged in an ongoing and
productive dialogue with industry. The recent Administration update to
the export control regulations addresses many industry concerns and has
significantly advanced the ability of U.S. vendors to participate in
overseas markets. Of equal significance, the Wassenaar nations,
representing most major producers and users of encryption, agreed
unanimously in December 1998 to control strong hardware and software
encryption products. The Wassenaar Agreement clearly shows that other
nations agree that a balanced approach is needed on encryption policy
and export controls so that commercial and national security interests
are addressed. Both are positive developments because they open new
opportunities for U.S. industry while still protecting national
security. These are examples of the kinds of advances possible under
the current regulatory structure, which provides greater flexibility
than a statutory structure to adjust export controls as circumstances
warrant in order to meet the needs of Government and industry. We want
U.S. companies to effectively compete in world markets. In fact, it is
something we strongly support as long as it is done consistently with
national security needs NSA supports the recent updates to the
Administration's policy. The export provisions were carefully designed
to open up large commercial markers while tying to minimize potential
risk to national security. We believe significant progress was made.
As you review the PROTECT Act, it is very important that you
understand the significant effect certain provisions of this bill will
have on national security. In particular, NSA is concerned about the
establishment of an Encryption Export Advisory Board, heavily weighted
to private sector representation. This effectively cedes control over
U.S. encryption export policy to the private sector. Furthermore, the
Board is to base its recommendation for export on the foreign
availability or public availability of comparable products. In the
interests of national security, encryption export policy should not be
based solely on foreign availability or public availability. The
PROTECT Act calls for the export of a product greater than 64-bits if
it will be generally or widely available from a foreign supplier within
the next twelve months. Any policy based on the foreign or public
availability of a comparable product, especially a year in advance of
its actual appearance in the marketplace, will force Administration
policy to be driven by unfounded market trends without consideration of
national security or foreign policy interests.
Foreign products are often not as widely used as reported, as
secure as advertised, or as easy use (for lack of an infrastructure) as
represented. In many cases, a foreign encryption product is subject to
the export controls of the country in which it is manufactured. In the
case of the other 32 Wassenaar nations, an encryption product is held
to the same, or similar, standards as U.S. products. In addition, there
are other important concerns that must be taken into consideration when
deciding if a product should be exported, such as to whom the product
is exported, and for what purpose. In that regard, the PROTECT Act also
eliminates the end-user reporting that is so valuable to national
security.
The PROTECT Act permits strong encryption products to be approved
under a license exception or export to so-called ``trustworthy''
entities and regions without prior government knowledge of intended
end-users. These include any foreign partners of U.S. companies, other
governments, and almost any foreign commercial firm in any country.
Some end-users could, in-fact, be targets of national security
interest, such as narcotics traffickers. The PROTECT Act also
automatically decontrols the export of strong encryption in the form of
systems using the Advanced Encryption Standard (AES) systems to any
destination, upon the adoption of AES, but at least by January 1, 2002.
While current U.S. policy has opened up many sectors in many nations,
it has done this in a thoughtful manner that minimizes the risk to
important national security interests. The PROTECT Act could upset this
delicate balance by widely expanding exports without due consideration
to national security.
Finally, the PROTECT Act's 15-day technical review period is too
rigid and too short to permit a meaningful technical review. The
Government needs the opportunity to review a proposed export to assure
it is compatible with U.S. national security interests and requires the
ability to deny an export application if national security concerns are
not adequately addressed. The ability to know what is being considered
for export is a key part of U S. export control policy. In some cases
today, this process takes longer than 15 days because insufficient
information is provided as part of the initial application.
In summary, the PROTECT Act will harm national security by making
NSA's job of providing vital intelligence to our leaders and military
commanders difficult, if not impossible, thus putting our nation's
security at some considerable risk. Our nation cannot have an effective
decision-making process, a strong fighting force, a responsive law
enforcement community, or a strong counterterrorism capability unless
the intelligence information required to support them is available in
time to make a difference. The nation needs a balanced encryption
policy that allows U.S. industry to continue to be the world's
technology leader, but that policy must also protect our national
security interests.
Thank you for the opportunity to address the Committee.
Senator Burns. Thank you.
I will start it off here. I just want to ask the Deputy
Director, why is it that we have not been very successful in
our negotiations with other countries to come up with some kind
of international policy with regard to the use of or the export
of robust encryption? In other words, we have been talking to
our, I think he is related to an ambassador, Aaron, and we have
been told that countries are moving to export controls,
especially in the European Union and around the country, of
which no agreement to my knowledge and we have drawn no
conclusions to move in that direction in the last 4 or 5 years
ever since we have been doing this.
Ms. McNamara. I believe we have had success in that, Mr.
Chairman last December--well, let me begin by saying, last
September the U.S. Government, the U.S. administration, relaxed
export controls substantially, to include the 128-bit
encryption that Senator Ashcroft was addressing earlier and to
cover the firms in his home State that actually have locations
overseas, to allow them to be able to use very strong
encryption, 128-bit, to protect theirs.
Now, in December we took the U.S. policy to the Wassenaar
countries. Those are 33 nations who are the principal producers
of strong encryption around the world. That Arrangement--we
took the U.S. relaxation strategy to that group of people and
what we did at the time successfully was to close a loophole
that the Wassenaar Arrangement had previously opened which was
providing an unlevel playing field and disadvantaging U.S.
software companies.
So last December we sought and got agreement by 33 nations
to close that loophole. The Arrangement allows for all 33 of
those nations to put in place, those who already did not have
in place, export controls that are essentially the same level
as the controls that the U.S. administration relaxed to last
September.
With regard to what is going on in the European Union, we,
the Administration--and I will turn this over to Secretary
Reinsch to follow up on--but we are keeping our eye very
closely on what is going on today in the European Union and
what those foreign governments are thinking about in terms of
encryption policies with regard to Europe. It is never our
intent to allow anything to occur by foreign governments that
would disadvantage U.S. industry.
Senator Burns. Senator Ashcroft.
Senator Ashcroft. Secretary Reinsch, would you say that
128-bit encryption is widely available and widely used today?
Mr. Reinsch. No, I would say that it is available. Whether
it is widely available is a judgment call. If it is not widely
available today, it will be soon. It is becoming the state-of-
the-art, if you will, so I think it is a matter of time, and I
would not have a big argument with you over the adjective.
Whether it is widely used or not is a more complicated
question, and I think Ms. McNamara commented on that in her
statement. We believe that, for the reasons she cited, use is
significantly less than the existence of the products.
Senator Ashcroft. Do you know of any case where there has
been a prosecution or an enforcement action taken against
people who have, or criminals who have used encryption outside
the range of encryption that has been provided as acceptable?
It would be an export, I guess, enforcement because the use
would be a violation of the export regulations. Have you
enforced this against anyone?
Mr. Reinsch. Yes, sir.
Senator Ashcroft. How many cases have there been?
Mr. Reinsch. I will have to get you the number. We have a
number of investigations ongoing, which of course we would not
want to comment on. We have had a number of--we will have to
get you the number. I would say single digits at this point.
Senator Ashcroft. But it is only illegal to export the
encryption? It is not illegal to import the encryption?
Mr. Reinsch. That is correct, there are no restraints on
domestic use or on imports.
Senator Ashcroft. So that it is a one way? In other words,
if terrorists conspire overseas to do something, like to effect
a terrorist act here in the United States, they can send
material in that is encrypted to the United States?
Mr. Reinsch. Well, we do not control in any event messages
or information that is encrypted. What is controlled is the
encryption that one would employ.
Senator Ashcroft. Is the sending of an encrypted message
from the United States to another jurisdiction, does that
qualify as an export of the encryption?
Mr. Reinsch. No.
Senator Ashcroft. It does not. So that--
Mr. Reinsch. Unless the message contains an encryption
algorithm which is controlled. But if I sent--if you were in
Bonn and I sent you an e-mail and it is encrypted, no.
Senator Ashcroft. So it is true that the person or the
terrorist organization which buys its encryption from Siemens
in Germany can operate say in the Middle East and send messages
back and forth to the United States, having imported the
algorithm to the United States from Germany and have taken the
German algorithm to the Middle East, and they can communicate
back and forth without violating any of our laws currently?
Mr. Reinsch. Yes. There is no--it was never the intent of
our policy to try to deal with that.
Senator Ashcroft. Well, it seems to me that that is the
threat that you keep saying that we are avoiding by having this
policy, and yet you just described that it is not our intent to
stop that threat with our policy. To use that as the basis for
not allowing our companies to compete, at a time when you say
we do not care if other companies compete in that way, gets to
the heart of what confounds me about our policy here.
We have basically said every other country that wants to
can go ahead and do this in the world and terrorists can use it
and have complete access to the utilization of this encrypted
for all the bad reasons, but American firms cannot be involved
in exporting it. It just seems that is where the disconnect
comes with this Senator and that is what I am struggling with.
You said that section 102 incentives--provides an incentive
to move the development of encryption offshore in this bill.
Mr. Reinsch. Yes, sir.
Senator Ashcroft. It seems to me that we have just
described the Administration policy as a monumental incentive
to move encryption offshore because we have indicated that
offshore-produced encryption can be used both to send and
receive robust encrypted material from the United States, to
and from, without violating the policy or the law.
Mr. Reinsch. Well, if I may comment, you have gone to one
of the core issues, and I think it is an important dialogue to
have. Let me make a small point first and then the larger
point.
On the small point, the difference between section 102 and
our policy is that our policy now would not permit a company to
transfer encryption technology or production technology or
encryp-
tion algorithm overseas for production purposes. Section 102
would, and that is the distinction we are making.
But the larger point you are making is a more important
one, and let me say two things about that, if I may. One is
that I think that, as Director McNamara acknowledged in her
testimony, this is not a policy and there probably is no policy
that is going to be air-tight with respect to our ability to
prevent the kinds of people you cited, terrorists in your
example, from obtaining and using robust encryption.
We do not believe that we can deal with every situation.
The goal of our policy is to try to promote use in the
marketplace of products that are law enforcement and national
security-friendly, recognizing that a determined, committed
terrorist who wants to use encryption can find ways around such
a policy. But we believe by making, if we can, through market
forces, the market standard, if you will, products that are
more friendly to the interests of my two colleagues, what we
will do over time is have more people, including some of the
people that you are talking about, using this kind of
encryption, which gives us some advantages. That is not going
to happen in every case. We do not believe we can make it
happen in every case.
Now, the second point that relates to what you said is this
question of foreign availability, and I would like to comment
on that because you commented in your opening statement on this
as well. I think what Director McNamara said was that we do not
want foreign availability to be the sole criterion.
Let me say that if it were the sole criterion for export
control policy, we would not have controls on machine tools, we
would not have controls on biotoxins, we would not have
controls on chemical weapons precursors, semiconductor
manufacturing technology, or computers at virtually any level.
There are very few technologies over which the United States
has a monopoly any longer, and you are quite right in saying
that encryption is not one of them, but neither are the ones
that I have mentioned.
If we are going to say that foreign availability ought to
be our single standard or it ought to be the dispositive
standard, the net result of that is I am not going to have very
much to do in my job. It is our belief that you need to balance
foreign availability considerations, obviously, and we do weigh
foreign availability in our judgments without question, and
Director McNamara just commented on why this is a particular
issue in the European Union case.
But at the end of the day--and the Congress has been
telling me this for 12 months with respect to satellites, with
respect to computers, with respect to machine tools, that
foreign availability is not the last word on the subject. Now,
I think that it is ironic, to say the least, if the Congress is
going to turn around on encryption and say that foreign
availability is the last word on the subject.
Ms. McNamara. May I follow up, please? The fact that one
terrorist is using strong encryption that they either bought in
the United States and took overseas with them or bought in
Europe and is using it to communicate with people in this
country is not what is of concern to us. On an individual
basis, the U.S. Government I believe is smart enough to figure
out a way to solve that particular problem or address that
particular problem.
What we are talking about here is the issue of putting in
place legislation which would allow the ubiquitous use of
encryption around the world, independent of individuals. We can
always solve an individual problem with an individual solution.
But the subject of ubiquitous encryption has dramatic impact on
our ability to do our national security business, and let me
offer, if the Senator wishes, a classified presentation on some
of the subjects that I cannot address in this particular room.
Thank you.
Senator Ashcroft. Mr. Chairman, may I just clarify an item
or two?
Senator Burns. You may.
Senator Ashcroft. Because these remarks have been
extensive.
Mr. Reinsch. Sorry about that.
Senator Ashcroft. No, that is all right. I am pleased to
have these remarks.
Mr. Reinsch. You wind me up and get me started. These
things happen.
Senator Ashcroft. Well, thank you. Especially when I think
you are supporting my position, I welcome your remarks.
Mr. Reinsch. Then I misspoke. [Laughter.]
Senator Ashcroft. The Director just indicated that a person
could buy and take overseas robust encryption from the United
States and use it overseas. Is that considered an export?
Mr. Reinsch. Yes, that would not be permitted.
Senator Ashcroft. Well then, you disagree with her that a
person can do that legally?
Ms. McNamara. I did not say it was legal. I do not think we
will ever prevent everybody from committing a crime.
Senator Ashcroft. OK. Well, I thought we were--I would just
like to indicate that I did not raise the issue of terrorists.
I am not interested in protecting terrorists here. I am
interested in protecting our industry. But every time I want to
protect the industry, one of you guys brings out the terrorist
card and you throw it on the table and you say: ``We cannot
protect America because there are these evil people out there
that are going to encrypt messages.''
So I am interested in protecting U.S. companies, and I am
also interested in protecting individuals. I guess some time I
would like to have an answer why big companies and big business
should have better, a greater right to privacy than individuals
should in this country, and that commercial speech should be
entitled to more integrity and privacy than individual speech.
So the idea of ubiquitous encryption--which I am charmed by
that phrase. I mean, I am going to try to use it as often as I
can.
Ms. McNamara. May I retract that from the record?
Senator Ashcroft. I thought it might be a description of
Senate speeches, but----[Laughter.]
I think ubiquitous encryption is probably what we are
headed toward in the marketplace of the world, and I think it
is likely to be based on software developed outside the United
States if we make it impossible for our software producers to
have robust encryption here, because I think people are going
to prefer to have privacy in their communications. I think most
of us do. Very few of us like the idea of our calls or our
communications being intercepted.
We are aware of technology that makes heard those things
which were not heard. A whisper is no longer a whisper; it can
become a shout with the right listening device. What we once
thought was a secure transmission is now available. We want, we
yearn for security as individuals, and the idea somehow that
big business is entitled to encryption and that individuals are
not in their communication is one of the hurdles that we have
to kind of come together on somehow to solve this problem.
Thank you, Mr. Chairman.
Senator Burns. Senator Cleland, do you have a statement? I
am sorry. We have had some arrivals here.
STATEMENT OF HON. MAX CLELAND, U.S. SENATOR
FROM GEORGIA
Senator Cleland. Mr. Chairman, I would just like my
ubiquitous opening statement to be----
Ms. McNamara. I think I am going to regret I ever used that
term.
Senator Cleland [continuing]. Submitted, without objection.
Senator Burns. I want somebody to spell it.
Senator Ashcroft. The National Spelling Bee concluded last
week.
Senator Cleland. Thank you all very much.
I am an old Army signal officer and I am a little bit
familiar with encryption and the power of encryption, both for
the good guys and the bad guys. Mr. Robinson, I would like for
you to help me a little bit. I am just trying to learn some new
terminology here about recovery. Apparently for law enforcement
recovery is a key item, so nonrecoverable encryption becomes a
problem.
Recovery of what? How can you recover something that is
encrypted, or is that the issue itself?
Mr. Robinson. Well, I think it is, Senator, in a sense.
What we are really interested in is maintaining our ability--
when we have probable cause and we go to court and get an order
for electronic surveillance through a careful process that
Congress has set out--to overhear communications. If what we
get at the end of the road is encrypted, unrecoverable
gibberish, we have a serious law enforcement problem.
I think that is true also of stored electronic data.
Increasingly, as people store their records in electronic form,
on laptops and others, we can get a search warrant--and
frankly, I agree with Senator Ashcroft. I think privacy
interests are very, very important and I think people have a
right to privacy. We are not looking for an opportunity to
evade or invade individuals' or companies' rights to privacy,
and that is why I said in my statement I think it is important
to have robust encryption.
But in those situations in which we have probable cause and
we have procedures whereby we can go to court and get a wiretap
order, a search warrant, we are going to be substantially
handicapped if we do not try to contribute to an infrastructure
that allows us to get plaintext out of these materials. That is
our objective.
The how is a technological question. As the chairman
indicated, I think we need the resources to try to solve this
problem of what do we do with encrypted evidence of criminal
activity. We have got to solve that problem, and we hope that
there will be an infrastructure, a contribution to an
infrastructure, that will allow us to get plaintext when law
enforcement needs to have it to prevent crimes from occurring,
to investigate them, and then to put the evidence in.
So that is essentially our equity, I think, in this debate.
Senator Cleland. Help me out a little bit here. If we ease
up on controls regarding exports of software, encryption
software, that expands the bits, namely expands I guess the
capability of data or information being encrypted, if we ease
up on controls that allow for those software packages which
allow for expansion of the bits or expansion of encryption to
be sold abroad, then what you are saying is that we might get
that back as a pie in the face. In other words, we might get
that back in a greater difficulty for law enforcement to
``recover'' information; is that what I am hearing you say?
Mr. Robinson. Yes, I think that is true.
Senator Cleland. Ms. McNamara, in terms of the pie in the
face for you, that would be the lesser ability to, shall we
say, to use the terminology, recover, shall we say,
intelligence to then pass on to our commanders in the field?
That is what we are talking about?
Ms. McNamara. That is an accurate characterization of the
situation, Senator.
Senator Cleland. Mr. Reinsch, it seems like to me that this
dovetails somewhat into the issue that we are all struggling
with. I am on the Governmental Affairs Committee and the Senate
Armed Services Committee. We are struggling with the issue of
American technology, sensitive American technology, winding up
in the hands of others, the most recent example being the
Chinese, not just the espionage of our nuclear secrets and
missile technology, but some of the, shall we say, leaked
technology on missile and satellite information that wound up
in the hands of the Chinese.
I would say that I was one of those who supported the
licensing of this kind of technology to move from the Commerce
Department to the State Department. I guess I am glad to see
your bona fide concern, I think, in the Commerce Department
about easing up on export controls on this sensitive
information or this sensitive encryption capability.
I gather that the Commerce Department is very sensitive to
this, is that correct?
Mr. Reinsch. Yes, and we would also say we were very
sensitive in the satellite case as well, as I think I did say
before your subcommittee when that first came up.
But yes, the decisions we make--the export control system
of the United States is based on, leaving aside short supply,
which is not on the table, controlling exports for national
security and foreign policy reasons. That is the filter through
which every decision we make goes. One might agree or disagree
with a particular decision, but clearly in this case national
security is a paramount consideration for us.
Senator Cleland. Mr. Robinson, could you share with me a
little bit. Does the Justice Department have some role in being
involved in improving the U.S. end user verification system for
supercomputers and strong encryption products? Is that a role
that you play?
Mr. Robinson. Not directly, we do not. We are obviously
concerned about the extent to which these issues interface with
our ability to do our job.
Mr. Reinsch. We do that, Senator.
Senator Cleland. That is through you in the Commerce
Department?
Mr. Reinsch. Yes, end user visits, which are both pre- and
post--that is, we do some in advance of making the decision
about a license because we want to check out the bona fides of
the end user, and post because we want to see if the item
actually went where it was supposed to go and if it is being
used as it was intended--has been an important enforcement tool
for us for decades.
It is not the only enforcement tool we use by any means,
and it has its imperfections. It is also very expensive. I
would say that in general Congress has been less than generous
with the resources that it would take to do more.
We have also been handicapped, frankly, on computers in
specific, by a congressional requirement that we visit every
one of them. This has forced us, for example, to visit
subsidiaries of American companies who are using them, banks,
companies that bought one computer and then 6 months later
bought a second one; we have had to visit them twice. It has
prevented our agents from doing what they do best, which is
figuring out what the risks are and spending their
investigatorial time and talent on the places that problems.
We have had to check a lot that we think are not problems.
When you see the report of our inspector general on this
subject next week, I think that--I should not get into this in
public, but I think that he will make a distinction between
visits that are useful and visits that are not useful. We want
to do more of the former.
Senator Cleland. Thank you very much.
In closing out my questions, Mr. Chairman--I know I am out
of time here--Ms. McNamara, I gather that your message to us is
that we should tread very softly on this issue of encryption
and opening up or loosening up export controls because it does
involve sensitive issues of national security?
Ms. McNamara. Yes, sir.
Senator Cleland. Thank you, Mr. Chairman.
Senator Burns. Thank you.
Senator Dorgan, you have just joined us. Do you have a
small statement? I am going to turn the chairmanship over to
Senator Frist--I have got an 11 o'clock that is sort of very
important to me--if you would agree to do that. We have got one
more panel to go, by the way.
STATEMENT OF HON. BYRON L. DORGAN, U.S. SENATOR
FROM NORTH DAKOTA
Senator Dorgan. Mr. Chairman, I came late and I have to
leave in a moment because of some other hearings, but I just
want to make in 30 seconds a comment about all of this. I, as
you know, worked with you in the last Congress to try to
resolve some of these issues. These are very difficult issues.
You raise questions that I think are very important
questions. Yet the whole export control area is very difficult.
What used to be a supercomputer is now a laptop, available to
anybody, any time, anywhere in the world. So as we try to sift
through all of these issues and consider national security
concerns, we also have to deal with the reality of what is
happening in the world.
My hope is that we can find a resolution that is a
thoughtful resolution, protecting our national security
interests and at the same time recognizing what is happening in
the rest of the world.
I appreciate the attention Senator Burns has given to this
over some long period of time, that this is not an easy issue,
and he has spent a great deal of time on it.
So thank you very much.
Senator Burns. Thank you, Senator.
Senator Frist, I am going to turn this over to you. I have
an 11 o'clock. I have tried to wheedle out of that thing two or
three times and I am not having any more luck now than I had
yesterday.
STATEMENT OF HON. BILL FRIST, U.S. SENATOR
FROM TENNESSEE
Senator Frist [presiding]. Thank you, Mr. Chairman. Mr.
Chairman before you leave, I would like unanimous consent to
have my opening statement made a part of the record.
Senator Burns. You are the chairman. You can do anything
you want to.
Senator Frist [presiding]. Thank you very much.
First of all, I thank all three of you for being here. I
have got a couple of other questions that I would like to just
run through.
Director McNamara, do the continued export restrictions on
U.S. encryption products make sense when Wassenaar partners
such as the U.K., France and Germany have established new
policies encouraging their citizens to use strong encryption?
Ms. McNamara. In terms of the strong use--the use of strong
encryption by individual nations' citizens, we support strong
use of encryption by U.S. citizens. We do believe that U.S.
citizens are entitled to privacy for their own purposes.
In terms of the export controls, however, there are
agreements and there is compatibility and comparability between
those export conditions that the United States has with the
European partners that you mentioned. Now, there are
discussions going on in Europe today. We have our eye on that.
But when we relaxed last September, the European nations along
with other members of the Wassenaar nations aligned their
overarching documentation that their export control processes
should be in line with ours now both in hardware and software.
Senator Frist. Is progress being made there, if you look
out?
Ms. McNamara. Yes, yes. In terms of what we are looking at,
we still have our eye on Europe. The Administration said last
year when we did relax to those sectors and encryption bit
lengths that we would review those again in September, and one
of the ingredients in that review will clearly be what other
foreign governments are doing.
Let me state, though, for the record again, earlier I think
it was Senator Ashcroft who said that we had--or perhaps it was
Congressman Goodlatte when he was talking--that we had relaxed,
the relaxation included going from 40 bits to 56 bits. That is
clearly true, but in all of the sector relief that was given
last year there is no bit length, as Secretary Reinsch said. It
is 128-bits for use in banking, finance, commerce--sorry,
online commerce, because it was recognition that e-commerce was
a very important thing for U.S. companies and individuals to be
able to have access to. So there is a large portion of that
which is covered by 128-bit encryption.
Senator Frist. Fine.
Mr. Robinson, OECD, European Community; could you elaborate
on our global partners' positions on recoverable encryption
products and their regulations, and specifically address OECD
as well as the European Community?
Mr. Robinson. I think I would defer to the Secretary to
give you a better answer than I.
Mr. Reinsch. I can do that.
Senator Frist. Mr. Secretary.
Mr. Reinsch. Ambassador Aaron, who is the President's
special envoy on this subject, has spent a lot of time with
OECD members, I believe virtually all of whom are also members
of what is known as the Wassenaar Arrangement, which is a
multilateral export control regime that controls encryption
items multilaterally. There are 33 nations in that regime,
including Russia, including the NATO members, including all of
the EU members, and a number of others.
As Director McNamara has said and as I testified, we have
had a good bit of success in that group harmonizing the export
control policies of all 33 of those members. At the same time,
the individual countries are developing encryption policies
domestically, and they have wrestled with the same issues
domestically that everybody else has wrestled with: Do we want
to control imports, do we want to control domestic use, what do
we want to permit to happen in our countries?
There is a trend, I think it is fair to say, within the EU,
which is the first place it would begin after here, away from
key recovery, certainly away from controls on domestic use and
in favor of allowing people within each of these countries to
use whatever they want. There is, then, a trend away from what
I would refer to as key escrow or key recovery, the idea that
people mandatorily would have to provide a spare key with some
third party entity, government or nongovernment.
We have also taken the position that we do not want to do
that as a mandatory step. We do see an environment for stored
data in which people may want to do that voluntarily, and we
have taken exceptions to provisions in some of the bills that
we think would discourage it voluntarily.
Most of our trading partners, whether you say OECD or the
Wassenaar members or NATO, however you define them, are moving
away from that kind of government involvement in the domestic
marketplace. But at the same time they are all, on the export
front, as near as we can tell, acting in a way that is
generally consistent both with Wassenaar and with what we are
doing.
Senator Frist. Good. When we talk about appropriate
agencies or parties to serve as key recovery agents, help me.
What sort of appropriate agents or parties would that be?
Mr. Reinsch. Well, mostly private parties, in fact I think
exclusively private parties now. You need to think about it
from the standpoint of another piece of this issue that is not
on the table and should not be, which is the question of
authentication and reliability for authentication. This is not
a spare key issue, but it is a question of a public key
infrastructure issue--if I want to send you a message, you want
to have some certainty that the message you receive with my
name on it came from me rather than from him or someone else,
and I want to have some assurance that your response came from
you and not someone who has intercepted it and is masquerading
as you.
That demands some authenticity and some certification that
your message came from you. What we envision and in fact what a
number of States have already addressed in their legislation is
regulating the private entities that will provide that
authentication function. They will not keep spare keys, because
the last thing you want for authentication purposes is a spare
key.
But what is happening is that private parties are springing
up that will provide essentially trust services and
authentication services to warrant that my messages come from
me and that you can have some confidence in that. In fact, I
think there are probably some people in that business on one of
the next panels, and you might want to pursue the technology
with them.
Senator Frist. Right. Any other comment on that, Mr.
Robinson?
Mr. Robinson. No, Senator.
Senator Frist. Mr. Secretary, on the issue of research and
development on computer security, you are against NIST's doing
that?
Mr. Reinsch. Not necessarily. I think Justice is.
Senator Frist. Mr. Robinson.
