|
|
|
|
Science Technology and the Economic Future edited by Susan Raymond
Kenneth W. Dam
Max Pam Professor of American and Foreign Law
University of Chicago Law School
Based on remarks delivered at the New York Academy of Sciences, March 6, 1997
As Americans we often pride ourselves on living in a free society. But we are now learning that our free and open society is a vulnerable society. Telecommunications and computer networks have increased vulnerability of both individuals and businesses, a vulnerability to which we voluntarily subject our selves the moment we turn on the modem attached to our personal computers.
Individual and Corporate Vulnerability
As individuals, privacy is no longer an esoteric concern of intellectuals and civil libertarians. Health records, financial records, commercial transactions, telephone conversations all are exposed to access, use, and abuse.
For businesses, electronic communications, confidential documents, business plans, and bids on contracts, are all subject to access through telecommunications. But it is not just private commerce that faces risk. National systems of air traffic control, energy, and transport are also vulnerable. John Deutsch, former director of the Central Intelligence Agency, once remarked that the electron is the ultimate precision-guided weapon. It can reach cleanly into any system, cutting through defenses, and accessing deep internal operations .
A central, necessary, but not sufficient defense against system vulnerability in an electronic age is cryptography, systems for scrambling data and messages. Cryptography operates at two levels. Confidentiality applications protect messages so that parties can not read a message even if they intercept it. Authentication bars third parties from even accessing a system unless they can authenticate themselves as intended users of the system. So cryptography is an essential part of the solution, but therein also rests a critical problem, because some government agencies believe that cryptography itself is the problem.
The Department of Justice and the Federal Bureau of Investigation (FBI) see cryptography as protecting crime syndicates and terrorists. If such groups use encryption, and if the authorities cannot read intercepted or wiretapped messages, or at least cannot read them in real time, it is feared that protecting the public or the national interest will be difficult. This tension between privacy, security, and law enforcement underpins much of the policy debate.
The Voyage of the Clipper Chip
It was against this background that the U.S. government made its ill-fated Clipper Chip proposal. To over-simplify a bit, the government proposed that every citizen's telephone, fax machine, and computer—business and personal—that was hooked up to a modem be equipped with an encryption chip. On the positive side, this would protect all such systems from hackers and crooks. The keys to the encryption would be deposited with government agencies so that the FBI and local law enforcement officers, under a properly entered court order allowing a wiretap, could listen in to personal and business communications. This concept, is known as "key escrow"; the keys to the encryption are held secret until and unless a court order allows their use.
An explosion of protest ensued. Not only did some consider the court-order process inadequate, there was concern that the very existence of the keys would allow access to private communications without court orders. The debate tapped a deep distrust of government as well as concerns over privacy. Although the original proposal was modified many times, controversy remains. On October 1, 1996, the government's present approach was announced. This approach would make any domestic "keys" system absolutely voluntary. Encryption would be based on software, not on hardware chips, even though it is clear that software is more vulnerable to tampering than hardware. Moreover, key-holding responsibility would be split among more than two private holders known as "escrow agents" or "trusted third parties." The FBI or other law enforcement authorities could still obtain the keys with proper court orders. Additionally, a qualified corporation could hold its own keys if it established a system whereby targeted employees would not learn when a valid court order arrived, thereby permitting surreptitious wire tapping.
Nevertheless, vulnerabilities would still exist with a private system. If some third party penetrated the key escrow agent, they would have access to the keys of everyone using the agent. It would be an "open sesame" nightmare. Key escrow agents must operate through human beings, and where humans are involved, bribery, collusion, and coercion is always a worry.
Implications for Export Controls
Among the most important implications of the October 1996 recommendations were their effects on exports. With certain exceptions, current export controls prohibit export Of software or hardware capable of encrypting above a so-called "40-bit level." This level is known as "weak cryptography"; Berkeley graduate students have cracked 40-bit encryption in less than four hours. With a powerful, dedicated mainframe computer, with software optimized for the task, the time needed to overcome such encryption is essentially zero.
