Foreign encryption policies, markets and legal access were among the topics of a January 28 speech by Ambassador David Aaron, Special Envoy for Cryptography to the RSA Data Security Conference in San Francisco.

U.S. allies "support the concept of lawful access by governments" to encrypted files and communications, reports Ambassador Aaron. He explained that "many governments in the interest of public safety, want stronger controls than we have."

"The international encryption market will not be a wide-open affair," he said. Addressing the RSA Data Security Conference, Ambassador Aaron said that as the encryption industry plans for the future, it should "take into consideration the likelihood that lawful access and key recovery will be a growing international requirement."

The Administration seeks to encourage the widespread use of encryption where users, in an emergency, can recover access to their keys needed to descramble their data. This would also enable law enforcement, under judicial authority, to gain access to encrypted data, as they do now with unscrambled evidence.

Despite our trading partners misgivings about the decision last October to relax U.S. export controls on encryption, Ambassador Aaron says that "all are willing to cooperate with us to work out the needed international arrangements" to make strong encryption work across international borders "while ensuring that public safety is not jeopardized."

Ambassador Aaron cited several cases where encryption was used in terrorist plots, drug dealing, child pornography and espionage. He stressed that despite the risks, the Clinton Administration policy on encryption "in no way seeks to expand the powers of law enforcement nor reduce the privacy of individuals. The intent is to maintain, in the face of technological change, the current legal instruments it has."

"Domestic use of key recovery will be voluntary, he emphasized. "All Americans will remain free to use any encryption system in the United States." Ambassador Aaron expressed appreciation for the contribution made by private industry to this policy initiative and called for even more dialogue and cooperation. He said that the result of such cooperation "can be a level of privacy and confidentiality never before available to both individuals and business."

Statement by Ambassador David Aaron, US Envoy for Cryptography

RSA Data Security Conference, January 28, 1997

International Views of Key Recovery

The first thing that I wanted to do in preparing for this assignment was to understand the concerns of industry and the general public.

I've had the pleasure of meeting with dozens of US and foreign industry leaders and representitives - not only those in the encryption business per se, but others in the field of electronic commerce, telecommunications, finance and other industries for which secure communications are essential. They have all impressed upon me the crucial importance of robust encryption for the future of their enterprises.

- Businesses are increasingly reliant on private networks and the internet for their communications and operations. As proprietary information and intellectual property is transmitted over these networks, it must be protected by strong encryption.

- Business is also increasingly multinational in nature. Thus, any system of encryption must be able to operate across national borders.

- Businesses are becoming more aware of the need to recover encrypted files. Companies simply cannot risk loss of access to their valuable intellectual property because of lost passwords, accidents or, a rogue employee.

I have also had the opportunity to meet with representatives of privacy groups. They point out that every day our citizens are electronically transmitting more and more sensitive personal data, including medical, health, and financial information. Such transactions require robust security afforded by encryption.

Earlier in my career, I had the experience of working on a Congressional investigation of Government violations of Americans' right to privacy. So I well understand the concerns of privacy advocates. When Americans' fundamental rights are involved, it is understandable that the public will be extremely sensitive and cautious.

To enable encryption to be used widely for privacy protection and electronic commerce, rapid development of a support infrastructure is needed. This infrasture must provide the policies, product, and certificate services that will allow encryption to be used, and most important, used WITH CONFIDENCE. The Adminstration supports this requirement, as exemplified by its initiative announced in October to promote the development of an international key management infrastructure.

The Administration envisions an infrastructure that, if developed wisely, will offer greater privacy and confidentiality than ever before. It will provide for authenticated transactions, robust confidentiality services, and key recovery features. The latter will enable users, and law enforcement under proper legal authority, the ability to regain access to encrypted data.

This approach addresses needs of the user while ensuring the public safety is not placed in jeopardy. While this has been a controversial issue, the ability to protect the rights of Americans flows from successfully fulfilling the basic public safety obligations of government.

Already the Justice Department has encountered important examples of instances where encryption has been used by terrorist and criminals. For example :

- In the Aldrich Ames spy case, Ames was instructed by his Russian handlers to encrypt computer file information to be passed to them.

- Ramzi Yosef, recently convicted of conspiring to blow up 10 US-owned airliners in the Far East, and his co-conspirators stored information about their terrorist plot in an encrypted computer file. (Yosef is on trial for his role as the mastermind of the World Trade Center bombing.)