Mr. Robinson. Well, we are concerned that law enforcement
be able to try to develop the techniques necessary to get
plaintext because, frankly, we are the ones who are going to
have to use them and we need to have the capacity to do so. We
think it is critical to public safety and effective law
enforcement when we encounter encrypted evidence of criminal
activities to be able to figure out a way to turn that into
real information, whether it is an audible transmission or
stored electronic data. Without that capacity, obviously
encryption in the wrong hands, as many things, can be a
powerful tool to prevent law enforcement from preventing crimes
and successfully investigating and prosecuting them. So that is
a concern that we obviously have.
Senator Frist. I guess then my question, and feel free to
comment, is as we look at standardization of an advanced
encryption system, whoever is doing that, if it is NIST, needs
to be up to date with state-of-the-art right where we are. I
guess it is not clear to me how if you put the research and the
development in computer security with law enforcement, with the
FBI, and then have NIST looking at the standardization, how
they are really on top of things. Or is it both?
Mr. Reinsch. If I could comment, one of my regrets this
morning, Dr. Frist, was that I did not have an opportunity to
bring with me a full and complete statement of NIST's views on
that question. If I may, I would like to have them--what I will
suggest to them is they might get in touch with you directly,
knowing of your interest in the issue.
They do what you are describing. They have an extensive
computer security laboratory now. They have a lot of
interaction with the private sector. They validate products
that they test as a service to the private sector.
I believe their view is that if the Justice Department
wants to take the activity on, provided for in this bill, that
that would be all right. If the committee wants to assign it to
them, I am sure they would defer to the committee's judgment.
But what I would prefer is to have them communicate with
you directly.
Senator Frist. Fine.
Mr. Reinsch. I will arrange that.
Senator Frist. Good.
Well, thank you. We do have another panel. Would any of you
like to make any closing statements at all?
[No response.]
Senator Frist. Thank you very, very much. We appreciate
your being with us, and we will ask the second panel to come
forward.
I thank all three panelists for being with us. I will go
ahead and do the introductions and then we will go in
alphabetical order, I believe: Mr. David Aucsmith, Chief
Security Architect, Intel Corporation; Mr. Jim Bidzos, Vice
Chairman of the Board, Security Dynamics Technologies; and
Professor Lance Hoffman, School of Engineering and Applied
Science, Cyberspace Policy Institute.
Welcome to each of you, and let us begin with Doctor--Mr.
Aucsmith.
STATEMENT OF DAVID AUCSMITH, CHIEF SECURITY ARCHITECT, INTEL
CORPORATION
Mr. Aucsmith. Thank you, Mr. Chairman, for this opportunity
to talk to you this morning about the need for fundamental
reform of America's encryption policy. I am pleased to appear
today on behalf of the Business Software Alliance, which
together with ACP has been in the forefront of efforts to
persuade the Government to adopt a new U.S. encryption policy.
I am from Intel. Intel is the world's largest semiconductor
manufacturer and a major supplier of information technology
building blocks to the global computer and communications
industry. We provide our customers with chips, printed circuit
boards, assemblies, software--all the ingredients that you
typically think of that go into a personal computer, servers,
and workstations.
Actually, my being here to speak on behalf of the Business
Software Alliance should underscore the fact that encryption is
both a software and a hardware issue. In fact, as a general
note, 56-bit hardware products are currently excluded from the
favorable treatment now given by the Administration. That
applies only to software products.
In 1998 we employed more than 40,000 people in the United
States. We are headquartered in Santa Clara, CA, but have
significant manufacturing facilities in a number of States,
including Arizona, New Mexico, Oregon, California, and
Massachusetts.
We urge the committee to pass the PROTECT Act with further
amendments that would make the bill more fully comport with
technical and marketing realities. This morning I would like to
briefly make five points which I believe should underpin our
U.S. encryption policy.
First: In an Internet economy, encryption is essential to
all businesses, not just encryption business. I want to
emphasize this point. While private sector interest in
encryption export reform is generally characterized in terms of
the competitiveness of American encryption products abroad, it
has become a much larger issue for all American businesses.
In this economy, every business is becoming an Internet
business. It will affect all businesses. Cryptography has
emerged as the essential building block for building trust in
the open Internet. Without it, the hundreds of billions of
dollars of e-commerce currently projected to occur by the year
2002 will be at risk.
Second: Encryption is vital to securing America's critical
infrastructures. I participated in the Defense Science Board
evaluation of America's critical infrastructures. We focused on
the vulnerability of five critical infrastructures and
concluded that encryption is absolutely essential in their
protection.
The security of any network is only as good as its weakest
link. All wires have two ends, if you will. America's
infrastructures cannot be protected if they are networked, as
they will be, with foreign infrastructures that use weak
encryption. That is why permitting exports of strong encryption
helps to promote the national security.
Third: The availability of encryption cannot be reasonably
controlled. Cryptography is just mathematics. Information about
cryptography is widely available from many sources and in many
forms. It is the subject of numerous academic conferences. It
is taught in universities throughout the world.
Moreover, while developing good algorithms is extremely
difficult, if you will, rocket science, implementing them is
relatively easy once someone has developed them.
Fourth: Government-required or mandated plaintext access
will not work. While mandated plaintext access offers at first
glance a solution to the Government's problems, it is not
technically possible in most circumstances. It does not let law
enforcement verify compliance with access requirements a priori
and it does not give national security interests access to
stored information.
There is practically no commercial reason for storing
communications keys and I believe the need for key recovery of
stored data is overstated. To be blunt, Intel as a corporation
does not plan to sell products incorporating key recovery, nor
does it expect to implement a key recovery system for its own
use.
Fifth: The Government needs to find technological
alternatives to meet its requirements for access to
information. Intel agrees that access to data communications
and stored data by law enforcement and intelligence communities
is both legitimate and extremely important. Clearly, Congress
needs to adequately fund the technical efforts of these
agencies so they can meet the challenges of the next century.
Industry supports additional funding. Industry can also
provide assistance and is willing to do so. BSA has advocated
that the U.S. Government should work cooperatively with our
Nation's hardware and software manufacturers to develop the
technical know-how that they need. Technical innovation is
predominantly centered in the private sector. Only a
government-industry cooperative exchange can effectively
address the challenge of continued technological change.
In conclusion, let me say that we strongly believe the
PROTECT Act should be passed, but with further improvements.
The PROTECT Act does not--I mean, the PROTECT Act does begin to
realize the realities of mass market products. It eliminates
reporting requirements for such products and grants export
relief to those products at all horizontal layers of the
information technology sector.
But the Act still does not grant widespread exportability
of mass market and publicly available encryption products, and
there is a complicated bureaucratic process which must be
pursued. Not until 2002 will American industry be able to
widely export products that are now using what is basically the
worldwide standard of 128 bits in the form of the Advanced
Encryption Standard or its equivalent. We believe that it is in
our national interest to permit such exportability now and we
urge the committee to amend the bill accordingly.
Thank you very much.
[The prepared statement of Mr. Aucsmith follows:]
Prepared Statement of David Aucsmith, Chief Security Architect,
Intel Corporation
Thank you Mr. Chairman for the opportunity to talk to you this
morning about the need for fundamental reform of America's encryption
policy. I am pleased to appear today on behalf of the Business Software
Alliance which, together with ACP, has been in the forefront of efforts
to persuade the U.S. Government to adopt a new U.S. encryption policy.
We urge the Committee to pass the PROTECT Act with further amendments
that would make the bill more fully comport with technological and
market realities.
This morning I would like to briefly make five points that we
believe should underpin U.S. encryption policy.
First, encryption is essential to all business in an Internet
economy. While private sector interest in encryption export reform is
generally characterized in terms of the competitiveness of American
encryption products in a worldwide market, it is becoming a much larger
issue for all American business. The global economy, tied together with
the Internet, is turning businesses into virtual enterprises, localized
products into global products, and geographically limited networks into
worldwide networks. In this environment, American businesses must be
able to sell and support their products worldwide, must be able to
securely coordinate with their business partners worldwide, and must be
able to conduct safe electronic commerce worldwide.
Quite simply, cryptography has emerged as the only possible
solution to many of the requirements of commercial security. It is the
essential building block for building trust onto the open Internet.
Without it, the hundreds of billions of dollars of e-commerce currently
projected to occur by the year 2002 will not happen.
Second, encryption is vital to securing America's critical
infrastructures. Much of the national economy is at risk from the
decisions that are made today on the issues of infrastructure
protection. Increasingly, these critical systems are driven by, and
linked together with, computers making them vulnerable to disruption.
The single best way, and sometimes the only way to affect effectively
these critical networks and systems, is encryption. That's why the
National Research Council found that encryption promotes the national
security of the United States. However, the security of any network is
only as good as its weakest link. America's infrastructures cannot be
protected if they are networked with foreign infrastructures using weak
encryption.
Third, the availability of encryption cannot be reasonably
controlled. Cryptography is a branch of mathematics. Cryptographic
technology can be reduced to mathematical formulas and protocols.
Information about cryptography is available from many sources in many
forms. It is the subject of numerous academic conferences. It is taught
in universities worldwide. Moreover, while developing good algorithms
is tough, implementing them is relatively easy.
Fourth, government promoted or required plaintext access will not
work. While required plaintext access offers, at first glance, a
solution to the government's problem: (1) it is not technically
possible in most circumstances; (2) it does not let law enforcement
verify compliance with access requirements; and (3) it does not give
national security interests access to stored keys. There is simply no
way that law enforcement can determine, in advance, that particular
text had not been encrypted with more than one program or product. At
the same time, targets of national security interests are unlikely to
design or use a plaintext infrastructure which would allow the U.S.
government to have secret access to plaintext.
Moreover, there is practically no commercial reason for storing
communications keys--if the communication is disrupted or compromised a
new session will be established. At the same time, the need for key
recovery of stored data also is overstated--the frequent example is an
employee hit by a bus. With the exception of personal notes,
information is not solely possessed by an individual. In addition, most
mission-critical data is held by the corporate data management system
that has its own control and protection mechanism. Finally, most
personal data has a time value and rapidly becomes obsolete.
If one factors in the additional costs and systemic vulnerabilities
that result from building in access features, we conclude that there is
no business or consumer need for key recovery or special plaintext
access. To be blunt: Intel does not plan to implement a key recovery
scheme for its own use. .
Fifth, the government needs to find technological alternatives to
meet its requirements for access to information. Intel agrees that
access to data communications and stored data by law enforcement
intelligence communities is both legitimate and extremely important.
Clearly, Congress should adequately fund the technical efforts of these
agencies so they can meet the challenges of the next century. Industry
supports additional funding. Industry can also provide other
assistance.
For example, ACP proposed last year the creation of a ``NET
center'' to help law enforcement officials understand how to deal with
encryption and other technological advances. ACP also has advocated
that the U.S. government should work cooperatively with our nation's
hardware and software manufacturers to develop the technical tools and
know-how that they need. Technical innovation is predominantly centered
in the private sector--only a government/industry cooperative effort
can address effectively the challenge of continued technological
change.
In conclusion, let me say that we strongly believe the Protect Act
should be passed but with further improvements.
The Protect Act does begin to realize the realities of mass market
products, eliminates reporting requirements for such products, and
grants export control relief to products at all horizontal layers in
the information technology sector. But the Act still does not grant
widespread exportability for mass market and publicly available
encryption products. There is a complicated, bureaucratic process which
must be pursued. Not until 2002 will American industry be able to
widely export products using the 128-bit Advanced Encryption Standard
or its equivalent.
We believe it is in our national interest to permit such
exportability now and urge the Committee to amend the bill accordingly.
Once again, many thanks for this opportunity to testify.
INTRODUCTION
My name is David Aucsmith, and as Chief Security Architect for the
Intel Corporation I am responsible for research, development and
deployment of data and communications security technologies and
products, both hardware and software. Currently, my work is focusing on
developing industry standard architectures for the application and
interoperability of data security technologies for communications,
electronic commerce, and content protection. I previously worked on
security matters for two computer companies and as a Lieutenant
Commander in Naval Intelligence.
Intel is the world's largest semiconductor manufacturer and a major
supplier of information technology building blocks to the global
computer and communications industries. We provide our customers with
chips, printed circuit board assemblies and software that are the
``ingredients'' of PC's, servers and workstations. Our flagship
business involves the mass production and sale of the Pentium
family of processors and other microprocessors, which are frequently
described as the ``brains'' of a computer because they control the
central processing of data in computers. In 1998, our sales exceeded
$26 billion, and we employed more than 40,000 people in the United
States.
Like most information technology companies, Intel's business model
is global in scope. The bulk of our production takes place in the
United States. Our products are sold worldwide to original equipment
manufacturers of computer systems and peripherals, PC users who make
purchases through various distribution channels including the Internet,
and other manufacturers who produce a wide range of industrial and
telecommunications equipment. Information security plays a prominent
role in the conduct of our business.
Intel is headquartered in Santa Clara, California, and we have
significant manufacturing facilities in a number of states, including
Arizona, New Mexico, Oregon, California and Massachusetts.
Intel Corporation is a member of the Business Software Alliance
(``BSA'') and Americans for Computer Privacy (``ACP''). Both
associations have been in the forefront of efforts to persuade the
government to adopt a new encryption policy.
Since 1988, BSA has been the voice of the world's leading software
developers before governments and with consumers in the international
marketplace. BSA promotes the continued growth of the software industry
through its international public policy, education and enforcement
program in 65 countries throughout North America, Europe, Asia and
Latin America. Its members represent the fastest growing industry in
the world. BSA worldwide members include Adobe, Attachmate, Autodesk,
Bentley Systems, Corel Corporation, Lotus Development, Macromedia,
Microsoft, Network Associates, Novell, Symantec and Visio. Additional
members of BSA's Policy Council include Apple Computer, Compaq, Intuit,
Sybase and my company Intel. BSA websites: www.bsa.org;
www.nopiracy.com.
Intel Corporation takes, as a given, that access to data
communications and stored data by the intelligence and law enforcement
communities is both legitimate and extremely important. But, we also
recognize that there is an inevitable tide of advancing technology that
renders most conventional intercept methodologies obsolete. We also
believe that all American businesses need access to strong cryptography
to remain competitive in an ever increasing global economy.
We believe that these varied objectives can be met if only
government does not seek to force solutions on industry that are
incompatible with the development of technology and market demands. It
is our view that, given the breathtaking pace at which information
technology (including cryptography) is developing around the globe, the
only way to achieve these goals is to adopt policies that will ensure
American industry leadership in the area of information technology.
This morning I would like to discuss five points that we believe
should underpin U.S. encryption policy:
1. Encryption is essential to conducting all business in an
Internet economy;
2. Encryption is vital to securing America's critical
infrastructures;
3. The availability of encryption cannot be reasonably controlled;
4. Government promoted or required plaintext access will not work;
and
5. The government needs to find technological alternatives to meet
its requirements for access to information.
encryption is essential to conducting all business in an internet
economy
While the private sector interest in encryption export reform is
generally characterized in terms of the competitiveness of American
encryption products in world markets, it is, in reality, a much larger
issue for American businesses. In an Internet economy, all American
businesses are affected by encryption export constraints.
The future of business is fundamentally changing. The Internet
presents two distinctly different business opportunities.
Moving existing business to the Internet. Taking our
existing paper-based commerce models and moving them to the electronic
world.
Creating new businesses because of the Internet. The
Internet provides a ubiquity, connectivity and speed that has never
existed before. There are many hereto unimagined businesses that will
arise to capitalize on these capabilities.
The global economy, tied together with the Internet, is turning
businesses into virtual enterprises, localized products into global
products, and geographically limited networks into worldwide networks.
Taking place on a massive scale, this phenomenon rests on the following
business principles:
American businesses must be able to sell and support their
products worldwide.
American businesses must be able to securely communicate
and coordinate with their foreign subsidiaries and business partners
worldwide.
American businesses must be able to conduct safe
electronic commerce worldwide.
I will address each of these three principles in more detail.
However, it should be obvious that they all depend on secure
communications and financial infrastructures. Cryptography is an
essential component of the security of these critical infrastructures,
regardless of the nature of the company involved.
It is easy to underestimate the magnitude of the information
technology industry in the U.S. and the importance of Internet driven
electronic commerce. The Department of Commerce reported that:
Without information technology--and the electronic commerce it
fosters-- overall inflation would have hit 3.1% last year, more than a
full percentage point higher than the 2% it was . . . \1\
By the year 2002, Internet commerce is expected to be $327 billion
\2\ annually. By the year 2001, the U.S. information technology
industry will be directly responsible for 5% of the GNP.\3\
American businesses must be able to sell their products worldwide
Much has been said about the need for American businesses to be
able to sell their encryption products worldwide as will be discussed
later in this testimony. What is not obvious is that encryption
controls may make it difficult to sell non-encryption products on the
world market as well. For example, a telecommunications application may
need to have an integrated cryptographic component to meet an
international standard.
American businesses must be able to securely communicate and coordinate
with their foreign subsidiaries and business partners worldwide
Business practices demand tight coordination with both a companies
overseas subsidiaries, their suppliers and their customers. It is
essential that confidentiality and access control to business
information be maintained. Frequently companies are suppliers or
customers on one product and competitors on another. The tightly
integrated networks required for coordination could rapidly become a
source of competitive intelligence if not adequately protected. Only
strong cryptography can offer the level of protection required.
American businesses must be able to conduct safe electronic commerce
worldwide
In the near future, there will now longer be dedicated Internet
companies--virtually every company will have to be an Internet company
to survive. This requires that companies have the capability to
securely sell products over the Internet to markets around the world.
The ability to prevent fraud and protect intellectual property will
depend heavily on the use of strong cryptography.
Importantly, corporate participation in electronic commerce
includes both business-to-business and business-to-consumer
transactions.
There is a need for commercial security
There has always been some level of need for data security in
commercial environments. However, the Internet has enabled the
connected PC and, with it, created both new business opportunities and
new security vulnerabilities.
Both the value and volume of on-line information has sharply risen.
This information includes organizational information such as financial
data, manufacturing information, customer information, medical and
legal records, and human resources data. Additionally, there is a
growing amount of data which has intrinsic value, such as monetary
instruments (e.g., credit cards, coupons, etc.) and intellectual
property (e.g., movies, images, etc.).
In the past, such data was protected by physical and procedural
controls. The connected PC largely negates those conventional controls
and requires new security mechanisms, thus creating a need for
commercial security technology.
After many years of false starts, commercial data security has
become a viable business. The Internet has provided the driving force
for this change. Physical barriers have all but disappeared, and
security perimeters have become vague.
The Internet has created needs for security that were not present
in isolated security domains. This has, in turn, created opportunities
for vendors of security technologies and has also created a need for
standards so those technologies can interoperate.
Cryptography is the only viable solution to most commercial
security requirements
Cryptography has emerged as the only possible solution to many of
the requirements of commercial security. It is the essential building
block for projecting trust onto the open Internet.
The modern global commercial information infrastructure is
characterized by more than 95 million Internet-connected computers,\4\
most of which are in open environments with little or no physical
control. They use a wide variety of hardware and software and implement
no common security policy.
Only cryptographic technologies are capable of projecting security
onto a completely open, arbitrary environment. Cryptography, by itself,
does not guarantee any level of security. It is a necessary component
but not a sufficient component.
Privacy, also known as confidentiality, is the characteristic that
information is protected from being viewed in transit during
communications and/or when stored in an information system. With
cryptographically-provided confidentiality, encrypted information can
fall into the hands of someone not authorized to view it without being
compromised. It is almost entirely the confidentiality aspect of
cryptography that has posed public policy dilemmas.
The commercial use of privacy (or confidentiality) encompasses not
only the traditional view described above, but also the protection of
intellectual property such as digital video and digital audio. The same
technology used to keep communications private are required to ensure
that a digital movie is not illegally copied.
ENCRYPTION IS VITAL TO SECURING AMERICA'S CRITICAL INFRASTRUCTURES
Governments also are recognizing that without encryption, the
electronic networks that control such critical functions as airline
flights, health care functions, electrical power and financial markets
remain highly vulnerable. The U.S. General Accounting Office in its
report issued in May of 1996 entitled ``Information Security: Computer
Attacks at Department of Defense Pose Increasing Risks'' found that
computer attacks are an increasing threat, particularly through
connections on the Internet, such attacks are costly and damaging, and
such attacks on Defense and other U.S. computer systems pose a serious
threat to national security.
There is an awareness within the government of the vulnerability of
the national information infrastructure to potential attack. The Marsh
Report \5\ highlighted the vulnerabilities very well. Much of the
national economy is at risk from the decisions that are made today on
the issues of infrastructure protection. Any action that degrades the
security of Internet commerce or the viability of the industries
involved must be viewed as a serious risk to the national security.
As the President said on January 22, 1999, before the National
Academy of Sciences, ``[w]e must be ready--ready if our adversaries try
to use computers to disable-power grids, banking, communications and
transportation networks, police, fire and health services--or military
assets. More and more, these critical systems are driven by, and linked
together with, computers, making them more vulnerable to disruption.''
The President has been so concerned that he established a
Commission on Critical Infrastructure Protection to provide him with
guidance and issued two Presidential Directives based on the
Commission's recommendations.
In the Report of the President's Commission on Critical
Infrastructure Protection entitled Critical Foundations: Protecting
America's Infrastructures (October 1997), the Commission emphasized
that ``Strong encryption is an essential element for the security of
the information on which critical infrastructures depend.'' In fact
``[p]rotection of the information our critical infrastructures are
increasingly dependent upon is in the national interest and essential
to their evolution and full use. A secure infrastructure requires the
following:
Secure and reliable telecommunications networks.
Effective means for protecting the information systems
attached to those networks . . . .
Effective means of protecting data against unauthorized
use or disclosure.
Well-trained users who understand how to protect their
systems and data.''
An earlier blue ribbon National Research Council (NRC) Committee
similarly concluded in its (May 1996) CRISIS Report (``Cryptography's
Role in Securing the Information Society'') that encryption promotes
the national security of the United States by protecting ``nationally
critical information systems and networks against unauthorized
penetration.''
Thus, the NRC Committee found that on balance the advantages of
widespread encryption use outweighed the disadvantages and that the
U.S. Government has ``an important stake in assuring that its important
and sensitive . . . information . . . is protected from foreign
government or other parties whose interests are hostile to those of the
United States.''
In recognition of the risks and threats to information, on January
15, 1999, the National Institute of Standards and Technology (NIST)
established a new draft Federal Information Processing Standard (FIPS
46-3) to require the use of stronger encryption in government systems.
NIST stated that it ``can no longer support the use of the DES for many
applications'' and that all new systems must use the significantly
stronger Triple DES ``to protect sensitive, unclassified data''. Under
the FIPS, all existing systems are now expected to develop a strategy
to transition to Triple DES, with critical systems receiving a
priority.
The vulnerability of national infrastructures has not been lost on
other governments. Within the European Union, there is discussion on
how to encourage companies to develop products to protect national
infrastructures in their respective countries. Such mutual government
encouragement will help to grow technical capabilities and fuel a
viable world market.
Already the Swiss government is providing 128-bit encryption plug-
ins for download off the Internet. The SecureNet system is required for
use in accessing Telegiro, an Internet payment system. The plug-ins
support SSL connections using IDEA encryption. Several Swiss banks are
now using on-line banking systems compatible with the Telegiro
cryptosystem.\6\
Information security is critical to the integrity, stability and
health of individuals, corporations and governments. While cryptography
is but one element of security, it is the keystone of secure,
distributed systems. Frankly, there is no substitute for good,
widespread, strong cryptography when attempting to prevent crime and
sabotage through these networks. The security of any network, however,
is only as good as its weakest link. America's infrastructures cannot
be protected if they are networked with foreign infrastructures using
weak encryption.
In the long-term, we believe it is in America's best interest to
protect critical infrastructures and national security by relying on
strong American encryption products. This will not happen if the U.S.
Government limits the ability of U.S. companies to provide strong
encryption to consumers. Indeed, the question is not whether critical
infrastructures will be protected. Rather it is a question of who will
protect them--U.S. or foreign companies. With individuals increasingly
relying on critical infrastructures and governments increasingly
desiring to safeguard these infrastructures, it is only a matter of
time before strong encryption becomes a commodity feature of global
networks and information systems.
U.S. encryption export controls hurt our national security
Our current export policy puts at risk America's global leadership
in information security. U.S. export policy should, therefore, be
changed so it no longer limits American participation in efforts to
secure global e-commerce and related information infrastructures and no
longer cedes the world market for encryption products to foreign
competitors. Strong, high-quality encryption products already are
widely available from foreign makers. Foreign producers of IT systems
are finding that their ability to provide end-to-end systems
incorporating stronger encryption than U.S. companies are permitted to
export gives them a decided market advantage. We are concerned that as
a result America will lose the critical encryption market to foreign
companies. If that happens, it will be too late to change U.S. policy
and too late to preserve U.S. leadership in this vital arena.
What will the loss of that U.S. leadership position mean? It will
mean that the national security agencies will be confronting ubiquitous
encryption made not by U.S. companies, but by foreign companies. Where
then will the national security agencies go for technical help on
encryption? It also will mean that the protection of our critical
national infrastructure may depend on foreign-made systems
incorporating foreign-made encryption--and that's unacceptable.
America must retain leadership in this vital technology if we are
to meet our long-term national security objectives. That is why we must
assess our encryption export policies from a long-term, not a short-
term, perspective.
In the long run, U.S. national security objectives are best served
by an IT world in which U.S. companies are market leaders in all
aspects, especially encryption. U.S. export controls have had the
effect of creating an encryption expertise outside the United States
that is gathering momentum. Unfortunately, every time research and
development of an encryption technique or product moves off-shore, U.S.
law enforcement and national security agencies lose. We believe that
continuing down this path will be ultimately more harmful to our
national security and law enforcement efforts as American companies
will no longer be the world leaders in creating and developing
encryption products.
In fact, as long ago as 1996, the NRC Committee concluded that as
demand for products with encryption capabilities grows worldwide,
foreign competition could emerge at levels significant enough to damage
the present U.S. world leadership in information technology products.
The Committee felt it was important to ensure the continued economic
growth and leadership of key U.S. industries and businesses in an
increasingly global economy, including American computer, software and
communications companies. Correspondingly, the Committee called for
immediate and easy exportability of products meeting general commercial
requirements--which is currently 128-bit level encryption!
We recognize this is a difficult balance to strike, but we strongly
believe that our long term national security objectives can only be
achieved if the United States realistically acknowledges the
inevitability of a world of ubiquitous, strong encryption. Trying to
control the proliferation of encryption is like trying to control the
proliferation of mathematics. For that is what we are talking about
here. Encryption algorithms are nothing but sophisticated mathematics.
And while the United States may realistically hope to remain the leader
in such a field, it cannot realistically expect to monopolize it.
We are joined in this view by the Center for Strategic and
International Studies (``CSIS''). CSIS recently conducted a study of
our nation's technical vulnerabilities; the study was chaired by
William Webster, the former director of the FBI and Central
Intelligence and former U.S. Circuit Judge. The subsequent report,
entitled Cybercrime . . . Cyberterrorism . . . Cyberwarfare . . .
Averting an Electronic Waterloo, calls for the ``intelligence gathering
communities--law enforcement and foreign intelligence--to examine the
implications of the emerging environment and alter their traditional
sources and means to address the SIW (strategic information warfare)
needs of the twenty-first century. Continued reliance on limited
availability of strong encryption without the development of
alternative sources and means will seriously harm law enforcement and
national security.''
