PRISM Magazine Online - April 2000
A Compromising Situation

By Bruce Auster

Tech firms have won the battle to sell encryption software overseas, setting off law enforcement fears that the new rules will jeopardize national security.

The tactic is called "Brute Force." To prove that the U.S. government's standard for encryption canA Compromising Situation be broken, attackers overwhelm the code, using powerful computers to try every possible key until the one that unlocks the door is found and the message deciphered. The encryption standard was once thought to be uncrackable: there is just one correct key in 72 quadrillion possible combinations; checking them one key at a time without a computer would take 9 billion years. But it is invincible no longer. In fact, breaking the code has become a game; the challenge is not whether it can be done, but how fast. Last year's winner solved the puzzle in just 22 hours and 15 minutes.

So much for the cornerstone Washington wanted e-commerce to be built upon. The old code, known in the business as the 56-bit data encryption standard (DES), is no longer considered powerful enough to withstand a dedicated effort to crack it--a potentially fatal obstacle to the tech boom. But American companies were barred from marketing stronger encryption software overseas--doing so would jeopardize national security and hamstring law enforcement, officials argued. Barred until a few months ago, that is.

With the writing on the wall, the Clinton administration conceded defeat. In new rules published in January (but which will not be made final until a public comment period that will last through the spring), the administration lifted the ban on the retail sale of encryption products after review by the Commerce Department. Even the "source code," the computer code that creates the encryption software, can be exported. The only exceptions: there will be special reviews for sale of products to foreign governments. And the outright ban remains on any sale to nations on the State Department's terrorism list, including Cuba, Iran, Iraq, Libya, North Korea, Sudan, and Syria.

The floodgates are now open. There is simply no middle ground in the battle between business and government. On one side, Silicon Valley argues that it cannot compete internationally if barred from selling the strong encryption software that firms demand in global markets. A new advanced encryption standard, or AES, is considered unbeatable: A brute force attack would be far more difficult against the 128-bit code, which is billions of times stronger than the 56-bit version, experts say. There is also the "Triple DES" code: a series of three 56-bit codes that together equal a 168-bit standard, which is considered perhaps trillions of times more difficult to break.

On the other side is the law enforcement community, which fears that criminals--domestic and foreign--will be able to plot their deeds secretly without fear of being found out. "Unless we can protect the ability to do electronic surveillance ordered by a court and [maintain an] export regime which does limit in great degree the amount of very strong encryption going into the wrong hands, we are going to face a situation where, from a law enforcement point of view, it will be very difficult to do our job," said Louis Freeh, the director of the Federal Bureau of Investigation, in testimony before Congress last year. "Lives will be lost, whether it's a building blown up because we can't read the plain text as to the time and location, or whether it's a kidnaping that we can't get the answer to or make a rescue because we don't know what's going on."

March of Technology

The entire debate may soon be moot, and law enforcement is losing. It was tough enough that powerful encryption software could be downloaded from the Internet and that foreign firms, particularly from Germany, were selling internationally--the U.S. rules notwithstanding. Then the firm RSA Data Security set out to prove that the 56-bit standard was outmoded, making headlines when it challenged all comers to break the code. "We are quickly reaching the time when anyone with a standard desktop PC can potentially pose a real threat to systems rely ing on such vulnerable security," said Jim Bidzos, president of the firm, after last year's winner was announced. "It has been widely known that 56-bit keys, such as those offered by the government's DES standard, offer only marginal protection against a committed adversary."

Within days of the administration's move, U.S. companies announced plans to introduce 128-bit encryption overseas. Netscape Communications, for example, will make its Communicator software available with the high-grade encryption in 23 languages. The company says that security remains the top concern for people conducting business over the Internet in Europe and Asia. In the days following the administration's announcement of the new rules, others joined Netscape, including NetFront, provider of the Trusted eMessaging service.

The White House insists the new rules will not hamper intelligence gathering and law enforcement. But it is difficult to see how the administration can make such assurances. The FBI, the National Security Agency, and other agencies have fought congressional efforts to ease export restrictions. Now, to put a good face on matters, Freeh and others are arguing that they will manage.