- In a child pornography case here in California, one of the subjects used encryption in transmitting obscene and pornographic images of children over the Internet.

- In a major international drug-trafficking case, the subject of a court-orderd wiretap used a telephone encryption device, significantly impacting the investigation.

- Some anti-government militia groups are now promoting the use of encryption as a means of thwarting legitimate law enforcement investigations.

- In several major hacker cases, the subjects have encrypted computer files, to conceal evidence of serious crimes. One of these, Kevin Lee Poulsen, recently pled guilty in Los Angeles and San Jose Federal Courts for among other things, breaking into and manipulating Pacific Bell telephone computers.

I cite these examples not in the spirit of argument, but to stress that in developing its policy on encryption, the government has made a good faith effort to balance the obligations and interests involved. And I want to stress that this policy in no way seeks to expand the powers of law enforcement nor reduce the privacy protections of individuals. The intent is to maintain, in the face of technological change, the current legal instruments it has and continues to require - instruments which Congress itself has determined are necessary in the interest of public safety.

Business leaders have also made clear to me, and to the Administration, that they believe there exists now a strong international market for robust encryption, and that American industry is in a leading position to respond. But, if American firms are not allowed to meet that demand in a timely way, they are deeply concerned that our leading position in information technology across the board could be jeopardized - even in product areas not incorporating encryption. Thus, industry asked for further export policy liberalization and streamlining of the regulatory requirements.

These concerns are being heard in Washington. The Adminstration has taken the following steps - many based on the direct recommendations of industry representatives:

- First, at the end of last year, jurisdiction for licenses of encryption exports was transferred from the Department of State to the Deparment of Commerce. Commercial encryption is no longer treated as a munition and thereby subject to various foreign policy embargoes. We hope this will both speed up and simplify the tasks of obtaining licenses.

- Second, and very important, the Administration will license the export of encryption products, of any algorithm and any key length, if they incorporate key recovery.
Third, the Administration will also permit the export, over the next two years, of 56-bit DES and equivalent encryption products without key recovery provided exporters make commitments to develop key recovery products. I am pleased to report that already at least 4 vendors have formally filed key recovery commitments and several more companies are in the initial stages of dialogue with the Department of Commerce.

- And last, a point which is often lost in the debate, domestic use of key recovery will be voluntary as announced by the Vice President last October. All Amercians will remain free to use any encryption system in the United States.

However, I must be frank with you. The Administration's agreement to allow the export of DES poses risks to national security and law enforcement, but these are risks that we are willing to accept to support the development of a key management infrastructure with key recovery.

In addition to export liberalization, the Administration is also taking other steps in partnership with US industry to hasten development of key management infrastructure:

- We have initiated ten US Government pilot projects to demonstrate the practicality of key recovery as part of a key management infrastructure. One pilot which may be of interest to this audience involves the electronic filing of patent applications with the US Patent and Trademark Office, incorporating digital signature and encryption.

- The Department of Commerce has convened a technical, private sector advisory committee to develop a Federal Information Processing Standard for a Federal Key Management Infrastructure with a focus on key recovery. We are encouraged by the high degree of industry participation in this activity, which will better ensure a successful outcome.

- The Administration will use a formal mechanism to provide industry, users, state and local law enforcement, and other private sector representatives with the opportunity to advise on the future of key recovery.

- Finally, the Clinton Administration will soon propose legislation relating to the provision of commercial key recovery services, including providing penalties for improper release of keys, and liability limitations. To this end, we will be consulting fully and broadly with Congress.

As part of this overall effort the President asked me to serve as Special Envoy for Cryptography. In accepting this assignment, I have been struck that everyone involved with the encryption issue, whatever their views, recognizes that the international reaction will determine the success or failure of their particular approach. With that common starting point, I though I would share with you the results of my consultations with foreign governments thus far.

But before doing so, I think I need to describe my role. A recent publication labeled me the Czar for cryptography. I am not a Czar. For one thing I am mindful of what happened to the real Czar. More important, I report to an interagency group at the deputy Cabinet level. They, under the Vice President, are the real policymakers.