THE AVAILABILITY OF ENCRYPTION CANNOT BE REASONABLY CONTROLLED.
Cryptography is a specialized branch of mathematics. Cryptographic
technology can be reduced to mathematical formulas and protocols.
Information about cryptography is available from many sources and in
many forms. Implementation of cryptography is no more difficult than
the implementation of any complicated mathematical technology such as
digital video or digital signal processing.
Ease of implementation
Creation of good cryptographic algorithms that will withstand the
test of time is amazingly difficult. Recent history is littered with
failed attempts. Even so, many algorithms have survived and have become
part of common usage. Inventing good cryptography is the mathematical
equivalent of ``rocket science.'' Implementing those algorithms is
comparably ``child's play.''
Information security is such an important part of information
technology that it is rare for a graduate level computer science
student to graduate without having implemented a cryptographic
algorithm or protocol. Many of these students become competent systems-
level programmers who could easily fashion a production-quality
cryptographic application. Many of these students are non-U.S.
residents.
Open research
Cryptography and cryptanalysis are legitimate academic research
topics. There is a growing, worldwide academic community specializing
in the subject. Last year alone there were over 30 international
conferences focusing on cryptography or related topics and over 100
books and journals. Many of these books include detailed specifications
and source code of cryptography algorithms and protocols.\7\ As an
example, Bruce Schneier's popular cryptography text, Applied
Cryptography, has sold over 100,000 copies world wide.\8\
Intangible software
The intangible nature of cryptographic software defies any physical
controls. In an instant, software, cryptographic or otherwise, can be
shipped virtually anywhere in the world. As an example, within hours of
the U.S. release of PGP 5.0, it was available from sites in Western
Europe.\9\
Cryptography exists in many uncontrollable forms, such as general
knowledge, academic research, and network deliverable software.
Availability of strong encryption products abroad
Having export controls assumes that they are at least marginally
effective. Cryptography is basically mathematics. The knowledge is
inherently uncontrollable. This has led to the worldwide availability
of strong encryption products and technologies.
One of the ironies of the U.S. cryptographic export regime is that
it has fostered a growth in non-U.S. cryptographic technology providers
who can sell strong cryptography worldwide without the constraints
imposed by the U.S. government, while U.S. companies can not make the
same claim.
The belief that U.S. export regulations enable foreign cryptography
businesses is held by the European Commission. The EC stated at the
Copenhagen Hearing:
The current U.S. export regulations can provide a chance for
European companies to enter the market for cryptographic products.
Nevertheless this would require a concentrated effort of European
industry and governments to prepare the basis for this market.\10\
Some European companies and governments have turned this belief
into practice. The following is quoted from a Siemens Nixdorf ad
regarding a software product of theirs called TrustedWeb:
By simply downloading the TrustedWeb software from the Internet,
you can create a highly secure Intranet infrastructure in a matter of
days. The organization itself can decide on the level of security and
adapt it in stages in line with needs--Ranging from simple password
protection to authentication using cryptographic procedures (Public
Key/Private Key) with full 128-bit key length. TrustedWeb is an
independent European product and hence is not subject to the export
restriction imposed by the US government in relation to encryption
software.\11\
Siemens Nixdorf runs similar ads covering their hardware products.
Security products are available worldwide, in spite of, or perhaps
because of, strong U.S. export controls.
Wide deployment of strong encryption is inevitable
There are huge commercial incentives for the spread of
cryptography. There is a legitimate need for the technology and a sharp
increase in the amount of money being spent on security technology.\12\
This has created a viable market for the technology, and there are many
suppliers worldwide willing and able to meet the market demand.
The recognition of the importance of security to data
communications has lead to the inclusion of security protocols within
international standards. Examples of such standards include the Secure
Sockets Layer (SSL) and the Internet Packet Security (IPSEC) protocols.
In most cases, the implementation of security components in
international standards is optional. However, there is a strong trend
to make many of these features mandatory. Thus, compliance with
international communications standards will promote the diffusion of
security technologies.
GOVERNMENT PROMOTED OR REQUIRED PLAINTEXT ACCESS WILL NOT WORK
As the spread of strong cryptography threatens traditional
intelligence methods, the government has used export control relief as
an incentive for companies to build plaintext access capability into
every product. There have also been attempts in Congress to mandate
plaintext access capability in such products. The overall approach has
revolved largely, though not exclusively, around key recovery
requirements. This section primarily addresses specific concerns about
key recovery issues, but it is applicable to all plaintext access
solutions that may be promoted or mandated by the U.S. Government
(hereinafter referred to as ``required plaintext access''). The basic
point is that non-market driven requirements to build any plaintext
access mechanism into products will not work.
Key recovery, as a concept, now applies not only to the initial
purpose of assuring law enforcement access to encrypted materials, but
also to possible end-user or organizational requirements for a
mechanism to protect against lost, corrupted, or unavailable keys. It
can also mean that some process, such as authority to decrypt a header
containing a session key, is escrowed with a trusted party, or it can
mean that a corporation or individual is ready to cooperate with law
enforcement to access encrypted materials. It may also mean that some
technical mechanism must be put in place to bypass the use of the key
entirely (strict ``plaintext access'').
While required plaintext access offers, at first glance, the
promises of solving the technical problems of plaintext access, it is
not technically possible for it to do so in most circumstances. It is
unlikely to actually meet plaintext access requirements, and its
deployment as a national strategy is fraught with technical challenges
and dangers.
Required plaintext access systems will not satisfy government access
requirements
Required plaintext access does not meet either law enforcement or
national security requirements, but for slightly different reasons. Law
enforcement can not verify compliance with key recovery requirements,
and national security interests are unlikely to have access to stored
keys.
Compliance can not be verified by law enforcement
Required plaintext access has a serious technical flaw in the area
of a priori verification of compliance. Encryption, if applied, is
likely to be applied at several different levels of the communications
infrastructure. An example is having link-level encryption applied by
IPSEC, having session-level encryption applied by SSL, and having
application-level encryption applied by S/MIME.
Assuming one could construct a protocol to allow for the monitoring
of IPSEC key recovery compliance, there is no physical way to verify
that the other two levels have complied with the required plaintext
access requirements unless one actually decrypts the IPSEC-data packet.
If it requires probable cause to get a court order to obtain the IPSEC
recovered key or mechanism, it would only be after law enforcement has
probable cause of criminal activity that they would be able to verify
whether or not the upper-level protocols have complied with the
required plaintext access requirements.
Required plaintext access does not address national security
requirements
While law enforcement may serve a warrant on a key recovery agent
or other access mechanism provider to obtain encryption keys or the
plaintext, national security interests are likely to have that
opportunity. Required plaintext access does not provide any benefit to
lawful access unless one is able to actually recover the plaintext.
Targets of national security interests are unlikely to design a
plaintext access infrastructure which would allow the U.S. government
to have surreptitious access to stored keys or stored plaintext. This
view has been born out by National Security Agency testimony before
Congress.\13\
Required plaintext access systems are of limited commercial value
Product announcements of key recovery companies to the contrary,
there is not a compelling market for commercial key recovery systems
and no market for other plaintext access systems. There is no general
reason to recover communications keys, and the use of key recovery for
stored data ignores the fundamental properties of information.
A market for key recovery technology will emerge only when it is
artificially created by government regulations. Prior to the current
law enforcement push for key recovery, there were no widespread
deployments of key recovery mechanisms even though the basic technology
had been in existence for some time.
Not required for data communications
While key recovery may, debatably, be important in certain stored
data systems, in communications cryptography there is little or no user
demand for this feature. In particular, there is hardly ever a reason
for an encryption user to want to recover the key used to protect a
communication session such as a telephone call, FAX transmission, or
Internet link. If such a key is lost, corrupted, or otherwise becomes
unavailable, the problem can be detected immediately and a new key
negotiated.\14\ There is also no reason to trust another party with
such a key.
Ignores the nature of stored data
Many of the proposed needs for key recovery of stored data operate
under a false assumption about how data is actually stored and
utilized. The frequent example is the assertion that a company will
need to recover the encrypted files of an employee who has been hit by
a bus.
There are three problems with this assertion. First, with the
exception of personal notes, information is not solely possessed by an
individual. Information is shared among a team of employees or partners
in order to be of any benefit. Second, most mission-critical data is
held by corporate data management systems (e.g., data bases) that have
their own access control and protection mechanisms, which are
administered by the corporation. Third, most personal data has a time
value and rapidly becomes obsolete.
Given the observations above, we conclude that there is no business
or consumer need for key recovery. Indeed, taking into account the
observations and risks, Intel does not plan to implement a key recovery
scheme.
Key recovery introduces additional vulnerabilities
Centralizing all of a user's secrets or access controls in a system
with increased technological and procedural operational complexities
can only increase the security vulnerabilities of the operation.
Centralized attack point
Regardless of the implementation, if key recovery systems must
provide timely law enforcement access to a whole key or to plaintext,
they present a new and fast path to the recovery of data that never
existed before.
The key recovery access path is completely out of the control of
the user. In fact, this path to lawful access is specifically designed
to be concealed from the encryption user, removing one of the
fundamental safeguards against the mistaken or fraudulent release of
keys.
In contrast, non-recoverable systems can usually be designed
securely without any alternative paths. Alternative paths to access are
neither required for ordinary operation nor desirable in many
applications for many users.\15\
Complexity of implementation
Key recovery systems must be, in terms of functionally, a secure,
distributed, open key management system. They have many of the
properties of both large scale distributed databases and of command and
control systems. Both types of systems have significant inherent
complexity. As we have no practical experience, key recovery mechanisms
represent a system of unknown and potentially daunting complexity.\16\
Commercial organizations would have to add the cost and risk of key
recovery systems to their bottom line. Even government agencies
participating in key recovery pilot programs have found the cost of
centralized key recovery unacceptable.\17\
Key recovery mechanisms do not work in the horizontal information
industry
The information technology industry is characterized by an open,
international, horizontal architecture. Microprocessors are sold to
OEMs who build motherboards, who then contract to have BIOSs and
operating systems installed. The final product is then sold to an end
user who adds whatever applications they wish. New capabilities or
requirements must have an active acceptance within each of the layers
in order to be widely deployed. Key recovery discussion has focused
only on the upper, application layer.
Low-level layers have no visibility into higher-level
layers
The nature of the information technology industry is that it is
made-up of distinct horizontal architectural layers, from the
microprocessor up through application programs. The components in each
of these layers are supplied by different companies, having different
economic models and different diffusion channels.
For valid security reasons, cryptography is migrating further
``down'' the layers toward the basic hardware. Key recovery, on the
other hand, is a user-initiated protocol problem and can not be pushed
down to the hardware. In short, cryptography implemented on hardware
can not determine how it will ultimately be used.
Key recovery is under the end user's control and is performed by
communications protocols or applications programs. The original
microprocessor could have no knowledge of how its cryptography would be
used any more than it could know how its multiplication instructions
will be used.
Key recovery regulation is envisioned from the perspective of the
end user. The end user ``sees'' a vertical single product, but the
reality is that the PC is actually a collection of products from many
different companies.
Horizontal interfaces are international standards
Within the horizontal architecture of the computer industry, the
interfaces between horizontal layers are defined by established
international industry standards. None of these interface standards
currently support key recovery of keys stored in mass market hardware.
To change these standards would be a slow and difficult process.
Key recovery does not work in an international setting
The information technology industry is based on international
standards. No U.S.-only solution is commercially feasible. Most U.S.
information technology companies derive a large share of their revenue
from non-U.S. sources. To restrict their products to only U.S. markets
would be devastating.
Not all countries will adopt key recovery
Very few countries have embraced key recovery to the extent that
the U.S. government has done. In particular, countries with strong
privacy laws have generally regarded key recovery schemes as being in
violation of those laws. As an example, Lotus Notes, which includes a
key recovery feature, specifically lost a major sale to the Government
of Sweden when the Swedish press discovered the key recovery
feature.\18\
The European Commission has not endorsed key recovery as a solution
to lawful access problems. It is therefore unlikely that a European-
wide agreement can be reached. Indeed, the European Committee on
Banking Standards (ECBS)--a powerful consortium of financial
institutions--has filed a submission with the European Commission
arguing against key recovery.\19\
Requires modification to existing standards
Data communications and architectural standards are
internationally-negotiated standards. None of these standards include
data recovery provisions. Products must be built to conform to these
standards to become mass market products. Many of these standards are
not controlled by any government, rather they are controlled by
commercial or user communities (such as the IETF).
Negotiating provisions for key recovery into these standards will
require international--agreement on the form and procedures of key
recovery technology. Given the current international climate, it is
unlikely that such negotiations would succeed.\14\
Interoperability will require a non-recovery mode
If there is even one major country which prohibits key recovery,
then all developed systems will have to have a ``non-key recovery''
mode to facilitate interoperability. There is little that one could do
to ensure that the ``non-key recovery'' mode was not used in normal
communications.
Mutual access to keys opens U.S. companies to industrial
espionage
There is no way to guarantee that other countries will have the
same level of constitutional safeguards on access to their key recovery
agents as guaranteed in the U.S. U.S. corporations would be at high
risk of international economic espionage if forced to deposit
encryption keys with foreign key recovery agents.
According to the FBI, U.S. corporations are already targets of
major industrial espionage efforts. The FBI says foreign spies have
stepped up their attacks on American companies, and a new national
survey estimates that intellectual property losses from foreign and
domestic espionage may have exceeded $300 billion in 1997 alone.\20\
Governments of at least 23 countries, ranging from Germany to
China, are targeting American companies, according to the FBI. More
than 1,100 documented incidents of economic espionage and an additional
550 suspected incidents that could not be fully documented were
reported last year by companies in a survey conducted by the American
Society for Industrial Security.\21\
THE GOVERNMENT NEEDS TO FIND TECHNOLOGICAL ALTERNATIVES TO MEET ITS
REQUIREMENTS FOR ACCESS TO INFORMATION
Given the global availability of strong, non-recoverable encryption
and the fast pace of technological advancement, it is clear that
current U.S. policy is not working. An alternative means to gather
lawful intelligence is needed by both national security and law
enforcement interests.
Clearly, Congress should adequately fund the technical efforts of
our law enforcement and national security agencies so they can meet
these challenges. And industry would support additional funding.
For example, ACP, for example, has advocated that the U.S.
Government should work cooperatively with our nation's hardware and
software manufacturers to develop the technical tools and know-how to
achieve a policy that effectively responds to society's needs for law
enforcement, national security, critical infrastructure protection,
privacy preservation, and economic well-being.
NET center proposal
Last year, ACP proposed the creation of a National Center for
Secure Network Communications (``NET Center''). The NET Center (now
called ``Tech Center'') concept is 15 aimed at helping law enforcement
officials to understand how to deal with encryption and other technical
advances when encountered in a criminal setting.
The Tech Center should be a public-private entity operating within
a national laboratory for information technology to perform research
and act as a forum for further discussions on technology trends and
vulnerabilities. Clearly a Tech Center must operate within a legal
framework that provides reasonable safeguards.
Attorney General Janet Reno announced plans for the Federal Bureau
of Investigation to set up a new $64 million center to protect the
nation's critical infrastructures, particularly computer networks, from
both physical and cyber attack.
Industry cooperation
The national security is best secured by the American companies
actively competing for and supplying the fundamental technologies of
the national infrastructure. Only those companies directly involved in
the research and development of information technology components can
assess the security and vulnerabilities of the infrastructures created
from those components. Technical innovation is predominantly centered
in the private sector. Only a government/industry cooperation can
effectively address the challenge of continued technological change.
CONCLUSION: THE PROTECT ACT SHOULD BE PASSED WITH FURTHER IMPROVEMENTS
The mass market model
Mass-market hardware manufacturers and software publishers sell
products through multiple distribution channels such as OEMs (i.e.,
hardware manufacturers that pre-load software onto computers), value-
added resellers, retail stores and the emerging channel of on-line
distribution. Thus, mass market products are available to the general
public from a variety of sources.
The mass-market distribution model presupposes that hardware
manufacturers and software publishers will take full advantage of these
multiple channels to ship identical or substantially similar products
worldwide (allowing only for differences resulting from localization)
irrespective of specific customer location or characteristics. As mass
market products are uncontrollable, Intel believes U.S. companies
should be able to export the current market standard of 128-bit
encryption. Unfortunately, the Administration only permits easy exports
of 56-bit encryption even if foreign products exist in the
marketplace'. And the Administration continues to impose onerous
controls on 56-bit toolkits and hardware encryption components, notably
semiconductors.
The PROTECT Act grants export control relief to products at all
horizontal levels
Intel believes that all distinct horizontal architectural layers,
from the microprocessor up through application programs should be
treated identically under any encryption export policy. However,
contrary to the Administration's original announcement regarding export
relief which included export relief for hardware, the new regulations
still do not permit 56-bit encryption chips, integrated circuits,
toolkits and executable or linkable modules to be easily exported
except to subsidiaries of U.S. companies or otherwise relax export
controls on stronger mass market hardware. We are pleased that the
PROTECT Act remedies this problem and treats mass market hardware in
the same manner as mass market software.
The PROTECT Act eliminates reporting requirements for mass market
products
We are encouraged that the PROTECT Act recognizes the difficulties
in complying with reporting requirements for mass market encryption
products and eliminates such reporting requirements. It is virtually
impossible for mass-market exporters to report the name and address of
each end-user. Millions of these products are sold through multi-level
distribution channels (e.g, VAR's and chain stores). Moreover, as
registration of mass market products is customarily voluntary. This is
a vast improvement over the Administration's proposed regulations which
effectively require companies to develop a system to obtain the names
and addresses for each health and medical end-user of stronger
encryption products and all foreign online merchants.
The PROTECT Act's export relief for mass market products and for
products which face competition from comparable foreign
products is too complicated and creates an unwieldy bureaucracy
We are pleased that the PROTECT Act does recognize that mass market
and publicly available encryption products, and encryption products for
which comparable foreign products are available, should be treated
differently under the U.S. export regime. The bill acknowledges the
futility of trying to control a product that can be bought off of the
Internet or easily purchased from commercial vendors such as CompUSA or
from Circuit City by any individual in America regardless of
nationality, or a comparable product can be easily purchased from
similar stores in a foreign country. ``Bad guys'' certainly will have
no problems obtaining the encryption products, and no concerns about
``exporting'' the products via telephone lines or the Internet or
smuggled out on personally pressed CDs. The only impact of the export
controls will be to stop American companies from selling American
products to legitimate users.
Unfortunately, the PROTECT Act establishes a complicated private/
public board structure for deciding after-the-fact whether or not a
product is a mass market product or whether comparable foreign products
are available. The Secretary of Commerce has thirty days to approve or
disapprove the Board determination, subject to judicial review, and the
President may override any determination. There is no guarantee of any
consistency in the Board's decisions. Thus, while the Board procedure
is an improvement, and the opportunity for judicial review provides a
mechanism to ensure that exports are not denied in an arbitrary and
capricious manner, it is not a predictable, clear process giving
American companies certainty as to whether they can export their
products. Such predictability is necessary so that American companies
can have confidence designing and building security features into their
products.
The PROTECT Act should, but does not, afford complete and immediate
export relief for mass market encryption without any complicated
oversight. The Act also does not recognize that if a comparable foreign
product is available, any delay in exports provides a significant
advantage to the foreign product.
The PROTECT Act supports development of AES, but delays full export
control relief until 2002
The PROTECT Act also provides Congressional support for, and sets a
5-year limit on the selection of, the 128-bit Advanced Encryption
Standard which is being developed under the auspices of the National
Institute of Standards and Technology. The 2002 deadline will provide
impetus for NIST to finish developing the standard in a timely manner
while providing NIST with sufficient time to study the final standard's
security features. This is an important process that will result in a
new standard for government's sensitive, but unclassified, information
and most likely will serve as the new worldwide standard for strong
encryption similar to the Data Encryption Standard when it was
introduced in the 1970's. Once the algorithm is selected, the PROTECT
Act removes all export controls on encryption products using the 128-
bit standard or its equivalent strength.
Unfortunately, because the PROTECT Act limits easy exportability of
mass market products until the AES is adopted, general distribution of
these products will have to wait almost three years. Considering the
current speed of technological change, where Internet products are now
on three-month product cycle times, and the fact that 128-bit
comparable foreign encryption is currently available, this is an
eternity in Internet time. Law enforcement and national security
interests have known for a long time that ubiquitous use of strong
encryption by consumers worldwide is just around the corner. They
cannot hope to continue to delay the world from using strong encryption
according to their timeframe.
A new approach
The preceding has made the argument that:
Encryption is essential to conducting all business in an
Internet economy;
Encryption is vital to securing America's critical
infrastructures;
The availability of encryption cannot be reasonably
controlled;
Government promoted or required plaintext access will not
work; and
The government needs to find technological alternatives to
meet its requirements for access to information.
If accepted, these arguments force one to the conclusion that a new
approach to encryption policy is required.
endnotes
\1\ Wall Street Journal, Department of Commerce talks about
Inflation, 16 April 1998.
\2\ Forrester Research
\3\ Dataquest
\4\ Ibid., p. 8.
\5\ Marsh, R., Chairman, Critical Foundations: Protecting America's
Infrastructure, The President's Commission on Critical Infrastructure
Protection, October 1997.
\6\ See http://www.swisspost.ch/E/21.html
\7\ Schneier, B., Applied Cryptography, John Wiley & Sons, Inc.,
New York, NY, 1996.
\8\ Schneier, B., Private correspondence, June 1998.
\9\ Hayward, D., Europeans Break Encryption Barriers, TechWire, 17
June 1997.
\10\ Ministry of Research and Information Technology Denmark for
the European Commission Directorate-General XIII Telecommunications,
Information Market and Exploitation of Research, Report of Day 1 of the
European Expert Hearing on Digital Signatures and Encryption
(Copenhagen, April 23, 1998), Copenhagen, Denmark, 23-24 April 1998
\11\ Siemens Nixdorf, Press Release, http://www.trustedweb.com/
whats--new/pressrelease.html, Hanover, Germany.
\12\ Burnahm, B., The Electronic Commerce Report, Piper Jaffray
Research, p. 75, August 1997.
\13\ Crowell, W., Deputy Director National Security Agency,
Testimony before Senate Commerce Committee, 1997.
\14\ Neumann, P., et.al., The Risks of Key Recovery, Key Escrow,
and Trusted Third Party Encryption, Final Report of The Cryptographers'
Working Group, 27 May 1997.
\15\ Ibid.
\16\ Ibid.
\17\ Wayner, P., Administration Gets Sour Taste From Own Encryption
Medicine, New York Times, 1 July 1997.
\18\ Laurin, F., and Froste, C., Secret Swedish E-Mail Can Be Read
by the U.S.A., Svenska Dagbladet, 18 Nov 1997.
\19\ Computing, Banks Slam Snoops, 26 March 1998.
\20\ Nelson, J., FBI: Commercial Spying Rises, Los Angeles Times,
12 January 1998.
\21\ Ibid.
Senator Frist. Thank you very much.
Mr. Bidzos.
STATEMENT OF D. JAMES BIDZOS, VICE CHAIR, SECURITY DYNAMICS
TECHNOLOGIES, INC.
Mr. Bidzos. Thank you, Mr. Chairman. Let me also thank you
and the committee for the opportunity to be here and testify
this morning. At the outset, I want to say that the PROTECT Act
definitely moves us in the right direction and is a real
improvement over the current administration policy, but, as I
will explain in a few moments, the bill could be further
improved in several important respects.
I am pleased to be here this morning and testify on behalf
of Americans for Computer Privacy. ACP is a coalition of over
4,000 individuals, 40 trade associations, and over 100
companies representing financial services, manufacturing, high
tech, transportation industries, as well as law enforcement,
civil liberty, taxpayer, and privacy groups.
Currently I am vice chairman of Security Dynamics
Technologies, but during the last 13 years I served as
president and chief executive officer of RSA Data Security. RSA
Data Security is the leading American company producing
encryption products. It was founded in 1982 and our encryption
technology is embedded in virtually every mainstream product,
from things such as Microsoft Windows to Netscape's Navigator,
also Microsoft's browser Internet Explorer, Intuit's Quicken,
and Lotus Notes. It is very widespread. Most of it is 128 bits.
I am also the founder and chairman of a company called
Verisign, which is the leader in Internet authentication and
certification, and I am a director of several other security
companies, including two in Japan and two in Europe. I think
this has given me unique insight into the global encryption
issue.
I have been deeply involved in the debate over encryption
policy during this time and hope my experience can benefit the
committee. I testified for the first time about 10 years ago
before the House Committee on Science, Space, and Technology,
and made many of the arguments that we are hearing here today.
I used to joke that encryption, the type of encryption that
my company developed, was a solution in search of a problem. I
do not say that any more because the problem is obvious and we
have discovered it. Quite simply, it is e-commerce. E-commerce,
however, is not going to reach its full potential unless it
becomes secure. That would be a tremendous disappointment since
electronic commerce between businesses alone is expected to
reach over $300 billion per year by the year 2002. At least 60
percent of all Americans will be using the Internet and the
number of worldwide online users is expected to reach 250
million by the year 2002.
Without relaxation of export controls, U.S. manufacturers
remain at a competitive disadvantage and foreign consumers will
purchase encryption products from foreign suppliers. Just in
reaction to a comment made on the other panel, I would welcome
the opportunity after my statement to go into more detail, but
I think that the Administration underestimates the
determination and the capabilities of the companies that we
compete with overseas.
Foreign products are comparable in capabilities and
quality, and do not let anyone tell you otherwise. When a
foreign purchaser cannot obtain an American product, they
simply purchase it from a foreign supplier. The Siemens example
we heard about is a good one. There are numerous others.
Indeed, foreign companies are even testifying against
relaxation of U.S. export controls.
Unfortunately, not only are American companies losing the
sale of an encryption item, but they are also using a sale of
the program or hardware, such as an Internet server or an
application browser, that incorporates the encryption
capability. In fact, companies risk losing sales of entire
systems because of their inability to provide necessary
security features.
Over the last 13 years I have seen security move from
literally out of nowhere to being No. 1, No. 2, or No. 3 on
everybody's list of absolutely critical essential features in
products and systems that they intend to purchase. Companies
that cannot offer that essential feature are cut out of the
entire business opportunity.
Thus, the only impact of the Administration's export policy
is widespread deployment of foreign-designed and manufactured
software and hardware.
But I think it is also essential to understand that full
deployment of strong encryption is vital to America's national
interest. ACP and its members are responsible citizens. We have
no wish to facilitate the commission of crime or hurt national
security. It is precisely because we hold these views that we
believe it is in America's best interest to prevent crime and
promote national security through widespread reliance on strong
American encryption products both here and abroad.
We also believe that our law enforcement and intelligence
agencies must be given the additional resources and technical
help they need to meet the challenge of the next century. But
those challenges are far greater if these agencies are forced
to face a world in which the majority of information and
communications systems--communications pass over systems and
networks that are foreign-designed, foreign-built, foreign-
installed, and incorporate foreign encryption. That may well
apply to systems here in the United States as well, based on
the way things are going now.
The PROTECT Act is an improvement over current
administration policy. It affirms that Americans may use and
sell any type of encryption domestically and ensures that the
U.S. Government may not use its full powers and capabilities to
compel Americans to use or sell a certain type of encryption.
