This work is licensed under a Creative Commons Attribution 4.0 International License.
March 31, 1998
CAMBRIDGE, MASS.—American policies on computer encryption have been in chaos for four years. Civil libertarians have hailed encryption as a boon to human rights and free association, while law enforcement has demonized encryption and demanded the right to covertly decode transmissions. And businesses would just like to get on with the use of encryption for lucrative electronic commerce.
In considering why crypto policy has reached an impasse, we have good reason to look at the experience of France. The government there has passed several laws about cryptography and is currently struggling with their enforcement. So France is ahead of us—if one can consider deliberate steps in the wrong direction to put them “ahead.”
As in the United States, France has long classified encryption as a military or dual-use technology, and accordingly restricted its export. It received special treatment in a small flourish appended to the 20-page telecommunications law of December 29, 1990. Article 28 of this law required government permission for any use of encryption.
No immediate action was taken on what the French refer to as “the December 29 law,” but six years later a more comprehensive bill was passed. This July 26, 1996 law specifies that users of secret keys must store them with organizations that will furnish them to government officials as needed for crime-fighting purposes, a plan commonly known as “trusted third parties” or (in the United States) as “key escrow,” “key recovery,” or “government access to keys.”
While several countries have considered the trusted third party solution, France’s step of putting it into law forces its ministries to actually consider how it might work in practice. And that is why their attempts to codify key escrow are so interesting—the farther they come, the more headaches they encounter.
No country has seriously faced the major criticisms of key recovery made by the civil liberties community:
The system is open to abuse by government officials. Standard government claims—that officials can always be trusted to use keys in the legitimate pursuit of crime, or that courts and agencies can restrain unjust exploitation—are rendered ridiculous by numerous historical examples of wiretapping and illegal snooping.
Storage sites for keys are prime targets for malicious crackers. As recent Pentagon break-ins show, even the best-guarded sites are vulnerable.
Costs for trusted third parties will be prohibitive. To understand this point, one can simply look at the French plan for securing them.
Trusted third parties must be secure organizations. The law requires them to operate on French soil and to have some personnel who have security clearances.
On March 13 of this year, the government issued its most detailed order regarding these organizations. The order is replete with impressive-sounding rules to guarantee that keys are safe from anyone but legally authorized law enforcement: “A zone of controlled access…is physically protected against exterior unauthorized access…The mechanism of identification [of staff] requires presentation of supporting material associated with a personal code…It is desirable that decoding [of secret keys] take place inside a secure processor, or that the parameters used for decoding are divided between two repositories held by different operators, where only their simultaneous presence allows access to secret keys in the clear.”
The plan is standard military-grade security. (Although one must remember that all computer systems allow system administrators full access to programs and data, so that someone is always in a position to undermine security.) It is sure to cost a lot.
Remember that the security measures are not merely an extra firewall around a useful service. The whole organization can be bypassed if users are allowed simply to store their own keys, and therefore trusted third parties will be seen by them as superfluous and intrusive.
Trusted third parties raise a plethora of other questions. What if one goes out of business? The government order simply decrees that such a company must inform its users of others offering the same service. Delays or difficulties in switching service are not addressed. What is to prevent a user from just continuing to use his or her key with no government access?
Companies are required to specify their responsibilities in their policies, and the law imposes punishments for illegally sharing a user’s key. But Valérie Sédallian, a French lawyer opposed to key escrow, points out that it might be hard to detect or prove violations. “Can one truly envisage that a judicial expert could audit a trusted third-party system? Could one find competent experts in such a narrow domain? Must the expert be approved by the secret service?” (The last question carries an implication that the expert would have ties to the organization being audited.)
And then there are international repercussions. Suppose you are an American salesman who has installed off-the-shelf encryption so that you can send sensitive customer information to your central office while you’re on the road. Don’t bring your laptop into France! Not unless you apply for permission to import encryption and wait for a bureaucracy to approve it.
Sedallian claims that encryption controls could be found to violate several other laws, both French and international. France guarantees the right of privacy, for instance; the government is not supposed to be able to reach into personal communications at its discretion. And several directives from both the European Union and the Organization of Economic Co-operation and Development rule out measures that would restrict international commerce.
Presciently, Sedallian writes, “The existence of trusted third parties is justified by the imperatives of national security and defense. An international accord would supposedly make concessions in the area of national sovereignty. But the domains of defense and national security are precisely the domains where states are little inclined to abandon any piece of national sovereignty.”
It is none too soon for us to study the French experience. Last week, in the U.S., Senator McCain introduced into Congress a new version of an encryption bill that was quashed last year. While the FBI and the Clinton Administration recently promised to drop attempts to outlaw any type of encryption domestically, they and Senator McCain are still trying to put a trusted third party system in place. Britain and Canada have initiated similar debates.
Meanwhile, the farce played out by European ministries and U.S. Congressmen is being upstaged by the steady march forward of a free, internationally available encryption product called Pretty Good Privacy. Many other companies, including a commercial version of PGP, are available in North America and are waiting impatiently for the right to export their products. A recent lawsuit in the U.S. has ruled restrictions on encryption to be a violation of the First Amendment.
We have to realize that strong, unbreakable encryption is here to stay. Many other technologies facilitate crime, but we have recognized the technologies’ value and learned to cope with their drawbacks. And we will learn to live in a society of guaranteed private communications as well.
This work is licensed under a Creative Commons Attribution 4.0 International License.
Editor, O’Reilly Media
Author’s home page
Other articles in
chronological order
Index to other articles