"Do encryption without going to jail," sang Bidzos, alluding to government rules that generally make it illegal to export products with strong encryption unless you agree to give law enforcement a way to easily unscramble encrypted data. The government is afraid that unbreakable encryption will be exploited by criminals and terrorists.

The 3,000 or so security professionals in attendance loved Bidzo's act. But few seemed to realize that although the company continues to lobby hard in Washington against the kind of government-mandated key-recovery laws FBI Director Louis Freeh wants, RSA really is singing a different tune.

The next version of the RSA encryption tool kit, BSAFE 4.0, will require developers that want to build products with anything over 56-bit strength encryption for export to use a key-recovery center approved by the U.S. government.

Corporations buying products made with BSAFE 4.0, due out midyear, may be allowed to operate their own key-recovery centers for key storage, if the government approves. And BSAFE developers will be getting digital certificates they must use to digitally sign their cryptocode APIs to prevent them from violating U.S. export policy.

"As far cryptoservice providers go, the signature is mandatory - it enforces a law enforcement policy," said Kevin Kingdon, RSA technical director. "BSAFE 4.0 implements a key-recovery API, and if you use it properly, you can expect to get export approval for strong encryption."

BSAFE 4.0 will be based on an Open Group standard devised by Intel Corp. called the Common Data Security Architecture (CDSA) 2.0, with key-recovery extensions from IBM called KeyWorks.

KeyWorks is based on RecoverKey technology from Trusted Information Services, Inc. (TIS). RSA agreed to adopt CDSA and KeyWorks as part of a broad-based security alliance with Security Dynamics, Inc., RSA's owner, under which IBM will resell the Security Dynamics ACE/Server authentication products.

Ironically, RSA also now is betting on the Digital Signature Standard and the Secure Hash Algorithm, technologies it fought the government bitterly against four year ago before DSS and SHA-1 became government standards.

RecoverKey, as used in the TIS Guantlet firewall, lets corporations with offices outside the U.S. make use of powerful IP encryption without the government worrying about it because the U.S. government can go to a key-recovery center, if needed, to get a spare encryption key.

One RSA licensee, TimeStep Corp., said it does not like where RSA is going with BSAFE. "Our customers don't want key recovery," said Tony Rosati, TimeStep vice president of marketing. As a Canadian firm, TimeStep does not face the same encryption export rules.

Phil Zimmermann, founder of Pretty Good Privacy, Inc., who now has the title of "fellow" at Network Associates, Inc. since it acquired PGP, said he hoped PGP software would "never" be based on government key-recovery software. PGP also is an RSA licensee.

However, TIS, for one, says corporations are adopting government-approved key recovery.

Dutch Shell Oil is allowed to operate its own key-recovery center in Holland, said TIS lawyer Ken Mendelson, also noting that TIS is acting as a government-certified key-recovery center for Sears, Inc.

But TIS would rather simply sell RecoverKey products and bow out of the service end in order to avoid competing with potential customers.

A half dozen universities have just completed a pilot with the Department of Energy to share information about research applications and grants electronically using electronic data interchange with RecoverKey encryption.

The universities included Notre Dame, University of Pennsylvania and University of California, according to Abby McLean, technology manager at Gaithersburg, Md.-based Federal Information Exchange, Inc.

Massachusetts Institute of Technology was part of the pilot but because MIT "is strongly against government antikey-recovery," they did not have master encryption keys warehoused at Oakland, Calif.-based SourceFile, the government-certified key-recovery center selected for the pilot.

At the RSA conference, one after another crypto experts said government key recovery is unworkable on a large scale and in any event, will add costs to the end user who must pay for new software complexity and key-recovery center costs.

Matt Blaze, principal research scientist at AT&T Laboratories, told the RSA audience that research completed by a group of cryptographers, including Whitfield Diffie of Sun Micrsystems, Inc., found that "large-scale key recovery on the scale envisioned by the government in the key-management infrastructure proposals lie beyond the current competency in the field."

TIS President Steve Walker disputed the findings, saying the cryptographers' panel "had looked only at the worst possible scenarios."

Office of Management and Budget offical Bruce McConnell told conference attendees the government has tested 13 applications using a variety of key-recovery methods from Entrust Technologies, Inc., TIS, IBM's Secret Agent and VeriSign, Inc.

"We showed, yes, you can make key recovery work," said McConnell, adding the report's findings will be published in March.

Sandra Lambert, former Citibank Corp. security chief who is now a consultant at Los Angeles-based Lambert & Associates, said banks have long done key recovery on their own terms. But as far as government-certified key recovery goes, "they are taking a wait-and-see attitude to see how the legislative battle plays out."

Last year, the Senate and House were juggling legislation that would either make government-approved key-recovery mandatory, or shoot down any mandate. The battle is expected to continue at full volume this year.

The Clinton administration, which claims it wants to find a compromise to suit all sides, has looked away as the FBI lobbies hard in Congress for mandatory key recovery for all products, domestic and exported.

The FBI has held secret classified briefings with members of Congress to persuade them to vote for the FBI's hardline, but these secret briefings are just "scare tactics presented as truth," said Rep. Zoe Lofgren (D-Calif.). She said the FBI is misrepresenting technical information about encryption in order to persuade Congress to vote for mandatory key recovery.

Rep. Lofgren, as well as Sen. John Ashcroft (D-Mo.) and Rep. Bob Goodlatte (R-Va.) who spoke via teleconference, urged corporations to make their views known on Capitol Hill and provide accurate technical information to Congress.

Last week the Clinton administration's point man on Internet policy, Ira Magaziner, told Network World the administration favors "voluntary incentives" for government-approved key recovery but that the FBI's Freeh is free to express his own opinion on Capitol Hill.