The PROTECT Act also provides a broader range of export relief
for American encryption products and it provides a certain
timeframe for export reviews. Also, the Act provides
congressional support for and sets a 5-year limit on the
selection of the 128-bit Advanced Encryption Standard.
But even a good thing can be made better. The PROTECT Act
should be further improved to reflect market and technological
realities. The PROTECT Act does not permit individual foreign
consumers to obtain strong non-recoverable encryption, making
it impossible for them to securely purchase products from
American companies.
Also, the Act does not provide immediate export relief for
encryption sales to small businesses, one of the fastest
growing worldwide business sectors. Unfortunately, the PROTECT
Act limits easy exportability of mass market products with
strong 128-bit encryption until NIST adopts the Advanced
Encryption Standard. Exportability in the mean time is
dependent on an unwieldy complex bureaucracy that will
determine whether American products are generally available or
compete with comparable foreign products. We believe the
evidence is already overwhelming regarding these facts.
I would be happy to answer any questions about the
significance of this 3-year delay in terms of how our
competitors will exploit it and how that translates into
Internet years and what it means for future opportunities.
In conclusion, Mr. Chairman, ACP strongly urges the
committee to move forward with the PROTECT Act and to adopt
amendments to permit the immediate exportability of strong
encryption to a broader range of businesses and individuals
abroad.
Thank you.
[The prepared statement of Mr. Bidzos follows:]
Prepared Statement of D. James Bidzos, Vice Chair, Security Dynamics
Technologies, Inc.
Congress must immediately relax export controls on software and
hardware with encryption capabilities. Widespread deployment of
American products with encryption capabilities will help to accelerate
dramatically the growth of electronic commerce by protecting consumers'
privacy and preventing electronic crime.
Without relaxation of export controls, U.S. manufacturers remain at
a competitive disadvantage, and foreign consumers will purchase
encryption products from foreign suppliers. Foreign products are
comparable in capabilities and quality. When a foreign purchaser cannot
obtain an American product they simply purchase it from a foreign
supplier. Unfortunately, not only are American companies losing a sale
of an encryption item, but they are also losing the sale of the program
or hardware such as an Internet server or an application browser that
uses the encryption capability. In fact, companies risk losing sales of
entire systems because of their inability to provide necessary security
features. The only impact of the Administration's export policy is
widespread deployment of foreign designed and manufactured software and
hardware.
The Administration took the first step towards developing a
sensible long-term encryption policy by permitting exports of select
products to select users, but they still have not gone far enough.
The PROTECT Act is an improvement over current Administration
policy. It affirms that Americans may use and sell any type of
encryption domestically, and ensures that the U.S. Government may not
use its full powers and capabilities to compel Americans to use or sell
a certain type of encryption. The PROTECT Act also provides a broader
range of export relief for American encryption products and provides a
certain timeframe for the export review process. Also, the Act provides
Congressional support for, and sets a 5-year limit on the selection of,
the 128-bit Advanced Encryption Standard.
The PROTECT Act should be further improved to reflect market and
technological realities. The PROTECT Act does not permit individual
foreign consumers to obtain strong, non-recoverable encryption, making
it impossible for them to securely purchase products from American
companies. Also, the Act does not provide immediate export relief for
encryption sales to small businesses--one of the fastest growing
worldwide business sectors.
Unfortunately, the PROTECT Act limits easy exportability of mass
market products with strong 128-bit encryption until NIST adopts the
Advanced Encryption Standard. This means individual consumers and small
businesses will have to wait three years to obtain strong American
encryption, and foreign companies will have had three more years to
market their products. Exportability in the meantime is dependent on an
unwieldy complex bureaucracy that will determine whether American
products are generally available or compete with comparable foreign
products. We believe the evidence already is overwhelming regarding
these facts.
INTRODUCTION
Good Morning. My name is Jim Bidzos, and I am Vice Chair of
Security Dynamics Technologies, Inc., a Massachusetts-based security
firm that is also the parent company of RSA Data Security, located in
San Mateo, California. For over 13 years, until earlier this year, I
was the President and CEO of RSA Data Security, the world's leading
encryption company.
RSA's technology is embedded in both Netscape and Microsoft
browsers, and in over 500 other products, all used by hundreds of
millions of people around the world to secure internet transactions and
digital data of many types. Over many years, I have personally
negotiated hundreds of licenses to RSA encryption technology, including
licenses with companies such as IBM, Microsoft, ATT, Netscape, Oracle,
and Motorola. These negotiations almost always involve discussions
about encryption needs, end-user requirements, and export policy. I
have thus gained unique insights into the needs and concerns of both
industry and users with respect to encryption.
I am also founder and chairman of Verisign, Inc., the leader in
Internet authentication. Verisign is the world's largest Internet
security products and services company as measured by both customers
and market capitalization.
I am a member of the board of directors of several other security
companies. One specializes in virtual private networks. Another is a
manufacturer of security tokens. Another offers cryptographically
secure digital time stamping services. I am also a director of a UK-
based encryption hardware company, a Dublin-based secure electronic
payments company, and two Japanese security companies.
I have been deeply involved in the debate over encryption, from
many aspects, including US policy on the export of this technology.
Over the last 13 years, I have testified many times before both the
House and Senate on encryption policy, and I have participated in
numerous US and international standards activities.
I believe that my long and unique history in the encryption area
allows me to offer testimony today that may help the committee better
understand industry's concerns over US encryption policy.
On behalf of Americans for Computer Privacy (``ACP''), thank you
for the opportunity to testify on S.798, the PROTECT Act, sponsored by
Chairman McCain and cosponsored by four other committee members
Senators Bums, Wyden, Abraham, and Kerry.
ACP is a coalition of over 3,500 individuals, 40 trade associations
and over 100 companies representing financial services, manufacturing,
high-tech, and transportation industries as well as law enforcement,
civil-liberty, taxpayer and privacy groups. ACP supports policies that
allow American citizens to continue using strong encryption without
government intrusion, and advocates the lifting of export restrictions
of U.S. made encryption products.
But we really are here today to speak on behalf of the tens of
millions of users of American software and hardware products. The
American software and hardware industries have succeeded because we
have listened and responded to the needs of computer users worldwide.
We develop and sell products that users want and for which they are
willing to pay.
One of the most important features computer users are demanding is
the ability to protect their electronic information and to interact
securely worldwide. American companies have innovative products which
can meet this demand and compete internationally. But there is one
thing in our way--the continued application of overbroad, unilateral,
export controls by the U.S. Government.
At the outset, I want to say that the PROTECT Act definitely moves
us in the right direction and is a significant improvement over the
Administration's current policy--but it could be further improved in
several important respects (along the lines of the SAFE Act).
ACP recognizes a legitimate governmental need to obtain access to
information and communications when authorized by proper legal
authority. ACP and its members are responsible citizens. We have no
wish to facilitate the commission of crime or the spread of terrorism.
Similarly, we are committed to strengthening the nation's
infrastructure and promoting national security, enhancing the privacy
of American citizens and ensuring the security of electronic commerce.
But we believe that the best way of meeting all these objectives is
promote the widespread use of encryption!
Ultimately, any truly successful, sensible encryption policy that
has America's best interests at heart must be based on technological
and market realities, and should not create winners and losers in the
encryption marketplace on a sector-by-sector basis. It would recognize
that:
The worldwide encryption standard is 128-bit encryption;
Mass market software and hardware is inherently
uncontrollable; and
It is in America's national and economic security
interests to have American designed and manufactured encryption
products deployed worldwide.
We believe it is preferable for Congress to put encryption policy
on a statutory basis rather than continuing to leave it up to
inconsistent Administration regulations--sending a strong message
around the world that encryption is important for protecting the
privacy of citizens, for promoting e-commerce, preventing crime and
protecting our critical infrastructures and national defense.
THE AMERICAN COMPUTER SOFTWARE AND HARDWARE INDUSTRIES--AN AMERICAN
SUCCESS STORY
The computer software and hardware industries are American success
stories, but they are being threatened. America's software and hardware
industries are important contributors to U.S. economic security.
Information technology industries now are directly responsible for over
one-third of real growth of the U.S. economy, and both the computer and
software industries are continuing to grow. From 1990 through 1996, the
software industry grew at a rate of 12.5%, nearly 2.5 times faster than
the overall U.S. economy.
More than 7 million people work in IT industries. In 1996, the
software industry provided a total of over 619,000 direct jobs and $7.2
billion in tax revenues for the U.S. economy. The software industry is
expected to create an average of 45,700 new jobs each year through
2005. If piracy were to be eliminated in the United States, the number
of new software jobs created would double to an average of 93,000 a
year.
Moreover, the computer software industry has achieved tremendous
success in the international marketplace with global sales of packaged
(i.e., non-custom) software reaching over $118.4 billion in 1996, and
rising to $135.4 billion in 1997. American produced software accounts
for 70% of the world market, with exports of U.S. programs constituting
half of the industry's output.
The incredible growth of the industry and its exporting success
benefits America through the creation of jobs here in the United
States. Many of these jobs are in highly skilled and highly paid areas
such as research and development, manufacturing and production, sales,
marketing, professional services, custom programming, technical support
and administrative functions. In the U.S. software industry, workers
enjoy more than twice the average level of wages across the entire
economy--$57,319 versus $27,845 per person.
All of these revenues and jobs are dependent upon American software
and hardware producers remaining the market leaders around the world,
especially as the major growth markets continue to be outside the
United States. Strong export controls on products with encryption
capabilities are crippling the ability of these companies to compete
with foreign providers and are only ensuring that foreign products are
securing worldwide critical infrastructures, not American products.
SECURE NETWORKS AND CONFIDENTIAL INFORMATION IN THE INTERNET AGE ARE
THE KEY TO PRIVACY AND COMMERCE
American individuals and companies are rapidly becoming networked
together through private local area networks (LANs), wide area networks
(WANs) and public networks such as the Internet. Combined, these
private and public networks are the economic engine driving electronic
commerce, transactions and communications. This engine is sputtering
and threatens to stall.
Traffic on the Internet doubles every 100 days. Predictions of
business-to-business Internet commerce for the year 2000 range from $66
billion to $171 billion, and by 2002, electronic commerce between
businesses is expected to reach $300 billion. During 1997, one leading
manufacturer of computer software and hardware sold $3 million per day
online for a total of $ 1.1 billion for the year.
More and more individual consumers also are going on line arid
spending. Five years from today, we anticipate nearly 60 percent of all
Americans to be using the Internet. More than 10 million people in
North America alone have already purchased something over the Internet,
and at least 40 million have obtained product and price information on
the Internet only to make the final purchase off-line. Altogether last
year, consumers spent nearly $8 billion online. Nearly 1.5 million
Americans join the online population every month, and the number of
worldwide online users is expected to reach 248 million by 2002.
The incredible participation by American consumers in the Internet
phenomenon clearly demonstrates that the need for strong encryption is
no longer merely the purview of our national security agencies
concerned about securing data and communications from interception by
foreign governments. Today, every American even merely dabbling on the
Internet requires access to strong encryption. Imagine the boost in
volume of e-commerce if all of these consumers had enough confidence in
the security of the Internet to purchase on-line. Yet in 1996 the
Computer Security Institute/FBI Computer Crime Survey indicated that
our worldwide corporations will be increasingly under siege: over half
from within the corporation, and nearly half from outside of their
internal networks.
Network users must have confidence that their communications and
data--whether personal letters, financial transactions or sensitive
business information--are secure and private. Electronic commerce is
transforming the marketplace--eliminating geographic boundaries and
opening the world to buyers and sellers. Companies, governments and
individuals now realize that they can no longer protect data and
communications from others by relying on limiting physical access to
computers and maintaining stand-alone centralized mainframes. Instead,
users expect to be able to pick up their e-mail or modify a document
from any computer anywhere in the world simply by using their Internet
browsers. Thus, consumers worldwide are demanding to be able to protect
their electronic information and interact securely worldwide, and
access to products with strong encryption capabilities has become
critical to providing them with confidence that they will have this
ability.
UNILATERAL U.S. EXPORT CONTROLS HARM AMERICAN INTERESTS
Currently, there are no restrictions on the use of cryptography
within the United States. However, the U.S. Government maintains strict
unilateral export controls on computer products that offer strong
encryption capabilities.
American companies are forced to limit the strength of their
encryption to the 56-bit key length level set late in 1998. The
recently announced regulations will also permit companies to export
stronger encryption on a sector-by-sector, user-by-user basis. However,
this policy ignores the fact that:
The minimum strength now required by new Internet
applications is 128-bit encryption;
American companies cannot export encryption products to a
vast majority of non-U.S. commercial entities. Foreign manufacturers
provide 128-bit encryption alternatives and add-ons--filling the market
void created by U.S. export controls;
Providing sector-by-sector relief is unworkable for mass
market products and does not reflect commercial realities for sales of
custom products;
56-bit encryption has been demonstrated to be vulnerable
to commercial let alone governmental attack. (In the beginning of this
year at the RSA Encryption Conference, a 56-bit DES encoded message was
broken by private companies and individuals working together in 22
hours and 15 minutes--imagine what a hostile government with serious
resources could do); and
New developments in technology are introduced everyday
that speed up decryption time. Adi Shamir, the Israeli computer
scientist who is the ``S'' in RSA, recently announced ``Twinkle'',
which is a proposed method for quickly unscrambling computer-generated
codes that have until now been considered secure, at the International
Association for Cryptographic Research's latest meeting in Prague.
THE WASSENAAR ARRANGEMENT IS NOT A MULTILATERAL AGREEMENT TO
CONTROL ENCRYPTION
I want to take one minute to discuss the Wassenaar Arrangement at
this point. Please do not be fooled by any claims from the
Administration that the Wassenaar Arrangement is the multilateral
agreement on encryption that they have been touting was just around the
corner for the past several years.
The Wassenaar Arrangement replaced the old COCOM regime with a non-
binding agreement among 30 countries to report on their sensitive
exports. The December 1998 Wassenaar Arrangement agreement actually
decontrolled encryption products. Many countries, such as Israel and
South Africa, who export strong encryption are not signatories to the
Arrangement. The Wassenaar Arrangement eliminates controls of any sort
on 56-bit encryption and permits exports of up to 64-bit encryption in
mass-market software and hardware. It also removed any reporting
requirements--the sole official means for actually monitoring what
countries are doing. Although the Arrangement left open the possibility
that countries might individually control 128-bit encryption, we are
skeptical that they will do so. There is no penalty for failing to
control 128-bit encryption, and most countries are actually moving
towards encouraging the use of stronger encryption. Finally, a country
could technically comply with the Arrangement, while still permitting
easy exports of strong encryption.
Ironically, the U.S. government is a good example of the lack of
effect of the Wassenaar Arrangement. In its new encryption regulations,
the Administration is still controlling encryption products with
greater than 56, not 64, bit keys, and they have imposed reporting
requirements on mass market products even if they are using 64-bit
encryption.
Recently, on June 2, 1999, the German government established a new
encryption policy seeking to improve protection of German users of
global information networks and clarifying that any encryption product
may be developed, produced marketed and used without restrictions in
Germany. The German government declared its intention to simplify their
export review process and to strengthen the performance and ability of
German manufacturers to compete internationally. The German government
will monitor abuses of encryption for illegal purposes and attempt to
further improve the technical capabilities of German law enforcement
and security agencies to handle advances in encryption technology.
Even France, traditionally the country which placed the greatest
restrictions on its own citizens by limiting them to the easily broken
40-bit level of encryption, has recognized that technology has
progressed. Near the end of 1998, France relaxed controls on the
domestic use of encryption and is now permitting, and in fact
encouraging, the use of 128-bit encryption by its citizens.
WITHOUT EXPORT RELIEF, FOREIGN CONSUMERS WILL PURCHASE THEIR PRODUCTS
FROM FOREIGN SUPPLIERS, KEEPING U.S. MANUFACTURERS AT A COMPETITIVE
DISADVANTAGE
Export controls also have made American companies less competitive
and opened the door for foreign software and hardware developers to
gain significant market share--decreasing our national and economic
security.
As a result of U.S. unilateral export controls, encryption
expertise is being developed off-shore by foreign manufacturers who now
provide hundreds of encryption alternatives and add-ons. The
Administration's export controls are in no way preventing foreigners,
let alone those with criminal intent, from obtaining access to
encryption products. In fact, foreign software and hardware
manufacturers have seized the opportunity to create sophisticated
encryption products and to capture sales.
As long ago as 1995, the General Accounting Office confirmed that
sophisticated a encryption software is widely available to foreign
users on foreign Internet sites. In 1996, a Department of Commerce
study again confirmed the widespread availability of foreign
manufactured encryption programs and products. Professor Hoffman today
releases the results of his latest survey which shows the continuing
growth in foreign encryption products in the face of U.S. export
controls.
If an encryption product is combined with other applications such
as Internet browsers and application servers, U.S. companies generally
will lose both sales. In fact, companies risk losing sales of entire
systems because of inability to provide necessary security features.
This permits foreign manufacturers to gain entry into companies as well
as gain credibility--providing the foreign manufacturers with further
opportunity to take away future sales in the same and other product
lines.
U.S. ENCRYPTION EXPORT CONTROLS HURT AMERICAN COMPANIES WITHOUT HELPING
LAW ENFORCEMENT OR NATIONAL SECURITY
U.S. export controls have had the effect of creating an encryption
expertise outside the United States that is gathering momentum.
Unfortunately, every time research and development of an encryption
technique or product moves off-shore, U.S. law enforcement and national
security agencies lose. We believe that continuing down this path will
be ultimately more harmful to our national security and law enforcement
efforts as American companies will no longer be the world leaders in
creating and developing encryption products.
In fact, as long ago as 1996, the NRC Committee concluded that as
demand for products with encryption capabilities grows worldwide,
foreign competition could emerge at levels significant enough to damage
the present U.S. world leadership in information technology products.
The Committee felt it was important to ensure the continued economic
growth and leadership of key U.S. industries and businesses in an
increasingly global economy, including American computer, software and
communications companies. Correspondingly, the Committee called for an
immediate and easy exportability of products meeting general commercial
requirements--which is currently 128-bit level encryption!
To summarize:
Foreign competitors not subject to outdated U.S. export
controls are ready to take sales and customers from U.S. companies
today.
Complex and cumbersome U.S. export controls make American
companies less competitive. They significantly increase the costs of
developing, marketing and selling products with encryption
capabilities, delay the introduction of new products or features, and
encourage foreign customers to purchase from foreign suppliers due to
the uncertainty and delay in obtaining a comparable American product.
Current export controls do not keep strong encryption out
of the hands of foreign customers; they just keep U.S. products out of
their hands.
In the future, if export controls on encryption are not
relaxed, both American and foreign infrastructures will be secured by
foreign encryption products, creating a significant problem for
American law enforcement and national security agencies.
American companies do have exciting and innovative products that
can meet the demand for 128-bit encryption and compete internationally.
But unless the current unilateral U.S; export restrictions are changed
to allow the use of strong encryption, American individuals and
businesses will not be active participants in this new networked world
of commerce--let alone continue to be the leaders in its development.
Furthermore, American companies will no longer be providing the world,
and its critical infrastructures, with the answers to their security
problems. Instead foreign companies will. It is unclear how U.S.
national security or law enforcement will be aided or how our critical
infrastructures will be secure when foreign encryption products
dominate the world market.
THE BERNSTEIN CASE
The absurdity of the existing export control regime is further
highlighted by the recent decision of the 9th Circuit Court of Appeals
in Bernstein v. DOJ. In that case, the court held that the existing
restrictions on the export of source code, the language in which
programmers communicate their ideas to one another, are an
unconstitutional prior restraint on first amendment rights of free
speech. So now we have a situation where it is permissible to export
jobs (because one can export source code to teach foreign programmers),
but not American products (because one cannot embody that source code
in a product)!
More generally, Judge Fletcher's opinion raises some very valid,
more general questions and points out how important encryption is to
the mainstream life of Americans rather than merely to obscure
technologists. Judge Fletcher states:
In this increasingly electronic age, we are all required in
our everyday lives to rely on modern technology to communicate
with one another. This reliance on electronic communication,
however, has brought with it a dramatic diminution in our
ability to communicate privately. Cellular phones are subject
to monitoring, email is easily intercepted, and transactions
over the internet are often less than secure. Something as
commonplace as furnishing our credit card number, social
security number, or bank account number puts each of us at
risk. Moreover, when we employ electronic methods of
communication, we often leave electronic ``fingerprints''
behind, fingerprints that can be traced back to us. Whether we
are surveilled by our government, by criminals, or by our
neighbors, it is fair to say that never has our ability to
shield our affairs from prying eyes been at such a low ebb. The
availability and use of secure encryption may offer an
opportunity to reclaim some portion of the privacy we have
lost. Government efforts to control encryption thus may well
implicate not only the First Amendment rights of cryptographers
intent on pushing the boundaries of their science, but also the
constitutional rights of each of us as potential recipients of
encryption's bounty. Viewed from this perspective, the
government's efforts to retard progress in cryptography may
implicate the Fourth Amendment, as well as the right to speak
anonymously, . . ., the right against compelled speech, . . .,
and the right to informational privacy. While we leave for
another day the resolution of these difficult issues, it is
important to point out that Bernstein's is a suit not merely
concerning a small group of scientists laboring in an esoteric
field, but also touches on the public interest broadly defined.
THE ADMINISTRATION TOOK A SMALL FIRST STEP TOWARDS DEVELOPING A
SENSIBLE LONG-TERM ENCRYPTION POLICY, BUT THEY STILL HAVE NOT GONE FAR
ENOUGH
Progress was made last year in the new Administration policy
announced by the Vice President in September and contained in the
interim final regulations of December 31, 1998.
ACP welcomed the Administration's efforts to relax export controls
on select products used by select users. We especially appreciated the
Administration's apparent abandonment of its key escrow policy that
would have required all encryption exports (except for 40-bit and less
encryption) to be capable of providing third parties with immediate
access to the plaintext of stored data or communications without the
knowledge of the user. Foreign companies and consumers simply would not
purchase such products as a multitude of foreign products without key
escrow are readily available.
However, the Administration's actions are merely a first step. U.S.
export controls still ignore the realities of mass-market software and
hardware distribution. Mass-market software publishers and hardware
manufacturers sell products through multiple distribution channels such
as OEMs (ie., hardware manufacturers that pre-load software onto
computers), value-added resellers, retail stores and the emerging
channel of on-line distribution. Thus, mass market products are
available to the general public from a variety of sources. (It also is
why continued reporting requirements about end-uses and end-users make
no sense.)
The mass-market distribution model presupposes that software
publishers and hardware manufacturers will take full advantage of these
multiple channels to ship identical or substantially similar products
worldwide (allowing only for differences resulting from localization)
irrespective of specific customer location or characteristics. As mass
market products are uncontrollable, ACP believes U.S. companies should
be able to export the current market standard of 128-bit encryption.
Unfortunately, the Administration has only proposed permitting easy
exports of 56-bit encryption even if foreign products exist in the
marketplace.
ACP also believes that encryption hardware and software should be
treated identically. However, contrary to the Administration's original
announcement regarding export relief which included export relief for
hardware, the new regulations still do not permit 56-bit encryption
chips, integrated circuits, toolkits and executable or linkable modules
to be easily exported except to subsidiaries of U.S. companies or
otherwise relax export controls on stronger mass market hardware.
In addition, ACP believes that the new regulations are so complex
and contain unrealistic requirements that they undermine many of the
benefits of the Administration's export relief for stronger encryption,
especially for mass market hardware and software. U.S. companies are
now required to meet a number of new, unilateral reporting
requirements. For example, exporters now are required to report the
name and address of end-users, a virtual impossibility for mass-market
exporters because registration of end-users is customarily voluntary. A
system to obtain the names and addresses of each of the millions of
potential health care end-users, for example, would cost more than the
profits yielded from many products.
ACP also is disappointed that the Administration's regulations do
not clearly provide online merchants with the level of export control
relief originally envisioned as they do not permit ISPs to provide
``services'' as a permissible end-use. This could chill the use by ISPs
located abroad of U.S.-origin encryption products for billing, payment,
and delivery purposes, despite the widespread foreign availability of
such products.
THE PROTECT ACT IS AN IMPROVEMENT OVER CURRENT ADMINISTRATION POLICY
The PROTECT Act Establishes The Correct Domestic Encryption Policy
The PROTECT Act affirms that Americans may use and sell any type of
encryption domestically. Even more importantly, the PROTECT Act ensures
that the U.S. Government may not use its full powers and capabilities
to compel, directly or indirectly, Americans to use or sell a certain
type of encryption. This will prevent the U.S. Government from
attempting to achieve domestic controls on encryption through
regulations or ``incentives''.
For example, the Act prohibits the U.S. Government from linking the
ability to electronically sign a document to a requirement that the
consumer use a particular encryption methodology for ensuring
confidentiality. Thus, the U.S. Government cannot require Americans to
use a certain type of encryption (such as key escrow) to engage in
electronic commerce.
Also, the PROTECT Act specifically restricts the government from
requiring any American to use a particular encryption product or
methodology to communicate with or transact business with the
government. The U.S. Government may only specify technologies for its
own internal uses.
The PROTECT Act Provides Additional Export Relief For Encryption
Products
The PROTECT Act provides a broader range of export relief for
American encryption products than the Administration. We are pleased
that the PROTECT Act provides immediate export relief after a one-time
review by the government for:
All encryption products using key lengths of 64-bits or
less rather than the less secure 56-bit key lengths proposed by the
Administration;
All recoverable encryption products regardless of key
length, including telecommunications related products; and
All encryption products using key lengths greater than 64-
bits to certain legitimate and responsible commercial users, including
publicly traded firms, firms subject to government regulation, U.S.
companies' foreign subsidiaries, affiliates and strategic partners, on-
line merchants who use encryption products to support electronic
commerce, and foreign governments who are members of NATO, OECD and
ASEAN.
We are also pleased that the PROTECT Act recognizes the need for a
quicker and more certain timeframe for the export review process.
Businesses simply cannot live with the U.S. Government taking between 3
to 6 months to determine whether a product is exportable when many
Internet products have 90 day product cycles and most businesses do not
want to wait through one or two business quarters to update their
computer systems.
The PROTECT Act Begins To Recognize Mass Market Product Realities
We also are encouraged that the PROTECT Act recognizes the
difficulties in complying with reporting requirements for mass market
encryption products and eliminates such reporting requirements. It is
virtually impossible for mass-market exporters to report the name and
address of each end-user. Millions of these products are sold through
multi-level distribution channels (e.g., VAR's and chain stores).
Moreover, as registration of mass market products is customarily
voluntary. This is a vast improvement over the Administration's
proposed regulations which effectively require companies to develop a
system to obtain the names and addresses for each health and medical
end-user of stronger encryption products and all foreign online
merchants.
The PROTECT Act also provides Congressional support for, and sets a
5-year limit on the selection of, the 128-bit Advanced Encryption
Standard which is being developed under the auspices of the National
Institute of Standards and Technology. The 2002 deadline will provide
impetus for NIST to finish developing the standard in a timely manner
while providing NIST with sufficient time to study the final standard's
security features. This is an important process that will result in a
new standard for government's sensitive, but unclassified, information
and most likely will serve as the new worldwide standard for strong
encryption simiiar to the Data Encryption Standard when it was
introduced in the 1970's. Once the algorithm is selected, the PROTECT
Act removes all export controls on encryption products using the 128-
bit standard or its equivalent strength.