My assignment is to explain the US Government's position on this issue to other governments and get their views. My goal is an international consensus on the development of a global key management and key recovery architecture -- one that will foster robust and dependable security for the global information infrastructure while protecting public safety and national security.

My consultations also focus on the underlying requirements in building such an international infrastructure such as cross border certification of public keys and authenticated transactions, principles of interoperability, and key recovery criteria. One of my main messages is that while governments must provide the appropriate policy framework, the task of actually building an international key management infrastructure must lie with the private sector.

So far, I have held high level meetings with the governments of France, Great Britain, Germany, Belgium and Canada as well as with the Commission of the European Union. I have also had the opportunity to meet with the representatives of other governments of the OECD in the course of negotiations on cryptography policy guidelines about which I'll say more in a minute.

From San Francisco, I will go to Australia and Japan and then return to Europe for consultations with other governments there. Subsequently, I also plan to consult with emerging market nations in Asia, Africa and South America.

So, what I have to report is not a final tally of all governments' views, but I believe it is instructive nonetheless.

- All governments appreciate the importance of encryption for the future of their economies;

- All recognize the increasing need for privacy protection due to the explosion of electronic commerce;

- All governments recognize the need for international cooperation to create a KMI and certificate services to facilitate privacy and electronic commerce;

- All support the concept of lawful access by governments and the use of trusted parties and/or key escrow as a possible mechanism.

- Many governments, in the interest of public safety, want stronger controls than we have. They have, or are considering, domestic controls on the use of encryption within their borders.

- Virtually every government has expressed unhappiness with the US decision to release 56 bit non-key recovery products even with key recovery commitments.

- Several have criticized the absence of internal US controls.

- They are concerned that the increased availability of such products without key recovery could undermine their ability to protect the public safety within their borders.

- Also, many suspect that our policy is driven by a desire to obtain a commercial advantage.

- Nonetheless, all are willing to cooperate with us to work out the needed international arrangements for a global key management infrastructure.

In that context, two approaches to the encryption issue appear to be emerging internationally: one is market-oriented like ours, where governments provide the appropriate policies and regulatory framework to allow for and protect the voluntary use of key recovery. The other, which is not the U.S. approach, is based on government rules and strict controls, including domestic mandatory key escrow for communications. In either case, one of my primary objectives is to ensure that any requirements and limitations imposed in other countries do not discriminate against US companies.

An important element in getting to an international consensus on encryption issues has been the development of cryptography policy guidelines at the OECD. The discussions, which began in December 1995, among the 29 member countries, have included representatives from government and business, law enforcement, security, and privacy interests.

The guidelines, now in draft, outline basic prinicples for cryptography policy. They cover the issues of trust, choice, market-driven development and standards of cryptographic methods, as well as protection of privacy and personal data, lawful access, liability and international cooperation. As many of you know, we have included as many US business representatives as possible on the US delegation to the OECD meetings on encryption.

Though these guidelines are broad in nature and non-binding, our goal is their adoption and application by governments, businesses and individuals in safeguarding electronic transactions, communications and data storage. We expect final approval by governments in the Spring.

CONCLUSION

In conclusion, I want to underscore that every government I have consulted wants to protect the privacy of its citizens while also preserving lawful access to encrypted materials for public safety purposes. During the negotiation of the OECD Guidelines, delegates were specifically asked if their governments' wished to give up or reject their sovereign rights to lawful access. None did - not even the most ardent advocates of free choice, privacy and unfettered commerce.

So from what I can see at this point in my mission, the international encryption market will not be a wide open affair. As you in the encryption industry plan for the future, I would encourage you to take into account the likelihood that lawful access and key recovery will be a growing international requirement.

Many companies, including many represented in this audience, have announced efforts to search for key recovery solutions for thier customers, and have provided useful ideas and feedback to the Administration. We are grateful to them and eager to hear more of your ideas and suggestions. I ask the rest of you to consider joining our efforts to develop the framework for an international key management infrastructure that will provide for robust encryption and key recovery for all users.
I believe the result of our cooperaton can be a level of privacy and confidentiality never before available to both individuals and business. It can provide the security necessary to make electronic commerce and digital communications powerful engines of economic growth, improving the lives of us all.

And as I go forward in my assignment, I want you to know that I am committed to support the leadership role of American industry in the highly competitive international arena of information technology. I am eager to work with you and your representatives, and I look forward to seeing you all again.