In addition to the debate over domestic vulnerability, the U.S. software community has obvious market concerns. Under 40-bit restrictions, U.S. companies would lose their dominant position in pre-packaged software. If they cannot offer strong cryptography in foreign markets, their competitors will. In response, the Government would allow U.S. software firms to sell 56-bit software (which is sixty-five thousand times more secure than 40-bits) provided they entered into an agreement with the U.S. Government to have a system, as of two years from January 1, 1997, which automatically escrows keys. Key escrow would then be a condition of export.
Several firms have entered into these government agreements, but many in the industry are still extremely dissatisfied. In fact, no one is satisfied, least of all the FBI, which sees a very real threat to protection against terrorism. So far, Congress supports loosening export controls on encryption and allowing 56-bit encrypted soft ware to be exported. If we lose the World Trade Center, or even a face of encryption can be blamed, however, congressional reversal is certain. There is no clear answer to the crisis. Drug lords and terrorists can and do use cryptography. Law enforcement does rely heavily on wiretaps in response. Law enforcement and national security concerns do conflict with individual privacy, with the legitimate needs of business, and with the international competitiveness of the software industry.
Enter the National Research Council
Given all of these considerations, Congress mandated the National Research Council to develop a report on the dilemma. The report, developed by a committee that reflected the views of business, law enforcement, software designers and other diverse interests, made a series of unanimous recommendations. It was this report that, according to the Administration, provided an impetus to the October 1996 recommendation for liberalization of export controls.
The report reached several fundamental conclusions. First, computer and telecommunications security is still undervalued in American society. There is no central focus of responsibility for these issues. The National Security Agency is responsible for computer security of classified material. The National Institute of Science and Technology (NIST) of the Department of Commerce is responsible for sensitive, unclassified government-information traffic. The Federal Reserve Bank has some responsibility for banking. The list could go on. The point is that no one in the government has responsibility for a government-wide view.
Second, the business of law enforcement is to reduce the crime rate. Computer-based crime rates are rising. These crimes tend not to be as high-profile as violent crime, since victims, especially businesses, are motivated to keep the crimes quiet. While crime in the streets may be in decline, crime in the suites is on the rise. Yet electronic commerce has the potential to usher in the next industrial revolution. It cannot achieve its full potential without resolving the security problem. This will require two initiatives. First, the Committee recommended the liberalization of export controls in order to address the problem of vulnerabilities abroad and the position of the U.S. software industry in international markets. It also recommended that, although key escrow systems have many flaws, they should be tested to determine if a workable approach could be developed that would ensure wider security and yet meet law enforcement needs.
Third, insofar as national security is concerned, the most important foundation of security in the future will be the strength of the U.S. economy. The vulnerabilities of U.S. corporations, particularly abroad, is of greater concern than the proliferation of high-quality cryptography abroad. Such proliferation will happen, whatever actions the U.S. takes and whether or not it exports at all. Hence, the focus should be on the security needs of the U.S. economy. Recognizing the necessity of encryption, then, from a national security viewpoint, the nation is better off with a strong U.S. software industry abroad, essentially dominating world markets.
Domestic Action and International Reaction
But these issues obviously have spread beyond U.S. policy alone. Some U.S. trading partners have made it clear that they will impose import controls to counter any liberalization of U.S. export controls, largely out of fear of the deleterious effect on anti-terrorism strategies. Some countries do not know which side to support because they have as many internal economic and political interests at stake and in conflict as in the United States. The U.S. has now appointed an ambassador at large, a "crypto-envoy" if you will, David Aaron, whose job is to work with other governments in coordinating policy.
International solutions are critical. Papered-over diplomatic language and compromises will not suffice. Interpretable communications systems must work internationally if the promise of globalization is to be realized in economic terms. Yet domestic interests and concerns are real in nearly every nation. Control over access to crypto keys, together with law enforcement priorities and issues of economic competitiveness, create a complex set of conditions of engagement in what might be called the opening skirmish of the crypto wars.
Email this citation