THE PROTECT ACT SHOULD BE FURTHER IMPROVED TO REFLECT MARKET AND
TECHNOLOGICAL REALITIES
The PROTECT Act Does Not Provide Immediate Export Relief For Indi-
vidual Consumers
The PROTECT Act does not go far enough to protect the millions and
millions of consumers that are now engaging in electronic commerce.
Foreign consumers still will not be able to obtain an American Internet
browser with strong, non-recoverable encryption, making it impossible
for them to securely purchase products from American companies. Also,
an everyday foreign consumer who wants to protect an on-line diary,
copies of health care records or a business proposal, may not easily
obtain strong encryption to do so from American sources if any portion
of the encryption used by the product is non-recoverable. Under the
bill, all these individuals must wait until 2002.
The PROTECT Act Does Not Provide Immediate Export Relief For Small
Businesses
We believe the PROTECT Act provides greater export relief for
larger corporate customers. However, until 2002, small and privately-
owned businesses face significant difficulty in easily obtaining U.S.
encryption under any of the License Exceptions established by the
PROTECT Act. So, for example, if two doctors in private practice
together in Brazil or a restaurant owner in France or a small shopping
market in Germany wants to purchase non-recoverable encryption, these
small businesses probably would purchase a comparable foreign product
as an American company could not easily export it to them.
Unfortunately, as companies install the security ``plumbing'' into
their individual computers and company networks, it becomes
increasingly difficult for American companies to replace the foreign
software and hardware that already has been installed. Because the
small business sector is, and most likely will continue to be, the
fastest growing business sector, this puts American companies at a
distinct disadvantage in selling encryption products at a later date.
The PROTECT Act's Export Relief For Mass Market Products And For
Products Which Face Competition From Comparable Foreign
Products Is Too Complicated And Creates An Unwieldy Bureaucracy
The PROTECT Act does recognize that mass market and publicly
available encryption products, and encryption products for which
comparable foreign products are available, should be treated
differently under the U.S. export regime. The bill acknowledges the
futility of trying to control a product that can be bought off of the
Internet or easily purchased from commercial vendors such as CompUSA or
from Circuit City by any individual in America regardless of
nationality, or a comparable product can be easily purchased from
similar stores in a foreign country. ``Bad guys'' certainly will have
no problems obtaining the encryption products, and no concerns about
``exporting'' the products via telephone lines or the Internet or
smuggled out on personally pressed CDs. The only impact of the export
controls will be to stop American companies from selling American
products to legitimate users.
Unfortunately, the PROTECT Act establishes a complicated private/
public board structure for deciding after-the-fact whether or not a
product is a mass market product or whether comparable foreign products
are available. The Secretary of Commerce has thirty days to approve or
disapprove the Board determination, subject to judicial review, and the
President may override any determination. Unfortunately, there is no
guarantee of any consistency in the Board's decisions. Thus, while the
Board procedure is an improvement, and the opportunity for judicial
review provides a mechanism to ensure that exports are not denied in an
arbitrary and capricious manner, it is not a predictable, clear process
giving American companies certainty as to whether they can export their
products. Such predictability is necessary so that American companies
can have confidence designing and building security features into their
products.
The PROTECT Act should, but does not, afford complete and immediate
export relief for mass market encryption without any complicated
oversight. The Act also does not recognize that if a comparable foreign
product is available, any delay in exports provides a significant
advantage to the foreign product.
The PROTECT Act's Relief For 128-Bit AES Products Is Too Little, Too
Late
I want to make one final comment regarding the general
exportability of mass market products. We support NIST's efforts to
establish a new 128-bit Advanced Encryption Standard; however, under
the bill, it will not be finalized until 2002. Because the PROTECT Act
limits easy exportability of mass market products until the AES is
adopted, general distribution of these products will have to wait
almost three years. Considering the current speed of technological
change, where Internet products are now on three-month product cycle
times, and the fact that 128-bit comparable foreign encryption is
currently available, this is an eternity in Internet time. Law
enforcement and national security interests have known for a long time
that ubiquitous use of strong encryption by consumers worldwide is just
around the corner. They cannot hope to continue to delay the world from
using strong encryption according to their timeframe.
THE TIME FOR ACTION IS NOW
To keep American vendors on a level international playing field and
American computer users adequately protected, U.S. export controls must
be immediately updated to reflect technological and international
market realities.
Thank you.
Senator Frist. Thank you, Mr. Bidzos.
Dr. Hoffman.
STATEMENT OF LANCE J. HOFFMAN, PH.D., PROFESSOR, DEPARTMENT OF
ELECTRICAL ENGINEERING AND COMPUTER SCIENCE, AND DIRECTOR OF
THE SCHOOL OF ENGINEERING AND APPLIED SCIENCE, CYBERSPACE
POLICY INSTITUTE, THE GEORGE WASHINGTON UNIVERSITY
Dr. Hoffman. Thank you, Mr. Chairman. I appreciate the
opportunity to be here this morning. I will give an abridgment
of my written statement which has been previously furnished to
this committee.
My name is Lance Hoffman. I am a professor in the
Department of Electrical Engineering and Computer Science at
The George Washington University here in Washington, DC. I am
also director of the School of Engineering's Cyberspace Policy
Institute and the author or editor of five books and numerous
articles on computer security and privacy. My most recent book
is a compendium of papers on the encryption policy problem
entitled ``Building in Big Brother.''
Our Institute recently produced a report which we are
releasing today, which I think you have been furnished,
entitled ``Growing Development of Foreign Encryption Products
in the Face of U.S. Export Regulations.'' This report is also
available from the Institute and will be available later on
this afternoon on our web site, where detailed tables and
charts supporting the testimony I am giving are available.
We did this work in cooperation with NAI Labs, the Security
Research Division of Network Associates in Glenwood, MD. The
project manager for NAI Labs, Dave Balenson, is with me today.
We were assisted in this project by three students.
In our work, we found that the development of cryptographic
products outside the United States is not only continuing, but
is expanding to additional countries. With the rapid growth of
the Internet, communications-related cryptography especially
has been experiencing high growth.
We identified 805 hardware and/or software products which
incorporate cryptography. These were manufactured in 35
countries outside the United States. Attachment 1 to the
written testimony provides the details on the countries and
products.
These 805 foreign cryptographic products represent a 149-
product increase, or 22 percent, over the most recent previous
survey in December 1997. At least 167 of these use strong
encryption, the kind that one cannot export from the United
States without applying for and receiving export license
approval.
Cryptography product manufacturers have appeared in six new
countries since December 1997: Estonia, Iceland, Isle of Man,
Romania, South Korea, and Turkey. In established markets, there
have been some large increases in the number of products
offered. For example, the United Kingdom jumped by 20 products
and Germany jumped by 28 products, going from 76 to 104.
Mr. Chairman, in 70 countries outside the United States,
foreign companies are manufacturing or distributing
cryptographic products. We found 512 of these companies. On
average, the quality of foreign and U.S. products is comparable
and there are a number of very good foreign encryption products
that are quite competitive in strength, standards compliance,
and functionality.
A significant number of foreign competitors to U.S.
manufacturers are developing products with strong encryption
and have as customers a number of large foreign or
multinational corporations. Our report gives more detail on
some of these companies and their offerings.
We also found some examples of advertising used by non-U.S.
companies that generally attempted to create the perception
that purchasing American products may involve significant red
tape and the encryption may not be strong due to export
controls. Cited earlier this morning was material from
Cybernetica's web site in Estonia, and that is also in the
written testimony.
Mr. Chairman, companies want to sell encryption products
that meet certain accepted worldwide standards. To give you
just two examples, in the case of IPsec, the Internet Protocol
Security Standard, there are implementations from at least nine
companies in five foreign countries. One of these is a joint
effort of several Japanese companies, including Fujitsu,
Hitachi, Toshiba, and NEC.
Two years ago NIST solicited algorithms for the Advanced
Encryption Standard to replace the Data Encryption Standard,
DES, as the U.S. Government standard. The majority of the 15
candidate algorithms submitted came from foreign countries. So
it is very possible that the next U.S. Government encryption
standard will have been designed outside the United States.
Finally, Mr. Chairman, our empirical product data could be
combined with economic measures and economic theories to better
explain why we are seeing this observed growth in the
cryptography marketplace and to examine the effects of Internet
growth, electronic commerce development, and regulatory actions
on the market over time. With this knowledge, we would be able
to more easily adjust our national laws for a global economy.
Thank you.
[The prepared statement of Dr. Hoffman follows:]
Prepared Statement of Lance J. Hoffman, Ph.D. Professor, Department of
Electrical Engineering and Computer Science, and Director of the School
of Engineering and Applied Science, Cyberspace Policy Institute, The
George Washington University
My name is Lance J. Hoffman. I am a professor in the Department of
Electrical Engineering and Computer Science at The George Washington
University in Washington, D.C. I also am Director of the School of
Engineering's Cyberspace Policy Institute and the author or editor of
five books and numerous articles on computer security and privacy. My
most recent book is a compendium of papers on the encryption policy
problem entitled Building in Big Brother (Springer-Verlag, New York,
1995).
Currently, I am the principal investigator for a project entitled
``Cryptography Products and Market Survey''. As part of that project,
we have recently produced a report entitled ``Growing Development of
Foreign Encryption Products in the Face of U.S. Export Regulations''. I
am leaving you copies of that report, which is also available from the
Institute or on our Web site at http://www.seas.gwu.edu/seas/
institutes/cpi/library/papers.html, where detailed tables and charts
supporting this testimony are also available. We did this work in
cooperation with NAI Labs, the Security Research Division of Network
Associates, Inc., Glenwood, Md. The project manager for NAI Labs, Mr.
David Balenson, is with me today. We were assisted in this project by
three students.
In the project, we surveyed encryption products developed outside
the United States and found that the development of cryptographic
products outside the United States is not only continuing but is
expanding to additional countries; with rapid growth of the Internet,
communications-related cryptography especially is experiencing high
growth.
As of June 8, 1999, we identified 805 hardware and/or software
products incorporating cryptography manufactured in 35 countries
outside the United States. As shown in Attachment 1, the greatest
number of foreign cryptographic products are manufactured in the United
Kingdom, followed by Germany, Canada, Australia, Switzerland, Sweden,
the Netherlands, and Israel in that order. Other countries accounted
for slightly more than a quarter of the world's total of encryption
products.
These 805 foreign cryptographic products represent a 149-product
increase (22%) over the most recent previous survey in December 1997.
At least 167 of them use strong encryption, the kind that one cannot
export from the United States without applying for and receiving export
license approval. The algorithms used in these are Triple DES, IDEA,
BLOWFISH, CAST-128, or RC5.
Cryptography product manufacturers have appeared in six new
countries since December 1997: Estonia, Iceland, Isle of Man, Romania,
South Korea, and Turkey. There has also been a large increase in the
number of products produced by certain countries. The United Kingdom
jumped by 20 products from 119 to 139, and Germany jumped from 76
products to 104. Also notable was Japan's increase, from 6 products to
18, and Mexico's, from a single product to six.
There are now 512 foreign companies that either manufacture or
distribute foreign cryptographic products in 70 countries outside the
United States. Attachment 2 lists these countries.
On average, the quality of foreign and U.S. products is comparable.
We have encountered poor products both within and outside the U.S., and
we have encountered good products both within and outside the U.S.
There are a number of very good foreign encryption products that are
quite competitive in strength, standards compliance, and functionality.
A significant number of foreign competitors to U.S. manufacturers
of software and hardware with encryption capabilities are developing
products with strong encryption, and have as customers a number of
large foreign or multinational corporations. The report gives thumbnail
sketches of some of these companies and their offerings.
We found some example of advertising used by non-U.S. companies
that generally attempted to create the perception that purchasing
American products may involve significant red tape and the encryption
may not be strong due to export controls. As an example, we show in
Attachment 3 material from Cybernetica's Web site in Estonia. We give
several other examples of similar advertising in the report.
Companies want to sell encryption products that meet certain
accepted worldwide standards. Encryption experts from all over the
world have contributed to two important international standards
efforts, IPsec and the Advanced Encryption Standard. In the case of
IPsec, there are currently implementations (complete or in the works)
from at least nine companies in five foreign countries. One effort, the
KAME Project, is a joint effort of several Japanese companies (Fujitsu,
Hitachi, IIJ Research Laboratory, NEC, Toshiba, and Yokogawa).
In 1997, the National Institute of Standards and Technology (NIST)
solicited algorithms for the Advanced Encryption Standard (AES) to
replace the Data Encryption Standard (DES) as a U.S. government
encryption standard. Individuals and companies from eleven different
foreign countries proposed 10 out of the 15 candidate algorithms
submitted to NIST. So it is very possible that the next U.S. government
encryption standard will have been designed outside the United States.
Details on who submitted what algorithm are given in Attachment 4.
Finally, our empirical product data could be combined with economic
measures and economic theories to better explain why we are seeing the
observed growth in the cryptography marketplace, and to examine the
effects of Internet growth, e-commerce development, and regulatory
actions on the international cryptographic market over time, thus
getting better insights into the implications of various policy
options. We should be able to combine previous work with studies
already available on the information technology sector and the data in
our study to better understand the changes we are seeing in the global
marketplace, and thus be able to more easily adjust national laws for a
global economy.
[GRAPHIC] [TIFF OMITTED] T9984.001
[GRAPHIC] [TIFF OMITTED] T9984.002
[GRAPHIC] [TIFF OMITTED] T9984.003
[GRAPHIC] [TIFF OMITTED] T9984.004
Growing Development of Foreign Encryption Products in the Face of U.S.
Export Regulations
EXECUTIVE SUMMARY
Development of cryptographic products outside the United States is
not only continuing but is expanding to additional countries; with
rapid growth of the Internet, communications-related cryptography
especially is experiencing high growth, especially in electronic mail,
virtual private network, and IPsec products. This report surveys
encryption products developed outside the United States and provides
some information on the effect of the United States export control
regime on American and foreign manufacturers.
We have identified 805 hardware and/or software products
incorporating cryptography manufactured in 35 countries outside the
United States. The most foreign cryptographic products are manufactured
in the United Kingdom, followed by Germany, Canada, Australia,
Switzerland, Sweden, the Netherlands, and Israel in that order. Other
countries accounted for slightly more than a quarter of the world's
total of encryption products. A full summary listing of the foreign
cryptographic products can be found in an appendix to the report.
The 805 foreign cryptographic products represent a 149-product
increase (22%) over the most recent previous survey in December 1997. A
majority of the new foreign cryptographic products are software rather
than hardware. Also, a majority of these new products are
communications-oriented rather than data storage oriented; they heavily
tend towards secure electronic mail, IP security (IPsec), and Virtual
Private Network applications.
We identified at least 167 foreign cryptographic products that use
strong encryption in the form of these algorithms: Triple DES, IDEA,
BLOWFISH, RC5, or CAST-128. Despite the increasing use of these
stronger alternatives to DES, there also continues to be a large number
of foreign products offering the use of DES, though we expect to see a
decrease in coming years.
New cryptography product manufacturers have appeared in six new
countries since December 1997, and there has been a large increase in
the number of products produced by certain countries. The new countries
are Estonia, Iceland, Isle of Man, Romania, South Korea, and Turkey.
The United Kingdom jumped by 20 products from 119 to 139, and Germany
jumped from 76 products to 104. Also notable was Japan's increase, from
6 products to 18, and Mexico's, from a single product to six at the
present time.
We identified a total of 512 foreign companies that either
manufacture or distribute foreign cryptographic products in at least 67
countries outside the United States. A full summary listing of these is
given in an appendix to the report.
On average, the quality of foreign and U.S. products is comparable.
There are a number of very good foreign encryption products that are
quite competitive in strength, standards compliance, and functionality.
We present sketches of some representative competitors to U.S.
manufacturers of software and hardware with encryption capabilities;
all are developing products with strong encryption and have as
customers a number of large foreign or multinational corporations. The
specific companies highlighted are Baltimore Technologies, Brokat,
Check Point, Data Fellows, Entrust, Radguard, Seguridata Privada,
Sophos, and Utimaco.
We found some examples of advertising used by non-U.S. companies
that generally attempted to create a perception that purchasing
American products may involve significant red tape and the encryption
may not be strong due to export controls. This almost always appeared
on Web sites.
We observed that companies vie to have encryption products that
meet certain accepted worldwide standards. Encryption experts from all
over the world have contributed to two important international
standards efforts, IPsec and the Advanced Encryption Standard..
Finally, we suggested that our empirical product data could be
combined with economic measures and economic theories to better explain
why we are seeing the observed growth and to examine the effects of
Internet growth, e-commerce development, and regulatory actions on the
international cryptographic market over time, thus getting better
insights into the implications of various policy options.
1. INTRODUCTION
This project has three main goals: to provide a comprehensive
survey of foreign encryption products available worldwide; to identify
specific foreign competitors likely to present a significant economic
threat to U.S. manufacturers of software and hardware with encryption
capabilities; and to provide evidence, if found, of potential threats
to U.S. leadership in information technology as a result of U.S. export
regulations on encryption products.
While this work was undertaken within a very short time frame, and
with limited resources, it still provides much new evidence to support
the conclusions in Section 7. This evidence can be augmented with
additional information as time permits. We do not offer opinions or
analysis of key escrow or recovery policies, do long-term technological
forecasting, or offer detailed political/social analysis of export
control policies. Our goal is to provide an accurate, up-to-date survey
of encryption products developed outside the United States and to
provide some information on the United States export control regime and
its effect on American and foreign manufacturers.
2. PRIOR WORK
One of our first tasks in this project was to examine prior
relevant work. Several important documents were studied in this regard.
2.1 U.S. Department of Commerce/National Security Agency Study
The U.S. Department of Commerce Bureau of Export Administration
(BXA) and the National Security Agency (NSA) jointly issued a study
[Commerce/NSA Study 1996] that assessed the then current and future
market for software products containing encryption and the impact of
export controls on the U.S. software industry. Quoting from the press
release that accompanied the study, ``. . . The study found that the
U.S. software industry still dominates world markets. In those markets
not offering strong encryption, U.S. software encryption remains the
dominant choice. However the existence of foreign products with labels
indicating DES (Data Encryption Standard) or other strong algorithms,
even if they are less secure than claimed, can nonetheless have a
negative impact on U.S. competitiveness. The study also notes that the
existence of strong U.S. export controls on encryption may have
discouraged U.S. software producers from enhancing security features of
general purpose software products to meet the anticipated growth in
demand by foreign markets. All countries that are major producers of
commercial encryption products were found to control exports to some
extent. The study found that because customers lack a way to determine
actual encryption strength, they sometimes choose foreign products over
apparently weaker U.S. ones, giving those foreign products a
competitive advantage.'' [U.S. DoC 1996]
2.2 National Research Council CRISIS Report
A report [CRISIS 1996] was published in 1996 by the National
Research Council's Committee to Study National Cryptography Policy. It
examined a number of issues related to our study. Based on work by a
committee chaired by former Deputy Secretary of State Kenneth Dam and
populated by a number of professionals from the law, intelligence, and
computer science communities, it concluded that the United States
should promote widespread commercial use of technologies that can
prevent unauthorized access to electronic information, that the export
of the Data Encryption Standard (DES) should be allowed to provide
(what was then considered)-an acceptable level of security, and that
the United States should progressively relax but not eliminate export
controls.
The report also states ``widespread commercial and private use of
cryptography in the U.S and abroad is inevitable in the long run and
its advantages, on balance, outweigh the disadvantages''. The committee
concludes by noting ``the interests of the government and the nation
would be best served by a policy that fosters a judicious transition
toward a broad use of cryptography''.
2.3 President's Export Council Subcommittee on Encryption Report
The President's Export Council Subcommittee on Encryption (PECSENC)
is chartered by the Secretary of Commerce to provide the private and
public sector with the opportunity to advise the U.S. Government on the
future of commercial encryption export policy. The members of the
PECSENC consist of representatives from industry, academia, nonprofit
foundations, state and local law enforcement, and elsewhere in the
private sector. In Septemberl998, its Working Group on International
Issues issued a report [PECSENC 1998, included as Appendix D] that
found ``the difference between U.S. encryption controls and those of
other nations is a serious--but not the only--factor determining
success in the computer security market.'' It also concluded that,
``the adverse impact of controls on U.S. industry is palpable. For many
software applications, business customers simply demand security and
encryption; it is a checklist item, and its absence is a deal
breaker.''
The report also highlighted an example of a non-U.S. company using
the difference in export control regimes as ``leverage'' to ultimately
attempt to dominate particular applications:
``. . . Brokat, a German company that scarcely existed four
years ago, now has 250 employees and offices in several
countries including the United States. Brokat's specialty is
Internet banking and electronic commerce, but it broke into
that business on the strength of being able to offer stronger
encryption than German banks could obtain in Netscape or
Microsoft browsers. It is now a major player in this niche,
with 50% of the European Internet banking market and enough
U.S. customers to justify a 20-person U.S. branch office.
Meanwhile, encryption constitutes 10% or less of Brokat's
revenue, and it has expanded its initial Internet banking
offerings to include support for other forms of electronic
commerce. Loss of U.S. competitiveness in the electronic
commerce software market obviously raises concerns not just
about encryption software but other software opportunities.
Indeed, it foreshadows a weakening of the U.S. position as a
leader in electronic commerce generally.''
The report also was concerned that ``the persistent emphasis in
U.S. export control policy over the past two years on key recovery, or
``lawful access,'' has also taken a toll on the credibility of U.S.
security products. . . . Foreign governments and competitors,
particularly in Europe, have misinterpreted this U.S. policy, perhaps
deliberately. In essence, foreign customers are told often by their
governments as well as local security companies that all U.S.
encryption products come with a back door allowing the U.S. government
to read the contents. In part this is the result of outmoded `Recovery'
supplements to U.S. export rules that demand an unrealistic level of
U.S. government access to key recovery products.''
3. SURVEY OF CRYPTOGRAPHIC PRODUCTS OUTSIDE THE U.S.
3.1 Overview
The principal investigator and the subcontractor of this current
project also studied the worldwide availability of cryptographic
products since April 1993 as part of what has become known as the ``TIS
Survey'' [TIS 1997]. The results of this earlier work have been
presented to the Computer Systems Security and Privacy Advisory Board
(CSSPAB) of the National Institute of Standards and Technology (NIST)
and presented by Stephen T. Walker, President of Trusted Information
Systems, to two Congressional subcommittees [Walker 1993, Walker 1994].
The survey was also provided to numerous government agencies and
departments as part of their efforts to understand the availability of
cryptographic products and its impact on U.S. export control policies.
The TIS Survey continued until December 1997, at which time it
identified 656 foreign cryptographic products from 29 countries. The
survey also identified 963 domestic products, for a worldwide total of
1619 products produced and distributed by 949 companies (474 foreign
and 475 domestic) in at least 68 countries.
Our goal for this current study was to update the foreign product
portion of the TIS Survey. We focused mainly on discovering new
products from foreign manufacturers and also spent some time updating
entries for the existing foreign products in the database.
Information collected by the TIS Survey was assembled into an MS
Access database. The database includes two tables, one for
cryptographic products and a second table for companies that either
produce or distribute cryptographic products. Each entry in the product
table includes the following information: Name/Version, Manufacturer
and Country, Platforms:
PC, Mac, Workstation, Mainframe, DOS, Windows, UNIX, etc.,
Interfaces;
RS232, X.21, X.25, V.21, V.24, RJ-11, etc., Type;
HW, SW, HW/SW combo, What It Encrypts;
Data, Files, Directories, Disks, Communications, Voice,
Fax, Tape, Email, etc., Embodiment;
Program, Kit, Chip, Board, Box, Tokens, PCMCIA, Smart
Card, Phone, etc. Cryptographic Algorithms;
DES, Triple DES (3DES), Blowfish, IDEA, CAST, Proprietary,
RC2/4/5, SKIPJACK, Stream Ciphers, RSA, El Gamal, DH, DSA, ECC, MD2/4/
5, SHA-1, etc., How Distributed;
Mass-Market, Direct, Shareware, Internet, etc., Company
Information;
Name, Country, Address, Contact Information, etc.
3.2 Data Collection Methodology
We used the following methods of data collection: issue a call for
information and examine the results, plumb existing work available to
us, and use the World Wide Web to conduct searches for new products and
information.
The call for information to elicit information from the computer
cryptography community regarding new products (Appendix A) was posted
in the following newsgroups and mailing lists (IETF is the Internet
Engineering Task Force [IETF]):
sci.crypt newsgroup: discussion of the science of
cryptology, including cryptography, cryptanalysis, and related topics
such as one-way hash functions.
Risks mailing list: describes many of the technological
risks that happen in today's environment.
Cypherpunks mailing list: forum for discussing
cryptography, privacy, and related social issues.
Cryptography mailing list: mailing list devoted to
cryptographic technology and its political impact.
Firewalls mailing list: discussion of Internet
``firewall'' security systems and related issues.
IETF Web Transaction Security (wts) Working Group mailing
list: discussion of the development of requirements and a specification
for the provision of security services to Web transaction.
IETF Secure Shell (secsh) Working Group mailing list:
discussion of efforts to update and standardize the SSH protocol.
IETF IP Security Protocol (ipsec) Working Group mailing
list: discussion of the standards efforts on IP Security.
IETF An Open Specification for Pretty Good Privacy
(openpgp) Working Group mailing list: discussion of extending the
current PGP protocol.
The Call and Survey were also posted on the Web site of the
Cyberspace Policy Institute of The George Washington University [CPI
1999]. Additionally, project team members sent the survey out to
individuals who they believed might know of foreign products.
The existing work available to us included trade magazines,
journals, buyers guides [CSI, ICSA Survey], and other print material.
Most of our new information on foreign cryptography products was
found by using Web search engines and gathering information from Web
pages.
3.3 Results of Update to Cryptographic Products Survey
Our effort to update the cryptographic products survey focused
mainly on discovering new products from foreign producers, but also
involved updating information on some of the existing foreign products
in the database. Since we did not set out to update information on
cryptographic products produced in the U.S., the number of domestic
cryptographic products changed only slightly (when we came across
something and thus updated the information). However, we expect that
the number of cryptographic products produced in the U.S. has in fact
also increased. NAI Labs plans to further update the domestic portion
of the survey in the near future.
The updated foreign cryptographic product survey (see summary table
on following page) now identifies a total of 805 hardware and/or
software products incorporating cryptography manufactured in 35
countries outside the United States. The most foreign cryptographic
products are manufactured in theUnited Kingdom, followed by Germany,
Canada, Australia, Switzerland, Sweden, the Netherlands, and Israel in
that order. Other countries accounted for slightly more than a quarter
of the world's total of encryption products. A full summary listing of
the foreign cryptographic products can be found in Appendix B.
The 805 foreign cryptographic products resulting from the current
update represents a 149-product increase over the December 1997 survey.
A majority of the new foreign cryptographic products are software
rather than hardware.
Another notable finding is that a majority of new foreign
cryptographic products are oriented toward communications rather than
data storage applications; and these heavily tended towards secure
electronic mail, IP security (IPsec), and Virtual Private Network (VPN)
applications. The results also showed a lot of activity in IPsec
implementation, which is likely prompted by the recent emergence of new
IPsec specifications from the IETF [IPSEC].
The updated foreign cryptographic product survey also identified a
total of 512 foreign companies that either manufacture or distribute
foreign cryptographic products in at least 67 countries outside the
United States. A full summary listing of these is given in Appendix C.
3.3.1 More ``Strong'' Encryption is on the Market
The updated foreign cryptographic products survey also showed
increasing use of ``strong'' alternative cryptographic algorithms to
DES, which uses a 56-bit key. Altogether, we identified at least 167
foreign cryptographic products that use Triple DES, IDEA, BLOWFISH,
RC5, or CAST-128, which support larger key lengths. Despite the
increasing use of these stronger altematives to DES, there also
continues to be a large number of foreign products offering the use of
DES, though we expect to see a decrease in coming years.
We identified at least 123 foreign cryptographic products that use
Triple DES, which employs either two traditional DES keys, for an
effective key length of 112 bits, or three DES keys, for an effective
key length of 168 bits.
We identified at least 54 foreign cryptographic products that use
the International Data Encryption Algorithm (IDEA), a Swiss-developed
symmetric block cipher with a 128-bit key length [Lai 1990, Lai 1991].
We identified at least 36 foreign cryptographic products that use
BLOWFISH, a symmetric block cipher developed by Bruce Schneier with a
variable key length ranging from 32 to 448 bits [Schneier 1993,
Schneier 1994]. Many of these products appear to use BLOWFISH with the
full 448-bit key length.
We identified at least 2 foreign cryptographic products that use
RC5, a symmetric block cipher developed by Ron Rivest (one of the RSA
inventors) with a variable length key up to 2040 bits [Rivest 1996].
We identified at least 12 foreign cryptographic products that use
CAST-128, a symmetric block cipher developed by Carlisle Adams of
Entrust Technologies in Canada with a variable length key up to 128
bits [Adams 1997].
[GRAPHIC] [TIFF OMITTED] T9984.005
3.3.2 New Countries and Growth Countries for Cryptographic
Products
The update identified six new countries producing cryptographic
products. The countries that have started producing encryption products
since December 1997 are Estonia, Iceland, Isle of Man, Romania, South
Korea, and Turkey.
We also noticed a large increase in the number of products produced
by certain countries, such as the United Kingdom, which jumped by 20
products from 119 to 139, and Germany, which jumped from 76 products to
104.
Japan also showed a large increase, jumping from 6 products in the
December 1997 survey to 18 products in the updated survey. Most of the
new products come from Mitsubishi Electronic Corporation, which has
introduced a number of hardware and software cryptographic products
that make use of a Japanese cryptographic algorithm known as MISTY,
which uses a 128-bit key as well as Triple DES [Matsui 1996, MISTY].
Mexico also increased, from a single ``freeware'' product in the
December 1997 survey to six products in the updated survey, due to the
discovery of five new commercial cryptographic products from Seguridata
Privada S.A de C.V., which is described in greater detail in Section 4.
[GRAPHIC] [TIFF OMITTED] T9984.006
3.3.3 Growing Numbers of Foreign Products & Companies
The TIS Survey was initiated in April 1993 and conducted on an
ongoing basis through December 1997. Figure 2 depicts the evolution of
the survey in terms of the increasing numbers of foreign cryptographic
products and companies (manufacturers and distributors) identified each
year of the survey effort and after the recent update. Overall, there
clearly continues to be increasing and expanding development of foreign
cryptographic Products.
3.3.4 Quality of Foreign Cryptographic Products
NAI Labs has obtained a number of foreign cryptographic products
over the life of the survey effort. The products were all purchased via
routine channels, either directly from the foreign manufacturer, a
foreign distributor, or an U.S. distributor. We have also downloaded a
large number of foreign cryptographic products over the Internet via
the World Wide Web.
The quality of cryptographic products varies greatly both within
and outside the U.S. We have encountered poor quality products both
within and outside the U.S., and we have encountered good quality
products both within and outside the U.S. On average, the quality of
foreign and U.S. products is comparable. There are a number of very
good foreign encryption products that are quite competitive in
strength, standards compliance, and functionality. We highlight some of
these in the next section.
4. some competitors to u.s. products employing cryptography
After updating the cryptography product database, based on prior
surveys and new information, we searched out information on the foreign
manufacturers that were representative competitors to U.S.
manufacturers of software and hardware with encryption capabilities. We
did this by examining traditional sources such as business magazines,
major newspapers, and trade publications; interviewing industry leaders
and security professionals; and using various Web-based search methods
[Lexis-Nexis, ABI/Inform, FirstSearch, Gale] to find appropriate
combinations of keywords (encryption, U.S., US, United States, foreign,
overseas, regulation, export, export controls).
We identified a substantial number of foreign companies that are
developing a number of products with strong encryption and have as
customers a number of large foreign or multinational corporations. We
sketch nine of these in this section to provide a representative
sampling. All but one already provide strong encryption (as defined in
Section 3.3.1).
Some of the material below has references to cryptographic
algorithms, protocols, and other computer science terms that may not be
familiar to some readers. More information on these can generally be
found in [Stallings 1999] and [Rivest 1978].
Baltimore Technologies Plc, IRELAND/UNITED KINGDOM/AUSTRALIA
Baltimore Technologies plc. was formed by the merger in January
1999 of Zergo Holdings plc. (UK) and Baltimore Technologies Ltd.
(Ireland). Its regional headquarters are located in Dublin (Ireland),
Plano (Texas) and Sydney (Australia). Corporate headquarters are
located in London, UK [Baltimore 1999a].
Baltimore develops and markets security products and services for a
wide range of e-commerce and enterprise applications. Its products
include Public Key infrastructure (PKI) systems, cryptographic
toolkits, security applications and hardware cryptographic devices.
Baltimore's security toolkits include PKI-Plus, ECS Desktop, C/SSL,
J/SSL, SMT, CST, and J/CRYPTO. The PKI-Plus toolkit provides clients
with the functionality to support a Public Key Infrastructure and
provides encryption capabilities with full strength DES, Triple DES and
IDEA. ECS Desktop is a high level GSS toolkit that supports 64-bit DES
and 128-bit Triple DES. C/SSL and J/SSL are cryptographic toolkits for
developing SSL 3.0 applications written in C and Java respectively. C/
SSL supports 56-bit DES and 128-bit Triple DES, IDEA and RC4. J/SSL
supports 56-bit DES, and 128-bit Triple DES and RC4. SMT (Secure
Messaging Toolkit) provides developers the ability to add security to
messaging (email) applications. The encryption algorithms supported are
56-bit DES, 128-bit Triple DES, and 40-bit, 64 bit, and 128-bit RC2.
CST (Crypto Systems Toolkit) is a set of cryptographic components
enabling developers to build strong information security systems. It
contains implementations of a variety of encryption algorithms
including DES, Triple DES with up to 192 bits key length, IDEA, BSA4,
BSA5, RC2, RC4, up to 2048-bit RSA, and DSA. J/CRYTPO is a
cryptographic class library for Java applications that supports 56-bit
DES, 112-bit Triple DES, and RC4 encryption, and 512-, 1024-, and 2048-
bit RSA key exchange and digital signature.
Security application solutions include FormSecure, MailSecure,
MailSecure Enterprise, and WebSecure. Of its security applications,
FormSecure which provides PKI security for Web browser forms uses DES
and triple-DES encryption with 128-bit keys. MailSecure provides secure
email for MS Outlook, Exchange and Eudora using 128-bit DES, Triple DES
and RC2. MailSecure Enterprise, a centralized secure email product,
provides encryption with 128-bit Triple DES. WebSecure enhances web
server to browser communication in eases where export versions of
specific browsers are limited to 40 bits of encryption by diverting all
web traffic to its Java programs that use 128-bit RC4 encryption.
Baltimore's hardware cryptographic device, HS4000-Assure provides a
security kernel for high speed servers and workstations and features
56-bit DES and 112-bit Triple DES data encryption, and up to 4096-bit
RSA key exchange and digital signatures.
``Baltimore has customers in over forty countries including some of
the world's leading financial, e-commerce, telecommunications companies
and government agencies. Customers include: ABN-AMRO Bank, Australian
Tax Office, Bank of England, Bank of Ireland, Belgacom, Digital
Equipment, European Commission, Home Office (UK), IBM, Lehman Brothers,
Ministry of Defense (UK), NatWest, NIST (USA), PTT Post (Netherlands),
S.W.I.F.T., Tradelink (Hong Kong), TradeVan (Malaysia) and VISA
International'' [Baltimore 1999a] .
``Baltimore has also formed alliances with other major global
providers of information security technology and services, including
ActivCard, Axent Technologies, CDC, Certicom, Chrysalis, CISCO, Dascom,
DataKey, GemPlus, Gradient, Hewlett-Paekard, ICL, Isocor, Kyberpass,
Logica, Netseape, Oracle, Racal and Valicert'' [Baltimore l999a].
Brokat Infosystems AG, GERMANY
BROKAT was founded in 1994. Its headquarters is in Stuttgart,
Germany. Subsidiaries are located in Great Britain, Ireland,
Luxembourg, Austria, Switzerland, Singapore, Australia, South Africa
and the United States. Brokat develops secure solutions for Internet-
banking, Internet-brokerage and Internet-payment by allowing companies
through the use of its products to develop secure electronic banking
and electronic commerce solutions [Brokat l999a]. Its main product,
Brokat Twister, is a software package enabling secure electronic
business solutions and provides Java-based 128-bit encryption. Brokat's
X-PRESSO Security Gateway provides Twister with a secure Internet
channel, using strong SSL encryption. It supports 128-bit IDEA and
Triple DES for data encryption, and RSA up to 2048 bits for key
exchange and digital signatures.
In its press release of May 19, 1999 Brokat claims a sales increase
of 125% in the third quarter of 1998/1999 compared to the same quarter
in the previous year [Brokat 1999b].
More than 100 financial service companies use Twister. Brokat
customers include Deutsche Bank, Bank 24, Allianz, Fortis Bank
Luxembourg the Zurich Kantonalbank, Hypo Bank of Munich, and The Swiss
National Telephone Company [Andrews 1997].
Brokat's ``Product Partners'' include AOL Bertelsmann Online,
Corporate Interactive, Inc., Intershop Communications, Micrologica,
Netscape Communications, Giesecke & Devrient, and Concord-Eracom.
Check Point Software Technologies Ltd., ISRAEL
``Check Point provides secure enterprise networking solutions
through an integrated architecture that includes network security,
traffic control and IP address management. Check Point solutions are
aimed at enabling customers to implement centralized policy-based
management with enterprise-wide distributed deployment'' [Check Point
1999a].
``The company's integrated architecture includes network security
(FireWall-1, VPN-1, Open Security Manager and Provider-1), traffic
control (FloodGate-1 and ConnectControl) and IP address management
(Meta IP)'' [Check Point 1999b].
``Check Point products protect and manage the corporate assets of
the majority of Fortune 100 companies and other leading companies and
government agencies across the globe. As of April 1999, the company had
more than 30,000 registered customers with over 77,000 installations
worldwide and 17,000+ networks worldwide using its VPN solution. The
Meta IP and Meta DNS products had some 15,000 installations worldwide''
[Check Point 1999b].
The company's international headquarters are located in Ramat-Gan,
Israel. International subsidiaries are located in the United Kingdom,
France, Germany, Japan, Singapore, Australia, the Middle East and
Canada. U.S. subsidiaries are located in northern and southern
California, Colorado, Georgia, Illinois, Massachusetts, Michigan, New
York, North Carolina, Philadelphia, Texas, Virginia and Washington.
In an April 19, 1999 press release, Check Point announced that
``revenues for the first quarter ending March 31 were $43,772,000
compared to $31,956,000 for the same period in 1998, an increase of
37%. Net income for the quarter was $19,703,000, or $0.49 per share
compared to net income of $15,149,000, or $0.39 per share in the same
quarter in 1998, an increase of 30% in net income and 26% in net income
per share. Check Point experienced growth across all geographic
regions, particularly in Japan. Revenues from the U.S. accounted for
45% of revenues, Europe 34% and Rest of World 21%. In addition,
revenues from Technical Services reached 17% in the first quarter. OEM
revenues, including those from Nokia and Sun Microsystems, represented
11% of revenues'' [Check Point 1999c] .
Based on figures from 1997, Check Point is the leading vendor of
firewalls with a 23% share in the firewall market--a revenue of $83
million in firewall sales [Inter@ctive Week 1998].
Checkpoint's firewall solution, Firewall-1 provides a comprehensive
set of security solutions which includes VPN through the support of
encryption algorithms such as 40- and 56-bit DES, 168-bit Triple DES,
40-bit RC4, 40- and 128-bit CAST, and 48-bit FWZ-1 (FWZ-1 is Check
Point's 48-bit exportable proprietary symmetric encryption algorithm).
Check Point's VPN solution products include VPN-1 Gateway, VPN-1
SecuRemote, VPN-1 Accelorator Card, and VPN-1 Appliance. VPN-1 Gateway
products are software solutions that provide encryption supporting the
following algorithms: 40- and 56-bit DES, 168-bit Triple DES, 40-bit
RC4, 40- and 128-bit CAST, and 48-bit FWZ-1. VPN-1 SecurRemote provides
VPN support for remote and mobile users. It supports 40- and 56-bit
DES, 168-bit Triple DES, 40-bit CAST, and 48-bit FWZ-1. VPN-1
Accelorator Card provides hardware-based data encryption using 56-bit
DES and 168-bit Triple DES. VPN-1 Appliance uses 40-and 56-bit DES, 40-
bit RC4, and 48-bit FWZ-1.
Check Point's Open Platform for Secure Enterprise Connectivity
(OPSEC) is an alliance that delivers the industry's first enterprise-
wide security framework. OPSEC provides a single framework that
integrates and manages all aspects of secure enterprise networking
through an open, extensible management framework Via the OPSEC
Alliance, Check Point Software's products seamlessly integrate with
``best-of-breed'' products from more than 200 leading industry
partners. A complete listing of OPSEC partners can be found at http://
www.opsec.com/.
Data Fellows Ltd., FINLAND
``Data Fellows develops, markets and supports data security
products for corporate computer networks. Its products include anti-
virus software, and data security and cryptography software. Its main
offices are in San Jose, California and Espoo, Finland, and it has
branch offices as well as corporate partners, VARs and other
distributors in over 80 countries around the world. Its products have
been translated into over 20 languages'' [Data Fellows 1999a].
Data Fellows' F-Secure cryptography products are a family of
cryptography software to protect the integrity and confidentiality of
sensitive information. Its family of products include F-Secure VPN+, F-
Secure VPN, F-Secure SSH, F-Secure FileCrypto, and F-Secure Desktop. F-
Secure VPN+ provides IPSec protocol based security for secure
networking between remote offices, business partners and travelling
salesmen using 56-bit DES, 168-bit Triple DES, 128-bit Blowfish, and
128-bit CAST. F-Secure VPN (Virtual Private Network) is an SSH security
protocol based solution for pure LAN-to-LAN encryption using a variety
of user selectable algorithms including Triple DES, Blowfish, RSA, and
IDEA (optional). The symmetric algorithms all use at least 128 bits. F-
Secure SSH Server provides users with secure login connections, file
transfer, X11, and TCP/IP connections over untrusted networks using
128-bit Triple DES and 128-bit IDEA. F-Secure SSH Terminal&Tunnel
provides the user with secure login connections over untrusted networks
and to create local proxy servers for remote TCP/IP services. F-Secure
SSH Tunnel&Terminal products support the following cryptographic
algorithms: 56-bit DES, 168-bit Triple DES, 128-bit IDEA, 128-bit
Blowfish, 256-bit Twofish, and 128-bit ARCFour (an RC4 compatible
stream cipher). F-Secure FileCrypto is a product that encrypts and
decrypts files using 256-bit Blowfish and 168-bit Triple DES. F-Secure
Desktop provides encryption and decryption of files, directories, and
Windows 95/NT 4.0 folders using 256-bit Blowfish and 168-bit DES.
``The Company's net sales have doubled annually since it was
founded in 1988. Turnover has reached $3.3 million, $7.6 million and
$14.1 million in the fiscal years 1995, 1996 and 1997, respectively''
[Data Fellows 1999a].
``Data Fellows has customers in more than 100 countries. These
include many of the world's largest industrial corporations and best-
known telecommunications companies; major international airlines;
several European governments, post offices and defense forces; and
several of the world's largest banks. Customers include NASA, the US
Air Force, the US Department of Defense Medical branch, the US Naval
Warfare Center, the San Diego Supercomputer Center, Lawrence-Livermore
National Laboratory, IBM, Unisys, Siemens-Nixdorf, EDS, Cisco, Nokia,
Sonera (formerly Telecom Finland), UUNet Technologies, Boeing, Bell
Atlantic, and MCI'' [Data Fellows 1999a].
Entrust Technologies, CANADA
Entrust is a Canadian company that spun off from Northern Telecom
(Nortel). It develops cryptographic products in Canada and exports them
from there. It now has offices across the United States, Canada, the
United Kingdom, Switzerland, Germany, and Japan.
Entrust develops products for trusted electronic transactions. Its
products include solutions for secure Internet transactions including
digital certificate services and public-key infrastructures (PKI)
products.
Entrust File Toolkit delivers a set of application programming
interfaces (APIs) to add encryption and digital signatures to store-
and-forward (email, e-forms) applications. It Supports DES, Triple DES,
RSA and RC2. Entrust Session Toolkit is designed for third-party
applications that need to protect data communications in real-time. It
supports DES, Triple DES, and RC2. Entrust/Solo is a product that
provides data encryption, digital signature and data compression
functionality for the desktop and e-mail using DES, Triple DES and
CAST.
The company's more than 800 corporate customers include J.P.
Morgan, the Salomon Smith Barney unit of Citigroup, ScotiaBank,
S.W.I.F.T, FedEx, the Canadian Government and several U.S. government
agencies.
Entrust's industry partners include development partners such as
Hewlett-Packard, Network Associates, Oracle, Nortel Networks and
others, 25 channel partners including Hewlett-Packard and Compaq OEM
Partners: IBM, Tandem, Check Point and others, specifiers and referral
partners such as PriceWaterhouse Coopers, Deloitte & Touche; KPMG Peat
Marwick, Ernst & Young, and others, and service provider partners such
as BCE Emergis, EDS, Scotiabank and others [Entrust 1999].
Radguard, ISRAEL
RADGUARD was founded in 1994 as a member of the RAD Group of data
communications companies. Privately held, the company is backed by
American and foreign corporate investors. The company's international
headquarters are located in Tel Aviv, Israel; its US headquarters are
in Mahwah, NJ.
Radguard is a pioneer and leader in the secure Virtual Private
Network (VPN) market. Incorporating security technologies and industry
standards into high-performance hardware architectures, Radguard
provides solutions to Internet-based
virtual private networking, secure non-Internet transmission, safe
Internet connectivity and client encryption. Its VPN and network
security products include cIPRO, CryptoWall, and NetCryptor. cIPRO is
an Internet-working security system for VPNs. The cIPRO family uses DES
and up to 168-bit Triple DES for encryption. CryptoWall is an
encrypting firewall that supports subnet-to-subnet security in TCP/IP
environments. It supports DES for data encryption and RSA for key
exchange and digital signature. NetCryptor is a hardware-based
encryption device that employs DES.
Customers include NTT Data, a subsidiary of Japan's Nippon
Telephone and Telegraph (NTT), Germany's major car makers and component
suppliers including BMW, Bosch, BEHR, Drexlmaier, Audi, Freudenberg,
DaimlerChrysler, Volkswagen and Hella.
Seguridata Privada S.A de C.V., MEXlCO
SeguriDATA is a Mexican company founded in 1996 with the purpose of
participating actively in the construction of security standards in
Mexico and Latin America by means of integration in committees, with
products in electronic security. It has offices in Peru and Spain as
well as Mexico. The company provides confidentiality and authenticity
of electronic documents with applications to electronic commerce,
financial transactions and confidential systems of communications.
Its products include SeguriDOC, SeguriEDIFACT, SeguriLIB,
SeguriPROXY, and SeguriTELNET. SeguriDOC offers Triple DES for
confidentiality of archived data. SeguriEDIFACT provides security for
EDI communications using Triple DES. SeguriPROXY provides security
between web server and web browser sessions using 128-bit RC4.
Sophos Plc., UK
Sophos Plc was founded in 1980 and moved into data security in
1985, producing software and hardware for data encryption,
authentication and secure erasure. Its virus detection product has
positioned the company as a leading supplier of enterprise-wide virus
protection tools. Subsidiaries include Sophos Pty Ltd, Australia,
established in April 1999, Sophos Plc, France, established in May 1998,
Sophos GmbH, Germany established in October 1997, and Sophos Inc, USA,
a wholly-owned subsidiary of Sophos Plc based in Massachusetts, USA
[Sophos 1999]. Sophos data security products include D-Fence 4 HMG, D-
Fence 4 SPA, E-DES, and PUBLIC. D-FENCE HMG is a disk authorization and
encryption system for HMG, providing encryption and authentication of
floppy and hard disks using SEVERN BRIDGE, a U.K. Government standard
algorithm. D-FENCE SPA is a data encryption system for PCs and laptops
using SPA (Sophos Proprietary Algorithm) for encryption of floppy and
hard disks. SPA is a 64-bit block cipher with 64-bit keys. E-DES and
PUBLIC are products used for secure file storage and transmission. E-
DES encrypts files using DES or SPA, while PUBLIC encrypts files using
512-bit RSA or MDH in combination with DES or SPA.
Customers include government, financial institutions and multi-
national corporations.
Utimaco Safeware AG, GERMANY
Utimaco Safeware AG has subsidiaries in Belgium, France, Finland,
Great Britain, Austria, the Netherlands, Norway, Sweden and Switzerland
and additional distribution partners (Value-Added-Resellers) in almost
all European countries, in the USA, Australia, Asia and in South
Africa. Utimaco also has strategic alliances with IBM Deutschland
Informationssysteme GmbH, SIEMENS AG and Toshiba Europe.
Utimaco develops IT security solutions for the areas of mobile/
desktop security (authentication, access control, encryption), network
security (authentication, encryption), e-commerce security (digital
signature, encryption) and security infrastructure (smart card reader).
``Utimaco has three development centres. The SafeGuard product line
focussing on the ``Mobile/Desktop Security'' area is developed in
Munich, Germany. The development of the SafeGuard product family for
``Network Security'' and the smart card technology and card reader
family CardMan is done in Linz, Austria. The third development centre
near Brussels (Holsbeck), Belgium, is responsible for the SafeGuard
``E-Commerce Security'' product line (digital signatures, e-mail
security) and the CriptWare technology (high-performance
implementations of standardized basis-crypto algorithms and
interfaces)'' [Utimaco 1999a].
Products for mobile/desktop security include SafeGuard Easy, and
SafeGuard Desktop. SafeGuard Easy is a security program for the online-
encryption of hard disks and diskettes. It operates with the encryption
algorithms Blowfish, STEALTH, 56-bit DES and 128-bit IDEA to guarantee
the confidential storage of sensitive data. SafeGuard Desktop is a
security solution for OS/2 operating systems offering boot and virus
protection as well as user logon, and allows online encryption of hard
disks and floppies with DES, IDEA, STEALTH, Blowfish, and XOR.
Utimaco network security products include SafeGuard LAN Crypt and
SafeGuard VPN. SafeGuard LAN Crypt provides protection of selected
files against access by persons who are physically capable of accessing
the data carrier. The solution guarantees the security of encrypted
data through a key length of 128 bits and globally accepted, strong
algorithms such as IDEA. SafeGuard VPN provides Virtual Private
Networks with secure data transmission using 168-bit Triple DES and
128-bit IDEA.
Utimaco's E-commerce security products include CryptWare Board,
CryptWare Server, Cryptware Toolkit, and SafeWare Sign&Crypt. Cryptware
Board comes with a DES chip, but allows any other encryption algorithm
to be easily installed. The CryptWare Server is a cryptographic black
box designed for applications with high security requirements and/or
high-speed cryptographic capabilities. It employs DES and 1024-bit RSA.
The CryptWare Toolkit is a library that provides all necessary
cryptographic and administrative functions to build secure electronic
messaging systems. It supports RSA, Triple DES, IDEA, RIPEMD160, MD5,
and SHA-1. SafeWare Sign&Crypt offers signing and verification of
electronic documents. It can provide encryption with 128-bit IDEA.
The breakdown of Utimaco Group sales by industry in the last
business year, 1997/98, is as follows: 29.7% for public institutions,
29.3% for banks, 26.8% for industry and commerce and 14.1% for
insurance companies. In the last business year 57 percent of sales were
made outside Germany. Its customers include Bertelsmann (Gutersloh)
Colonia Nordstern Versicherungsmanagement AG (Cologne), Daimler-Benz
Aerospace AG (Kiel), Dresdner Bank, Eduscho GmbH (Bremen), Frankfurter
Sparkasse (Frankfurt), Goldwell GmbH (Darmstadt), Innenministerium
Mecklenburg-Vorpommem (Schwerin), Landesamt fur Datenverarbeitung,
(Potsdam), Motorola GmbH (Taunusstein), Otto Versand International GmbH
(Hamburg), Oberverwaltungsgericht Thuringen (Weimar), Price Waterhouse
(Frankfurt), Police Forces (Belgium), Isaserver (Belgium), State Police
(Belgium), Unisys for Christelijke Mutualiteiten (Belgium), The
European Commission (Belgium and Luxembourg), Danfoss A/S (Denmark),
ICL Pathway Ltd. (Great Britain), Robert Fleming & Co. Ltd. (Great
Britain), Standard Chartered Bank (Great Britain), Conseil de I Union
Europeenne (Luxembourg), KPN Telecom (The Netherlands), ABN AMRO Bank
N.V. (The Netherlands), Nycomed Amersham Group (Norway), Schweizer Post
(Switzerland), DDJ, and Justizdirektion des Kantons Zurich
(Switzerland).
5. foreign marketing use of u.s. export controls
5.1 Introduction
As Under Secretary of Commerce William A. Reinsch noted in recent
Congressional testimony, ``encryption remains a hotly debated issue.
The Administration continues to support a balanced approach that
considers privacy and commerce as well as protecting important law
enforcement and national security equities. We have been consulting
closely with industry and its customers to develop a policy that
provides that balance in a way that also reflects the evolving
realities of the market place'' [Reinsch 1999]. As the Commerce
Department struggles to craft and finely tune export regulations to
satisfy these objectives, many foreign cryptography manufacturers are
citing these regulations as reasons for their prospects to not ``buy
American''. Even foreign governments sometimes overtly use these
regulations. For example, ``In a letter sent [in January 1999] to
India's Central Vigilance Commission (CVC)--an intelligence agency
comparable to the United States' National Security Agency--the Indian
Defense Research and Development Organization said the limits the U.S.
government places on exported encryption products render the products
too weak for reliable use. The CVC responded that it might mandate that
all Indian financial institutions buy security software from India''
[Dunlap 1999].
5.2 Advertising Related to Cryptographic Controls
Trade magazines, industry reports, and news articles were searched
for consumer preference data, including checklists, ease of use'' and
``best buy'' ratings, etc., to try to find anecdotal justification or
rebuttal of the claim that consumers strongly prefer U.S.-made
encryption products and systems incorporating U.S.-made encryption, as
asserted, for example, in [Ernst 1999].
We did find a reference to a U.S. government study that
acknowledged that ``in many countries surveyed, exportable U.S.
encryption products are perceived to be of unsatisfactory quality''
[Commerce/NSA 1996] (date given as June 1995, page ES-3, possibly a
draft, in [Olbeter 1998]). We also found some information from
companies that claimed or implied that their products are more secure
and/or easier to use than American products burdened by U.S. export
controls. Descriptions of the various export control regimes are found
in [Baker 1998, Koops 1999, and GILC 1998].
Examples of the statements of foreign companies are given below.
Brokat Infosystems AG (Germany)
Brokat, on its web page [Brokat 1999c] discusses ``Secure
Communication using 128-bit encryption'' and states that ``In
comparison to other solutions, X-AGENT allows very secure
communication. Highly sensitive information can be exchanged using this
consultation tool. All data is encrypted with the 128-bit Twister
security component. Even so-called 'weak' Internet browsers, which only
use a 40-bit encryption due to US government export restrictions can be
'topped up' accordingly for the duration of the session.''
Baltimore Technologies plc. (Ireland/United Kingdom/
Australia)
Baltimore Technologies states that WebSecure, a product designed to
provide secure web server to browser communication is useful because
``US export restrictions dictate that most web servers and browsers
cannot perform 128-bit encryption for security. Instead, export
versions of browsers like Internet Explorer and Netscape Navigator and
export versions of web servers like Netscape Enterprise Server and
Microsoft Internet Information Server are limited to 40 bits of
encryption, which is not secure enough for most applications''
[Baltimore 1999b].
Cybernetica (Estonia)
Cybernetica advertises ``. . . full strength cryptographic security
with long keys and no backdoors'' and its Web pages for their products
prominently feature this selling point.
[GRAPHIC] [TIFF OMITTED] T9984.007
In their Frequently Asked Questions list on the Web, they go on to
celebrate the differences between their product and U.S. products:
Strong crypto? What algorithms are supported? And what key
lengths?
IDEA. Triple DES. Blowfish. RSA. Diffie-Hellman. The end user has
the opportunity of selecting the algorithms he trusts. And, if the user
so requires, support for further algorithms may be added. You can use
as long keys as the algorithms you have selected allow you to. There
are no ``political'' restrictions on key lengths to be used in the
Privador system.
What about back doors, key recovery etc?
There are no back doors built into the Privador system. We can--and
will--prove It if so required.
How come you don't care about export restrictions?
Because there are none. The Privador System is entirely developed
by Cybernetica, the first private-law R&D institution in Estonia. The
laws of the Republic of Estonia allow us to export strong cryptographic
technologies to almost any country in the world.
Utimaco Safeware AG (Germany)
On its web site, Utimaco states that [Utimaco 1999b] ``. . . As a
German manufacturer, Utimaco guarantees that no national key depositing
requirements (ESCROW) exist which could jeopardize the security of the
solution . . .''
[GRAPHIC] [TIFF OMITTED] T9984.008
Note Utimaco's home page, illustrated in Figure 3. It is user-
friendly for speakers of a number of languages. It makes the point that
Utimaco has representatives in a number of European countries. If the
user clicks on his or her country (either on the map or on the country
abbreviation in the vertical list), he or she is transported to a page
in their native language that further presents Utimaco and its products
and services. As an example, Figure 4 shows the homepage of Utimaco
Norway that the user is transported to when Norway is selected from the
map.
[GRAPHIC] [TIFF OMITTED] T9984.009
Data Fellows Corporation (Finland)
Data Fellows makes the readers of its web page aware of U.S. export
restrictions and states that its products are designed with ``much more
security'' than U.S. products:
``. . . The encryption technology used in the F-Secure
products has been developed in Europe and thus does not fall
under the US ITAR export regulations. F-Secure products can be
used in every country where encryption is legal, including the
United States of America . . .'' [Data Fellows 1999b]
``. . . F-Secure FileCrypto uses well-known fast block cipher
algorithms. You can choose either three-key 3DES or Blowfish.
Both algorithms have been analyzed by the world's leading
cryptographers. They are known to be strong and safe. These
algorithms provide security with a minimum of 168-bit keys.
They provide much more security than DES-based or U.S. products
that fall under U.S. ITAR export restrictions.'' [Data Fellow
1999c].
JCP Computer Services (United Kingdom)
JCP takes on U.S. products directly based on export controls [JCP
1999]:
``Many companies are using or considering using
implementations of these algorithms which originate in the US.
The US government prohibits export of strong cryptographic
tools, and, except under specific conditions, only permits the
export of weak implementations. These 'crippled' cryptographic
tools do not provide sufficient protection to allow Internet e-
commerce and communications to proceed securely. In an amateur
attack on a US export-strength cryptographic routine, the key
was broken in 56 hours. And such times will decrease markedly
as computer processing power continues to improve.
``JCP has developed full strength implementations outside of
the US using industry proven standard algorithms. JCP are the
leading company outside the US producing high performance
cryptographic tools in Java, which has become the Internet's
standard programming language. The product provides a set of
packages that implement specific cryptography algorithms for
use within any Internet application.''
SSH Communications Security (Finland)
SSH states on their web site [SSH 1999] that ``The software from
SSH is free from strict US export restrictions'' as one of ``six good
reasons why SSH IPSEC Express is the best choise (sic)''; it goes on
``IPSEC is supposed to be an international standard. However, because
of export restrictions in different countries. (sic) SSH is one of the
few to deliver full standards compliance and strong security virtually
anywhere in the world.''
RPK Security, Inc. (New Zealand, Switzerland, United
Kingdom)
RPK advertises on its web site of its flagship RPK Encryptonite
Engine [RPK 1999], ``Developed outside the U.S., the RPK Encryptonite
Engine is not subject to US government regulations. It is available
with strong encryption worldwide, with dramatically better performance
at significantly lower implementation cost compared with competing
technologies.'' Reading further on its web site, one finds that ``RPK's
cryptographic research and product development is based in New Zealand,
Switzerland and the U.K, with worldwide sales and marketing operations
in San Francisco, CA.''
6. standards and their influence
6.1 Pervasiveness of Standards
From the material above, one can see that companies vie to have
encryption products that meet certain accepted worldwide standards. If
the products do not, they often will not interoperate successfully with
other computer systems. This section highlights two important
international standards efforts. Note the contribution of encryption
expertise from all over the world to both.
6.1.1 IPsec
Today's widespread and pervasive use of the Internet has
accentuated the need for security for the underlying Internet Protocol
(IP). The IETF has developed the IP Security (IPsec) protocol as an
integral element of internet security. IPsec is a proposed standard
Internet protocol designed to provide cryptographic-based security,
including authentication, integrity, and (optional) confidentiality
services. While the use of IPsec is currently optional, its use will be
mandatory for the next version of the Internet Protocol, IPv6 [IPsec].
As a result of the dramatic impact IPsec will have on improving the
security of the Internet, there has been enormous interest in
developing implementations of IPsec. This interest has extended
throughout the entire world, due to the global nature of the Internet
and need for cryptographic-based security. Many freely available and
commercial implementations of IPsec are available or are under
development. Ted Ts'o of MIT, co-chair of the IETF IPsec Working Group,
maintains a list of companies implementing (or planning to implement)
IPsec. The list currently cites implementations from 49 companies
around the world. At least nine of the companies are from outside the
U.S. There is also one effort, the KAME Project, being conducted by a
combination of several Japanese companies (Fujitsu, Hitachi, IIJ
Research Laboratory, NEC, Toshiba, and Yokogawa) [KAME 1999].
Another important aspect of IPsec is that it supports encrypted
``tunnels'', whereby an IP packet is completely encrypted as it travels
from one point of a network to another. Encrypted tunnels are one of
the primary means for establishing Virtual Private Networks, or VPNs,
which emulate private networks over public, shared IP networks, such as
the Internet.
IPsec is designed to be independent of any specific cryptographic
algorithms; it can support several, but it will require one strong
algorithm, Triple DES; the relatively weak DES will be permitted but
not required. Specifications have also been developed for the use of
the IDEA, BLOWFISH, RC5, and CAST strong cryptographic algorithms with
long key lengths for IPsec [Stallings 1999].
6.1.2 Advanced Encryption Standard (AES)
In 1997, NIST solicited algorithms for the Advanced Encryption
Standard (AES), to replace the Data Encryption Standard (DES) [FIPS PUB
46-2] as a government encryption standard. Individuals and companies
from eleven different foreign countries proposed 10 out of the 15
candidate algorithms submitted to NIST [Smid 1998]:
------------------------------------------------------------------------
Candidate
Country Algorithm Submittor(s)
------------------------------------------------------------------------
Australia....................... LOKI97............ Lawrie Brown,
Josef Pieprzyk,
Jennifer Seberry
Belgium......................... RIJNDAEL.......... Joan Daemen,
Vincent Rijmen
Canada.......................... CAST-256.......... Entrust
Technologies,
Inc.
DEAL.............. Outerbridge,
Knudsen
Costa Rica...................... FROG.............. TecApro
Internacional
S.A.
France.......................... DFC............... Centre National
pour la Recherche
Scientifique
(CNRS)
German.......................... MAGENTA........... Deutsche Telekom
AG
Japan........................... E2................ Nippon Telegraph
and Telephone
Corporation (NTT)
Korea........................... CRYPTON........... Future Systems,
Inc.
USA............................. HPC............... Rich Schroeppel
MARS.............. IBM
RC6............... RSA Laboratories
SAFER+............ Cylink Corporation
TWOFISH........... Bruce Schneier,
John Kelsey, Doug
Whiting, David
Wagner, Chris
Hall, Niels
Ferguson
UK/lsrael/Norway................ SERPENT........... Ross Anderson, Eli
Biham, Lars
Knudsen
------------------------------------------------------------------------
``Of the five submissions likely to be chosen for the next round,
about half will be from outside the U.S. It is very possible that the
next U.S. government encryption standard will have been designed
outside the U.S.'' [Schneier 1999].
7. conclusions
Based on the research described above, we arrive at two
conclusions:
1. Foreign development of cryptographic products is not only
continuing but is expanding to additional countries.
2. Communications-related cryptography is experiencing high growth,
especially in electronic mail, VPN, and IPsec products.
7.1 Foreign Development of Cryptography Continues to Grow
There are now 805 cryptography products produced in 35 countries
outside the United States. In at least 67 countries, 512 foreign
manufacturers and distributors are involved. In just three weeks, with
limited resources, we identified 149 foreign cryptographic products new
to market since the December 1997 TIS survey.
It is difficult to gauge how many additional products would be
identified, given sufficient time and resources, but it is safe to
anticipate that we would identify many more products from the countries
within the database, and possibly several additional countries.
Development of cryptographic products in nations around the world
is increasing. Moreover, as additional nations seize opportunities in
e-commerce, nation-centric islands of competence develop, as do
ultimately international markets. Often these islands of competence are
developed by bright young entrepreneurs and computer scientists who
have trained elsewhere (often the United States) and then play key
roles in jump-starting their native countries' e-commerce. This fits
nicely in the theory of technoglobalization, as espoused by Robert
Reich, discussed more in Section 8.
7.2 Communications-Related Cryptography Leads Storage Cryptography
Within the 149 new products we discovered, communications-related
products, as opposed to data storage encryption, were predominant. It
appears that the efforts of the Internet Engineering Task Force (IETF)
to provide standardized protocols for the Internet has facilitated the
development of solutions and products to communications related
problems. We conjecture that this and the expansion of e-commerce have
resulted in a high growth of communications related cryptographic
products such as those for electronic mail, VPNs, and IPsec.
Ipsec's support of encrypted tunnels will greatly improve security
for private, enterprise-based networks. As the comfort level of users
(and organizations) grows, and as the potential and actual gains of
(consumer to business and business to business) e-commerce become
apparent, there will be increased worldwide need for communications-
related cryptography.
8. future research
To date there have been only a few efforts to attempt to quantify
the impact of regulatory measures on the international cryptographic
market [Olbeter 1998, BSA 1998, CDT 1997]. The TIS survey and this
effort to update the foreign products inventory of the database have
been one of the few ways to quantitatively assess the state of the
market over time. As noted in Section 7, we saw developments both in
countries already producing cryptographic products and expansion into
new countries that did not have cryptographic product development as of
December 1997. We saw a number of firms become multinational.
In the face of continuing U.S. export controls on encryption
products, technology, and services, some American companies have
financed the creation or growth of foreign cryptographic firms. We have
seen some U.S. companies (e.g., PGP, RSA, Sun) buy some foreign
expertise, leaving it in place (rather than bringing the talent back to
the United States). With this expertise offshore, the relatively
stringent U.S. export controls for cryptographic products can be
avoided, since products can be shipped from countries with less
stringent controls. All of these facts indicate that both nations and
companies see opportunities in this rapidly changing technological
market, and it could be argued that globalization plays a major role in
future growth for this market.
This is not a case of the technology slipping away from the United
States. The technological expertise is already available in many places
around the world. Indeed, we noted earlier that the majority of
submissions for the Advanced Encryption Standard (AES) have been
designed outside the United States. This may be simply an example of
the general thesis of economists David Mowery and Nathan Rosenberg
[Mowery 1989], who argue that, in general, foreign firms' technological
sophistication has caught up with that of the United States in many
cases. In those cases, they reason:
``Since foreign firms now are more technologically
sophisticated and technology is more internationally mobile,
however, the competitive advantages that accrued in the past
from basic research and a strong knowledge base have been
eroded. Faster international transfer of new technologies is
undercutting a major source of America's postwar superiority in
high-technology markets.'' (p. 218)
Our empirical product data could be combined with economic measures
and economic theories to better explain why we are seeing the observed
growth in encryption products and companies around the world, and to
examine the effects of Internet growth, e-commerce development, and
regulatory actions on the international cryptographic market over time.
Porter [1990], for example, tests his theses by using quantitative
measures from several nations, by industrial sector. His national
economic profiles include primary goods, machinery, and specialty
inputs and services data for each industrial sector. Given appropriate
quantitative measures, similar work could be done for the international
cryptography market.
As the global information-based economy continues to grow, and as
the nature of industrial research and development continues to shift
from nation-centric to international collaboration, we will continue to
witness more rapid technological development and global economic
growth. We should be able to put together previous economic work
[Duysters 1996] with material already available on the information
technology sector [Mowery 1996, Rosenberg [1992] and the data in this
study to better understand the changes we are seeing in the global
marketplace and thus be able to more easily adjust national laws for a
global economy.
9. references
[ABI/Inform]: ProQuest Direct, http://proquest.umi.com/pqdweb.
[Acey 1999]: Acey, Madeleine, TechWeb, CMPNet, in New York Times
Technology, http://www.nytimes.com/techweb/
TW__Key__Escrow__Bill__Slammed__By__Parliament__Inquiry.html, 5/19/99.
[Adams 1997]: C. Adams, The CAST-128 Encryption Algorithm, RFC
2144, May 1997.
[Andrews 1997]: Andrews, Edmund L., ``U.S. Restrictions of Exports
Aid German Software Maker,'' New York Times, April 3, 1997.
[Argentina 1999]: Description of PGP and links to download it, in
Firma Digital y Documento Electronico, http://www.sfp.gov.ar/
firma.html, downloaded May 27, 1999.
[Baker 1998]: Baker, S. and Hurst, P., The Limits of Trust.
Cryptography, Governments, and Electronic Commerce, Kluwer Law
International, 1998.
[Baltimore 1999a]: Baltimore Company Profile, http://
www.baltimore.ie/corporate/profile.html.
[Baltimore 1999b]: WebSecure, http://www.baltimore.ie/products/
websecure/index.html.
[Brokat 1998]: Brokat Offering Prospectus, http://www.brokat.com/
int/ir/facts/annual__report.html.
[Brokat 1999a]: Brokat Company, http://www.brokat.com/int/company/
index.html.
[Brokat 1999b]: Brokat Continues Success in Third Quarter, http://
www.brokat.com/int/press/1999/pr19990519-01.html.
[Brokat 1999c]: Consulting Via Internet With X Agent From Brokat,
http://www.brokat.com/int/press/1999/pr1 9990318-02.html.
[BSA 1998]: Business Software Alliance, The Cost of Government-
Driven Key Escrow Encryption, 1998, http://www.bsa.org/ceoforum/pdfs/
key__escrow.pdf
[CDT 1997]: Center for Democracy and Technology, The Risks of Key
Recovery, Key Escrow, and Trusted Third Party Encryption, a report by
an ad hoc Group of Cryptographers and Computer Scientists, Washington,
1997.
[Check Point 1999a]: Check Point Corporate Information and News,
http://www.checkpoint.com/corporate/index.html.
[Check Point 1999b]: Check Point Corporate Profile, http://
www.checkpoint.com/corporate/corporate.html.
[Check Point 1999c]: Check Point Software Technologies Ltd Reports
Financial
Results for First Quarter 1999, http://www.checkpoint.com/press/1999/
q1earnings041999.html.
[Commerce/NSA 1996]: A Study of The International Market for
Computer Software with Encryption, Prepared by the U.S. Department of
Commerce and the National Security Agency for the Interagency Working
Group on Encryption and Telecommunications Policy, January 11, 1996.
[CPI 1999]: Non-U.S. Cryptographic Product Survey Call-for-
Information, http://www.seas.gwu.edu/seas/institutes/cpi/cryptosurvey/
call4info.html
[CSI 1997]: Computer Security, Products Buyers Guide 1997, Computer
Security Institute, San Francisco, 1997.
[Cybernetica 1999a]: Cybernetica English Web Site, http://
www.cyber.ee/infosecurity/products/privador/intro.html.
[Cybernetica 1999b]: Cybernetica Estonian Web site, http://
www.cyber.ee/infoturve/tooted/privador/index.html.
[CRISIS 1996]: Cryptography's Role in Securing the Information
Society, Kenneth W. Dam and Herbert S. Lin, Editors; Committee to Study
National Cryptography Policy, National Research Council, 1996.
[Data Fellows 1999a]: Data Fellows Company Fact Sheet, http://
www.datafellows.fi/df-info/.
[Data Fellows 1999b]: F-Secure Cryptography Products, http://
www.datafellows. fi/f-secure/.
[Data Fellows 1999c]: F-Secure FileCrypto__On-the-fly encryption,
http://www.datafellows.fi/f-secure/filecrypto/on-the-fly.htm.
[FIPS PUB 46-2]: National Institute of Standards and Technology.
FIPS PUB 46-2: Data Encryption Standard. December 30, 1993.
[Dunlap 1999]: ``All Tied Up: U.S. Trade Rules Hobble VARs, ISVs
Alike Dealing With Encryption.'' by Charlotte Dunlap & Amy Rogers,
Computer Reseller News, February 8, 1999.
[Duysters 1996]: Duysters, Geert. The Dynamics of Technical
Innovation: The Evolution and Development of Information Technology.
Cheltenham, U.K.: Edward Elgar.
[EDS 1996]: EDS, ``When governments hamper encryption, they hamper
commerce'', advertisement, Washington Post, June 20, 1996.
[Entrust 1999]: Products: Entrust/SOLO, http://www.entrust.com/
solo/index.htm.
[Ernst 1999]: Ernst & Young, Retail and Consumer Products: Key
Technologies, http://www.ey.com/industry/consumer/retailit/key.asp,
April 22, 1999.
[FirstSearch]: FirstSearch, http://gilligan.prod.oclc.org:3055/
html/fs__areas.htm.
[Gale]: Gale Business Resources (integrated), http://
www.galenet.com/servlet/GBR.
[Gibson 1998]: Paul Gibson, ``The $237 billion conundrum'',
Electronic Business, Highlands Ranch, November 1998.
[GILC 1998]: Global Internet Liberty Campaign, ``Online
International Encryption Policy Survey, http://www.gilc.org/crypto/
crypto-survey.html.
[Greenspan 1997]: Greenspan, Alan, Remarks at the Conference on
Privacy in the Information Age, Salt Lake City, Utah, March 7, 1997,
http://www.federalreserve.gov/boarddocs/speeches/19970307.htm
[Grossman 1999]: Wendy Grossman, Connected--Analysis: Encryption
proves a slithery beast to control, Daily Telegraph (London), January
21, 1999.
[Hornstein 1999]: Testimony of Richard Hornstein before the
Telecommunications, Trade and Consumer Protection Subcommittee of the
Committee on Commerce, U.S. House of Representatives, Washington, DC,
May 18, 1999.
[ICSA Survey]: ICSA Certified Cryptography Products (``Buyer's
Guide''), list is at http://www.icSa.net/services/consortia/
cryptography/certified__products.shtml.
[IKE]: Harkins, D., and D. Carrel, D., The Internet Key Exchange
(IKE), RFC 2409, November 1998.
[IPSEC]: S. Kent and R. Atkinson, Security Architecture for the
Internet Protocol, RFC 2401, November 1998.
[IPSECIPM]: Ted T'so, IPSEC/ISAKMP Company List, Companies which
are Implementing (or Planning to Implement) IPSEC/ISAKMP, http://
web.mit.edu/tytso/www/ipsec/.
[IPSECWG]: IPsec WG Charter, http://www.ietf.org/html.charters/
ipsec-charter.html.
[JCP 1999]: JCP Computer Services, http://wwwjcp.co.uk/secProduct/
security__cdk__index.htm.
[KAME 1999]: KAME Project, http://www.kame.net/.
[Koops 1999a]: Koops, B-J, Crypto Law Survey, http://cwis.kub.nl/
~frw/people/koops/lawsurvy.htm.
[Koops 1999b]: Koops, B-J, The Crypto Controversy: A Key Conflict
in the Information Society, Kluwer Law International, The Hague, 1999.
[Lai 1990]: Lai, X., and Massey, J., A Proposal for a New Block
Encryption Standard, Proceedings EUROCRYPT '90, Springer Verlag, 1990.
[Lai 1991]: Lai, X., and Massey, J., Markov Ciphers and
Differential Cryptanalysis, Proceedings of EUROCRYPT '91, Springer-
Verlag, 1991.
[Lexis Nexis]: Lexis-Nexis, http:/www.lexis-nexis.com.
[Matsui 1996]: Mitsuru Matsui, New Block Encryption Algorithm
MISTY, Mitsubishi Electric Corp., 1996.
[MISTY]: MISTY__Mitsubishi Electronic's Encryption Algorithm,
http://www.mitsubishi.com/ghp__japan/misty/200misty.htm.
[Mowery 1989]: Mowery, David C. and Nathan Rosenberg. Technology
and the Pursuit of Economic Growth. Cambridge UK: Cambridge University
Press, 1989.
[Mowery 1996]: Mowery, David C. (ed.). The International Computer
Software Industry: A Comparative Study of Industry Evolution and
Structure. New York: Oxford University Press.
[Olbeter 1998]: Olbeter, Erik R. and Christopher Hamilton, Finding
the Key: Reconciling National and Economic Security Interests in
Cryptography Policy, Economic Strategy Institute, Washington, DC, March
1998.
[PECSENC 1998]: Report of the president's Export Council
Subcommittee on Encryption Working Group on International Affairs,
September 1998, http://209.122.145.150/PresidentsExportCouncil/PECSENC/
iwgfind.htm.
[Porter 1990]: Porter, Michael E., The Competitive Advantage of
Nations, New York: The Free Press, 1990.
[Randata 1999]: Media Release, ``Boost For Smart Aussie Company:
SNS The First To Be Granted U.S. Export License For High Security
Cryptography,'' Sept. 7, 1998. http://www.randata.com.au/infblx.htm.
[Reich 1990]: Robert B. Reich, ``Does Corporate Nationality
Matter?'', Issues in Science and Technology, Winter 1990-91, pp. 40-44.
[Reinsch 1999]: Reinsch, William A., Testimony before the House
Committee on Commerce, Subcommittee on Telecommunications, Trade and
Consumer Protection, May 25, 1999.
[Rivest 1978]: R. Rivest, A. Shamir, and L. Adleman, ``A Method for
Obtaining Digital Signatures and Public-Key Cryptosystems'',
Communications of the ACM, February 1978, Volume 21, Number 2, pp. 120-
126.
[Rivest 1996]: [Rivest 1996] R. Rivest and R. Baldwin, The RC5,
RC5-CBC, RC5-CBC-Pad, and RC5-CTS Algorithms, RFC 2040, October 1996.
[Rosenberg 1992]: Rosenberg, Nathan, Ralph Landau, and David C.
Mowery (eds). Technology and the Wealth of Nations. Stanford, Calif.:
Stanford University Press.
[RPK 1999]: RPK Security, http:/www.rpk.com/.
[RSA 1999]: ``RSA Provides Security Solutions to Worldwide Markets
Through New Operation in Australia'', January 6, 1999 press release,
http://www.aus.rsa.com/pressbox/990106-1.html.
[Schneier 1993]: Schneier, B., Description of a New Variable-Length
Key, 64-bit Block Cipher (Blowfish), Proceedings of Workshop on Fast
Software Encryption, Springer Verlag, 1993.
[Schneier 1994]: Schneier, B., The Blowfish Encryption Algorithm,
Dr. Dobb's Journal, April 1994.
[Schneier 1995]: Schneier, B., Applied Cryptography: Protocols,
Algorithms, and Source Code in C, 2nd ed., Wiley, 1995.
[Schneier 1999]: Bruce Schneier, The Internationalization of
Cryptography, CRYPTOGRAM Newsletter, May 15, 1999, http://
www.counterpane.com/crypto-gram-9905.html.
[Smid 1998]: Smid, M., and M. Dworkin, Special Report on the First
AES Conference, presented at Crypto '98 Conference, August 1998, http:/
/csrc.nist.gov/encryption/aes/round1/crypto98.pdf.
[Sophos 1999]: Sophos Company Info, http://www.sophos.com/
companyinfo/profile/.
[SSH 1999]: 6 Good Reasons Why SSH IPSEC Express is the Best
Choice, http:
//www.ipsec.com/6reasons.html.
[Stallings 1999]: William Stallings, Cryptography and Network
Security. Pinciples and Practice, Second Edition, Prentice Hall, 1999.
[Thayer 1997]: Rodney Thayer, ``Bulletproof IP'' in Data
Communications, November 21, 1997, http://data.com/tutorials/
bullet.html.
[TIS 1997]: Worldwide Survey of Cryptographic Products, http://
www.nai.com/products/security/tis__research/crypto/crypt__surv.asp,
December 1997.
[United Nations 1986]: U.N. International Trade Statistics
Yearbook, 1986. New York: United Nations.
[U.S. DoC 1996]: U.S. Department of Commerce Press Release,
``Department of Commerce Releases Study on the International Market for
Encryption Software'', January 11, 1996.
[Utimaco 1999a]: Utimaco Safeware AG Facts and Figures, http://
www.utimaco.de/english/index1.htm.
[Utimaco 1999b] SafeGuard VPN Product Description, http://
www.utimaco.com/english/products/sgvpn__e.htm.
[Walker 1993] Testimony of Stephen Walker before the U.S. House of
Representatives Foreign Affairs Subcommittee on Economic Policy, Trade
and Environment, October 12, 1993.
[Walker 1994] Testimony of Stephen Walker before the U.S. Senate
Judiciary Subcommittee on Technology and the Law, Hearing on the
Administration's ``Clipper Chip'' Key Escrow Encryption Program, May
13, 1994.
__________
Appendices
a. call for information
Please forward this message to others who are interested on the
topic. A WWW-version of this message can be found at http://
www.seas.gwu Xedu/seas/institutes/cpi/cryptosurveylcall4info.html
Non-U.S. Cryptographic Product Survey Call for Information
The George Washington University and NAI Labs, The Security
Research Division of Network Associates (formerly the research division
of Trusted Information Systems) are conducting a survey to identify
cryptographic products manufactured outside the United States and are
examining product specifications to assess their functionality and
security.
We are soliciting input from those with knowledge of cryptographic
products through the use of this survey form. If you know of
cryptographic products that are manufactured in countries other than
the United States, please complete this form and submit it to the
Cyberspace Policy Institute (CPI) NO LATER THAN TUESDAY MAY 18, 1999.
You may submit this form via email to cpiWseas.gwu.edu or fax at (202)
994-5505 in Washington D.C.
In addition, we ask you to send or post this survey to anyone or
place that would have knowledge of cryptographic products. Inquiries
about this survey may be made to the Cyberspace Policy Institute at
cpi@seas.gwu.edu or (202) 994-5512. This survey may also be found on
the CPI Web site at http://www.seas.gwu.edu/seas/institutes/cpi.
Your cooperation is greatly appreciated.
Professor Lance J. Hoffman, The George Washington University David
Balenson, NAI Labs, The Security Research Division of Network
Associates
NON-U.S. CRYPTOGRAPHIC PRODUCT SURVEY
DATE:
COMPLETED BY:
Your Name:
Phone:
E-mail:
NAME AND ADDRESS OF MANUFACTURER
Name:
Address:
City:
State:
Zip Code:
Country:
URL:
MANUFACTURER CONTACT INFORMATION
Name:
Phone:
E-mail:
Title:
FAX:
800#:
PRODUCT DESCRIPTION
Name (including model and version information):
Product-specific URL:
Is it software-only, hardware-only, or a software/hardware
combination?
What does it encrypt (e.g., disk, file, communications, FAX, voice,
magnetic tape, electronic mail)?
If embedded software or hardware, what platforms does it support
(e.g., PC, Mac, UNIX workstation, IBM mainframe), else if standalone
hardware, what interfaces does it support (RS-232, telephone, V.24,
V.35)?
If software, is it in the form of a kit or as an end-user program,
else if hardware, what is the embodiment (e.g., chip, board, PCMCIA
card, smart card, box, phone)?
What algorithms does it employ for data encryption (including
proprietary algorithms and key length)?
If applicable, what algorithms does it employ for key management
(including proprietary algorithms and key length)?
If applicable, what algorithms does it employ for data
authentication (including proprietary algorithms)?
How is the product sold or distributed (e.g., store front, mail
order, telephone order, World Wide Web, anonymous ftp over the
Internet)?
If applicable, what is the quantity one purchase price?
(Optional) Approximate number of units sold or distributed?
(Optional) Approximate date product was first available?
Please provide a list of the names and relationships of any
associated companies (e.g., parent company, sister company,
distributors). Include full address and contact name, title, phone,
FAX, and e-mail address.Other information:
Please Provide a Copy of Any Relevant Product Literature.
Send completed forms and product literature via e-mail to
cpi@seas.gwu.edu or via fax to the Cyberspace Policy Institute at 202-
994-5505 in Washington D.C.
Thank You!
This survey is part of an ongoing worldwide study of cryptographic
products started in April 1994 by Trusted Information Systems and Dr.
Lance J. Hoffman of the George Washington University. The December 1997
summary results of the survey are available on the World Wide Web at
http://www.nai.com/products/security/tis__research/
cryptolCrypt__surv.asp.
B. SUMMARY LISTING OF FOREIGN CRYPTOGRAPHIC PRODUCTS
The following table is a summary listing of the foreign products
currently contained in the cryptographic product database. We cannot
guarantee the accuracy and completeness of this information. In many
cases, products may support additional platforms or interfaces, encrypt
additional types of information, include additional embodiments, or
support additional encryption algorithms. Additional information will
be available on the NAI Labs Crypto Products Survey Web page at http://
www.nai.com/products/security/tis__research/crypto/crypt__surv.asp.
[GRAPHIC] [TIFF OMITTED] T9984.010
[GRAPHIC] [TIFF OMITTED] T9984.011
[GRAPHIC] [TIFF OMITTED] T9984.012
[GRAPHIC] [TIFF OMITTED] T9984.013
[GRAPHIC] [TIFF OMITTED] T9984.014
[GRAPHIC] [TIFF OMITTED] T9984.015
[GRAPHIC] [TIFF OMITTED] T9984.016
[GRAPHIC] [TIFF OMITTED] T9984.017
[GRAPHIC] [TIFF OMITTED] T9984.018
[GRAPHIC] [TIFF OMITTED] T9984.019
[GRAPHIC] [TIFF OMITTED] T9984.020
C. FOREIGN ENCRYPTION MANUFACTURERS AND DISTRIBUTORS BY COUNTRY
The following table is a summary listing of the foreign companies
that manufacture or distribute cryptographic products.
[GRAPHIC] [TIFF OMITTED] T9984.021
[GRAPHIC] [TIFF OMITTED] T9984.022
[GRAPHIC] [TIFF OMITTED] T9984.023
[GRAPHIC] [TIFF OMITTED] T9984.024
[GRAPHIC] [TIFF OMITTED] T9984.025
[GRAPHIC] [TIFF OMITTED] T9984.026
[GRAPHIC] [TIFF OMITTED] T9984.027
D. REPORT OF THE PRESIDENT'S EXPORT COUNCIL SUBCOMMITTEE ON ENCRYPTION,
WORKING GROUP ON INTERNATIONAL ISSUES
The following findings have been adopted by the PECSENC as a
reflection of conditions of international competition prior to the U.S.
Government's liberalization of encryption export controls announced on
September 16, 1998. The liberalization may affect many of these
findings, and the findings will be used as a baseline for a review of
the effects of the liberalization in future sessions of the PECSENC.
1. The difference between U.S. encryption controls and those of
other nations is a serious--but not the only--factor determining
success in the computer security market. With or without controls, both
U.S. and foreign products are likely to continue to coexist, and other
factors are likely to continue to slow deployment of security products.
Many foreign companies, for example, especially those influenced by
governments, will continue to favor domestic security solutions, and
many computer users will not deploy serious security technology until
there have been major incidents with losses that can be attributed to
lack of encryption.
2. Nonetheless, the adverse impact of controls on U.S. industry is
palpable. For many software applications, business customers simply
demand security and encryption; it is a checklist item, and its absence
is a deal breaker. While simply counting the number of foreign
encryption software products in the market is not an accurate measure
of the impact of controls, one particularly serious risk is that non-
U.S. companies will use their ability to export stronger encryption as
``leverage'' to dominate particular applications.
This has happened in at least one field--Internet banking--and may
occur in other areas of electronic commerce. Brokat, a German company
that scarcely existed four years ago, now has 250 employees and offices
in several countries including the United States. Brokat's specialty is
Internet banking and electronic commerce, but it broke into that
business on the strength of being able to offer stronger encryption
than German banks could obtain in Netscape or Microsoft browsers. It is
now a major player in this niche, with 50% of the European Internet
banking market and enough U.S. customers to justify a 20-person U.S.
branch office. Meanwhile, encryption constitutes 10% or less of
Brokat's revenue, and it has expanded its initial Internet banking
offerings to include support for other forms of electronic commerce.
Loss of U.S. competitiveness in the electronic commerce software market
obviously raises concerns not just about encryption software but other
software opportunities. Indeed, it foreshadows a weakening of the U.S.
position as a leader in electronic commerce generally.
3. The persistent emphasis in U.S. export control policy over the
past two years on key recovery, or ``lawful access,'' has also taken a
toll on the credibility of U.S. security products. Key recovery
continues to find a market. Business wants to ensure that data are
available for corporate purposes, including litigation. Key recovery is
seen as an important feature for stored business data (though not for
communicated data in transit).
But the use of export controls to drive the key recovery market
further than it would go by itself is hurting U.S. industry. Foreign
governments and competitors, particularly in Europe, have
misinterpreted this U.S. policy, perhaps deliberately. In essence,
foreign customers are told often by their governments as well as local
security companies that all U.S. encryption products come with a back
door allowing the U.S. government to read the contents. In part this is
the result of outmoded ``Recovery'' supplements to U.S. export rules
that demand an unrealistic level of U.S. government access to key
recovery products. In part it reflects the hostility of many foreign
governments toward U.S. key recovery and access policies. It also
reflects the fact that some countries will simply never rely on
security products that are not home-grown, and misunderstanding U.S.
key recovery policies may simply be a handy stick to beat U.S. products
with. But it is unfortunate that the U.S. government has provided such
a large and easily wielded stick.
4. U.S. controls are driving many U.S. companies into ``cooperative
arrangements'' with foreign encryption suppliers. These cooperative
arrangements allow U.S. companies to provide complete security
solutions by encouraging their foreign partners to marry foreign-made
crypto with U.S. commercial applications. These cooperative
arrangements are highly risky under U.S. Iaw, but they are not unlawful
per se. Given the stakes, many companies have been prepared to take
risks under U.S. law, and it is expected that more will do the same.
The result is that U.S. policy has fostered the development of
cryptographic software and hardware skills outside the United States.
German, Swiss, Canadian, Russian, and Israeli cryptography companies
have all benefited from this unintended consequence of U.S. encryption
policy.
5. The U.S. government has made efforts to ``level the field'' of
disparate export controls for encryption through negotiations under the
Wassenaar Agreement. The U.S. proposal that 56-bit encryption become a
new ``floor'' for encryption exports under Wassenaar, while certainly
better than current policy, is likely to be implemented at least a year
and perhaps several years too late. In response to the U.S. KMI
initiative, which conditionally decontrolled 56-bit encryption in
December 1996, other countries also decontrolled 56-bit DES but more or
less unconditionally. The countries include Canada and apparently the
United Kingdom. And by 1996, other countries, such as Germany, already
were approving the export of 56-bit DES to virtually any country for
virtually any purpose. Most recently, the exhaustion of a 56-bit DES
key using a machine built for a quarter million dollars has entirely
discredited DES as a serious security tool for valuable secrets. Single
DES remains a useful tool for assuring privacy against a wide variety
of potential adversaries and snoops, but decontrolling 56-bit
encryption will not provide a significant boost to the competitiveness
of U.S. technology for serious security applications.
6. Process and timing: In 1995, the State Department approved
routine license applications for the export of encryption in less than
a week on average. This was when the State Department had jurisdiction
over encryption and NSA staffed the State Department's office and
handled all encryption license applications.
This is no longer the case. The Commerce Department has staffed up
heavily in the encryption field, but its processes now include parallel
reviews by the FBI and NSA under a 30-day deadline that can be extended
further with a simple ``no'' vote by either agency. For whatever
reason, these agencies are now taking the full 30 days--and often 90
days. Against a backdrop of continued export liberalization over the
past four years, this degradation in export control performance strikes
a jarring note.
The Commerce Department's performance in this area is not
necessarily out of line with the performance of other countries. The
German government often takes two to three months to approve a license
for a new product and six weeks to approve a license for routine
shipments. The difference is that German companies know with certainty
that a license will be issued at the end of the process; and the German
government imposes no key recovery requirement on exporters. Therefore,
they can make commitments to deliver products that require a license
even before they get the license. In the United States, both the FBI
and NSA have at times cast votes intended to roll back existing
policies, and they have at a minimum managed to stall licenses that
seemed to fit existing policy. A key recovery policy, for example, has
been applied sporadically to U.S. multinationals and with some
inconsistency to other exports. For this reason, it is not prudent for
exporters to assume that a license will be issued or to make
commitments on the assumption that the license will be issued--even
when existing policy makes it seem likely that a license will
eventually be granted. Because an RFP by a foreign company may provide
only 30 days for responsive proposals, and the proposals often must
include an assurance that an export license will be obtained, some U.S.
companies lose bidding opportunities simply because the U.S. government
does not process licenses quickly enough.
In other respects, of course, Commerce Department practice is a
large improvement over State's performance. This is particularly true
for controversial licenses, on which Commerce typically forces a
decision over a course of months. In contrast, State Department
licenses could be held up for months without any explanation and there
were no deadlines for resolving interagency disputes. Nonetheless, it
seems clear that the Commerce Department and the other participants in
the encryption licensing process should adopt additional procedures to
speed the granting of relatively non-controversial licenses.
Senator Frist. Thank you very much, Mr. Hoffman.
Let me begin with Mr. Bidzos. You mentioned that the
Administration probably underestimates--you did not say
``probably''--underestimates companies overseas, and you
mentioned the 3-year delay. Could you comment on both of those?
Mr. Bidzos. Yes, Mr. Chairman, I would be happy to. When I
testified almost 10 years ago I was predicting that we would do
economic harm to ourselves if we continued to control
encryption, and that turned out to be true. It took 9 years for
us to really see it. In fact, we warned at the time that by the
time we could point to the damage--because the Administration
was saying, ``Show us where the harm is, show us how you are
being hurt,'' and my response was: ``By the time I can show you
lost market share, it is probably too late for you to help me
get it back at that point.''
So let me now again, 9 years later, look out 3 years and
see what might happen. First of all, I think the Administration
underestimates the extent to which foreign competitors wish to
emulate us. Look at the role that information technology plays
in the growth of the U.S. economy. It is absolutely the driving
force. It is the engine that is driving unprecedented economic
growth, unprecedented in history. The amount of jobs created,
the amount of revenue generated, the amount of innovation, the
absolute dollars involved are absolutely unprecedented.
Our foreign competitors are quite aware of this. They are
starting to tap public markets for funds to grow. They are
starting to target opportunities created by U.S. export policy.
Two quick examples of how they are doing that and what the
stakes involved are.
First of all, they are actually starting to identify larger
products of which encryption is a critical feature and they are
starting to build products of those types. They are seeing an
opportunity not only to get the encryption revenue, but to get
2, 3, 10, or 20 times the encryption revenues by making a
complete product sale.
They also, of course, just by virtue of coming into
business as an encryption company because of the opportunity
created by U.S. export law, exist and therefore they are able
to take advantage of opportunities that they see. If not for
export law, they would not even exist.
There is a company in Germany called Brokat which now
employs over a thousand people, has raised money in the public
market with a very successful public offering, would not exist
if it were not for the opportunities created by U.S. crypto.
To go directly to your question, the 3-year timeframe
before we can export encryption as strong as the AES, well,
first of all, everybody knows that 3 years today is like 15
years was 10 years ago. We live in the Internet age and things
happen very, very quickly. Three years is a lifetime. Those
companies will exploit opportunities in ways that I mentioned
and in other ways that we cannot imagine.
But the real price that we will pay is this. They
essentially--it is not a national information infrastructure we
are talking about, as the Vice President used to call it. It is
a global information infrastructure, there is no question
whatsoever. If you look in today's papers, you will conclude
very quickly that around the clock global trading of securities
is just around the corner. That is not going to happen without
a secure information infrastructure and that information
infrastructure will be secured, it will be global. The only
question is who is going to build it.
The way things sit today, U.S. companies will not build it.
U.S. companies will not play the role in building it that they
might play.
So these infrastructures that get built are I think
critically important in ways we cannot appreciate right now.
The company that gets in and builds the infrastructure will
have the inside track in selling products and services for 2,
5, 10, and maybe even 20 years down the road because of that
early position they stake out for themselves as the
infrastructure provider. They set the standards, they have the
relationship, etcetera, etcetera.
So this 3 years I am afraid is going to cost us
tremendously.
Senator Frist. In S. 798 we streamline the procedure for
receiving an export license by putting a maximum number of days
in each step, and you argue that is not enough. Are you arguing
for an alternative or are you saying that there should not be
these export control policies?
Mr. Bidzos. Well, maybe I can answer that question by
referring to something that Secretary Reinsch said. Secretary
Reinsch compared encryption in one respect to supercomputers,
machine tools, biotech, and said that if foreign availability
were the sole criteria we would have no export controls on all
of those other products. I would submit that encryption does
not belong in that category.
If you want to build a supercomputer, if you want to build
one and build a lot of them in particular, you need to have
incredibly sophisticated technology to manufacture these
computers. It is incredibly expensive. You need people with
tremendous specialized skills. Just building the systems that
can cool the operating supercomputer is incredibly
sophisticated. The same is true of manufacturing machine tools.
The same thing is true of biotech. You need sophisticated
technology just to build the laboratories, the tools, the
instruments.
For encryption all you need is a high school textbook and a
personal computer. I guess you need Internet access, too, so
that brings it down to about 100 million people who are
probably capable of doing it. All you need to get into business
and duplicate and sell that software is a web site. That may
bring it down to 80 million, but it does not get much smaller
than that.
You have got companies in South Africa, in Estonia and
other places who advertise the fact that they can simply ship
you strong encryption that is not subject to U.S. export
controls. So we are really in a different situation, where the
technology is available and we are not competitive.
Senator Frist. Thank you.
Professor Hoffman, you have been studying the growth of
foreign encryption products for a long time and I appreciate
your work very much and your written testimony as well. Do you
believe that U.S. export controls have been effective in
controlling the development of encryption overseas?
Dr. Hoffman. Well, I think you can see from the results of
our survey they have been, I would say, marginally effective.
They have had some effect, but I think overall the market has
had more effect than the U.S. legislation.
Senator Frist. Mr. Aucsmith, do you have comments on
anything that has been said?
Mr. Aucsmith. I would make one slight addition to Jim's
statement about our 3-year window. That has two parts to it.
One thing is that the international Internet as we now know it
exists because there are international standards. That is what
allows everything to work together. It is the glue that holds
things together. At this time there are two particular
standards being defined worldwide that deal with the security.
IPsec, the Internet Protocol Security Standard, the very
thing that will secure point to point connections on the
Internet, is being finalized, and already there are many, many
countries producing technology that will go into that. If my
company and others in the United States cannot participate for
3 years, we will be locked out forever. It is that simple.
The second is, and this is particular to hardware, while we
might think we move at an Internet speed, our development
cycles mean that there is a long lead time on the piece of
hardware, but in the microprocessor area I am working on a
microprocessor design that you will not see until the year
2003. I have to make a billion dollar bet today on whether or
not I can export that in 2003. It is very, very hard without
some assurance of what the world will look like in terms of
legislation at that particular time.
So we will be held out. Every day that this is delayed is a
day that we miss products a long time from now.
Senator Frist. Mr. Aucsmith, could you comment on who
should be the trusted parties for recoverable, key recoverable
products?
Mr. Aucsmith. Actually, as I stated before, I am not in
favor of key recoverable products, for two primary reasons. One
is I think that they fundamentally will not work well, for
communications products I do not think that there is any market
for that. There is no market need. One could be created
artificially by government regulation, but there is no market
need.
For stored data, I think the majority of data--in order to
be of any use, information has to be shared. It is a rare
commodity in information that is valuable and not shared,
meaning that if the proverbial person is hit by a bus it is
unlikely that he or she is the only one that has access to that
information. In fact, in most corporations mission-critical
information is stored on databases and is kept in separate
mechanisms that have separate access control. I submit that
corporations have been dealing with this for quite some time
already.
So I would say that in general there should not be trusted
third parties, at least not for the key recovery or access
control point of view.
Senator Frist. Mr. Bidzos, could you tell me a bit more,
the committee a bit more, about the Internet standards in
setting security requirements? Is the 128-bit encryption now
the norm?
Mr. Bidzos. Yes, it is, Mr. Chairman. There is absolutely
no question about that. In fact, both in and outside the United
States that is the case. Now, I know some of the other
witnesses said that it is not used quite as widely as you might
be led to believe. I think certainly in the past we have been
guilty, as people in industry, of trying to look out into the
future and saying, well, this is what is going to happen to us
if these export control policies do not change and, sure, maybe
we have tended to sort of look at the worst case scenario or
closer to that maybe than the middle. But I think the
Administration is guilty of some of the same.
Let me give you a couple of specific examples. If you want
to bank online with Wells Fargo in California or if you want to
access your mutual fund account at Fidelity or any other of
scores of financial services institutions, if you want to buy
or sell stock online with E-trade, your browser must have 128-
bit encryption or you cannot do it. Their servers are
configured such that nothing but a browser enabled at 128 bits
will work at all.
So even in cases where some people are using the
``exportable'' lower key lengths in some of these browsers, the
primary reason they are doing it is because they are not aware
that they are doing it and they have not upgraded. But as soon
as they try to use one of these services, they find out that
they need to upgrade. This is in the United States. Only under
certain conditions can those be sold outside the United States.
So the standards that David alluded to are being developed.
They are global standards. The participants in the standards-
making process are from all over the world. And David is
absolutely right that companies outside the United States are
rapidly moving to build products that comply with those
standards and, as we heard from the earlier panel, those
foreign competitors of ours will be able to sell worldwide,
including in the United States, and we will not. And that is a
competitive disadvantage that we will find it very difficult to
live with and that we will probably never recover from if we
have to wait 3 years.
Senator Frist. With key length clearly being a moving
target even in one hearing, but also as we project ahead, and
you are developing products for 3 years from now, and we know
that technology is going to progress much faster and that is
sort of the theme of this morning, we have advocates for the
128-bit encryption products rather than 64-bit products. How do
you propose that we deal with these technological changes
legislatively so that we do not have obsolete legislation
within 6 months of the time we pass it, recognizing the changes
that are under way?
Anybody on the panel? Mr. Aucsmith.
Mr. Aucsmith. There is a fallacy in trying to regulate
technological advancement in general. If you tie it to specific
technologies--and in this case, tieing it to specific bit
lengths I think it is tieing it to specific technologies. We
cannot anticipate necessarily what the market will want 3 years
from now in terms of bit length. I would submit that the best
way to deal with this in a legislative point of view is to deal
with the effects of the technology rather than the technology
itself, because I think there is a treadmill that you could get
on, having to revisit this very issue every 3 years, which I do
not think would be productive for anyone involved. I think if
you have it welded to some specific value or some specific
technology or specific implementation, you are rife with that.
Dr. Hoffman. Mr. Chairman, I agree with the previous
witness. It is ill-advised to legislate using bit length only
or even some other technological mechanisms. What we have seen
in the last several years on this is people focusing on
specific things like bit length and avoiding the inevitable,
which is what is going to happen when we do have, if you will,
ubiquitous, strong, secure encryption. What kind of world is it
going to be, how are we going to operate?
We have seen a lot of government resources devoted towards
this battle, rather than towards looking at the future and
trying to shape it in a more reasonable way.
Senator Frist. Could you, any of the panelists, comment on
what efforts are being made by industry to address the law
enforcement agencies' security concerns and develop viable
schemes? What is being done? Where are we today? Mr. Aucsmith?
Mr. Aucsmith. Obviously, the majority of industry is
extremely sensitive to the realities of both law enforcement
and national security issues. I would submit that I am
personally scared of what the future could hold. I think we all
should be along those lines.
What we are doing to try to prevent a disaster, if you
will, is if you believe that there is an inevitability of this
technology being available and its widespread use is inevitable
and I think that is about the main point that we tend to
disagree with the Government on, is the speed and
inevitability, if you will, of that happening the only way to
deal with this issue is for a very close cooperation between
the industry that is creating the change and innovating the
change and the law enforcement and intelligence communities
that need to be able to on occasion use that change to their
advantage.
I think things like the national technical center for FBI's
competency, I think that is exactly the correct step in the
right direction. I think closer cooperation between industry
and the Government in terms of assessing vulnerabilities and
assessing strengths and weaknesses of various technologies I
think is also part of that.
If you will, no commercial product will ever be 100 percent
secure because it is not really economically feasible for us to
squeeze that last couple of percent out of it. So there will
always be vulnerabilities in almost anything that is put out
there. Currently those vulnerabilities are exploited by what we
would call hackers, if you will, to coin from recent movies,
the dark side. What we should be able to do as a government and
as responsible industry is, if you will, make the Government
the better hackers. It is relatively that simple.
Senator Frist. Comments, Mr. Bidzos?
Mr. Bidzos. Yes, Mr. Chairman. Thank you. Well, I guess
part of the problem is I think that industry has sort of been
busy actively rebuffing a lot of proposals from government over
the last dozen years. For example, in 1993 the so-called
``Clipper Chip,'' the first government solution to government
access--take my product, embed it in all the products that you
build, and that will give me the access--was rebuffed. It just
was not something anybody wanted to use.
Later came key recovery and I think government again failed
to realize how industry would view key recovery. One simple
analogy I can offer you from some of my experience in talking
to people in the end user community in large end user
organizations, financial companies. One of them described it
very well to me, why they objected to some sort of government
access to keys.
They said: ``Well, darn it, the Government just does not
understand how things work out here.'' They said: ``Look, if we
are involved in some sort of litigation or some other form of
legal dispute, perhaps even being sued by the Government, some
sort of antitrust action for example, in all these cases the
way the drill works is as follows: A subpoena is delivered, our
lawyers review it, and we produce the documents that comply
with the request.''
We do not give them a key and say: ``Look, the documents
are stored in that building; here is the key; find what you
need and take it, and we will see you later.'' Essentially,
that is how they viewed the proposal for government access to
encryption keys, and I think that analogy actually holds up
very well.
So you can understand why people resisted it. People do not
give some third party a copy of all of the physical keys to
their facilities. They have some small organization, a security
organization, inside their own company that manages that.
So again, some close cooperation I think would go a long
way towards easing, bridging the gap. However, if, as is
currently happening, all of the people developing this
technology happen to be located in Israel, Singapore, Japan,
Ireland, and Germany, it is going to be pretty tough for the
U.S. Government to interact with them and learn and understand
and develop products that meet the needs of worldwide industry
and certainly U.S. industry.
I think that helps. To me that sort of indicates one of the
problems with the current policy. It is gambling heavily.
I do not have a security clearance and I do not know what
it was that Director McNamara might have been referring to when
she said she would offer some testimony about the threats of
ubiquitous encryption, she would offer that in a closed
session. But after this many years in the business and spending
a lot of time with people who are in that part of it--in fact,
I have often awaken at night having dreamed that I was served
with a clearance for some of the things I have probably heard I
should not have--I think it is fair to say that more than
likely it comes down to ubiquitous encryption increasing the
cost and complexity of intelligence gathering.
What we have to weigh against that additional cost is the
cost to industry in the future. I think for the first time
certainly since I have been in this business for 14 years, we
are starting to actually be able to see and identify and
quantify some of the costs to us of maintaining the current
policies.
So hopefully we can strike that better balance. I think the
PROTECT Act with some additional amendments would strike a far
better balance than we have now.
Senator Frist. Thank you.
Clearly, today's discussion centers on the security of our
Nation, the wellbeing of our Nation, and it is clear that we
cannot bind the hands of our American businesses in this new
economy that we have all seen really flourish over the last 10,
15, 20 years, and especially over the last 3 to 4 years. We
need to make sure that we can compete nationally,
internationally. Otherwise we will surrender our global
leadership position.
As Federal lawmakers and policymakers, we need to be
proactive and we need to be educated, and thus I thank all of
our panelists today for participating in that process in this
complex policy debate.
A number of my colleagues, the chairman and Senator Burns
and Kerry and Abraham and Wyden and a number of others, have
worked very hard, and I thank them for their dedication to an
issue that is incredibly important to business, to security,
and to the national interest.
I want to thank this final panel today, as well as the
panels earlier. We will continue to work with you on this very
complex but very important policy debate.
With that, we stand adjourned.
[Whereupon, at 11:45 a.m., the committee was adjourned.]