In reality, law enforcement is falling back to a second line of defense. They insist on being able to gain access, after getting a court order, to the plain text of messages suspected to be criminal. Privacy advocates are fighting to block the effort.

But for law enforcement officials, the provision is essential. "We need real-time capability," Freeh told Congress. "It doesn't do me any good to come back and report to you that ten years ago, we had on some tape, or in some electronic record that we seized, the exact plans to blow up a location. It was blown up. We didn't know about it, but we figured it out ten years later and we want to make the historical record correct. You don't want to hear that."

Access to computer files in "real time" helped foil a 1996 plot masterminded by Ramzi Ahmad Yusuf, the man implicated in the 1993 World Trade Center bombings. According to the FBI, the laptop computer of one of Yusuf's associates was discovered in the Philippines. On it were files, which were not encrypted, detailing precise plans to blow up 11 American airliners in Asia simultaneously. The incident never took place, and Yusuf was convicted of planning the plot.

That laptop also contained some encrypted files, a sign that criminal organizations were starting to take advantage of new technology. It has taken just a few years for the new encryption to change--even threaten--police work. As recently as 1995, the Drug Enforcement Agency broke the Cali drug cartel in Colombia by exploiting communications that were not encrypted. The cartel's leaders, who routinely give orders to operatives on New York streets thousands of miles from Colombia, depend upon cell phones and faxes. The DEA used court-backed phone intercepts that allowed them to discern the structure of the cartel and its system for distributing drugs in the United States. In 1995, the cartel's leaders were arrested.

"The spread of nonrecoverable encryption threatens to remove this essential investigative tool from our arsenal," said Tom Constantine, the former head of the DEA, in testimony before Congress last year. Until 1995, the DEA had never found evidence of drug traffickers using encryption. Then, at the end of 1995 and in the first months of 1996, drug kingpins in Mexico made unsophisticated efforts to scramble phone calls, which U.S. agents were able to decode. By the end of 1997, DEA detected but was unable to monitor 262 phone calls by drug operations, many originating in Mexico. The number topped 500 last year. "We have now been denied the ability to penetrate the command and control of the international drug trafficking organizations," says Constantine.

The technical challenge, then, is to find some way to gain access to the keys that can unlock these messages in a timely way. Since the early days of the Clinton administration, the FBI proposed, and abandoned, schemes to recover plain text. First there was the "clipper chip," which would give the government court-backed access to a key built directly into the computer's hardware. That plan was dropped. Then there was a proposal to gain access to a key embedded in the computer software, the so-called key escrow approach. The Clinton administration has discovered, however, that requiring companies to build in recoverable keys only antagonized industry and raised fundamental issues of privacy rights. In short, critics asked, should the government be allowed a copy of a person's house keys?

So new approaches are afoot: Attorney General Janet Reno and FBI Director Freeh have met with industry CEOs to try to persuade them to install recoverable keys voluntarily. There is also discussion about allowing law enforcement to gain access to messages before they are encrypted; this tactic has been nicknamed the "private doorbell."

The policy challenge will be to create a legal framework that permits law enforcement access to keys without violating privacy concerns. Latest on the table is an administration proposal--the Cyberspace Electronic Security Act--or CESA, that tries to finesse the balance. It is not clear that it succeeds.

The legislation targets third parties that hold encryption keys for individuals. More and more people are storing data on networks or with third parties: banks secure people's financial records while medical records are held by doctors or HMOs, for example. CESA would attempt to define guidelines for government access to keys or passwords held in escrow by these third parties. At the same time, the proposed legislation would bar disclosure of such information without a court order.

Already, though, CESA is coming under fire. "This standard falls far short of the standard in the Constitution for government access to keys held by encryption users--probable cause to believe that a crime is being committed and notice at the time of the seizure," according to an analysis by the Center for Democracy & Technology, a private group based in Washington, D.C. Still, it is an improvement over an early version of the law leaked to the press last summer. That proposal would have allowed law enforcement officers to enter homes, seize encryption keys and plant devices on people's computers to facilitate recovery of information--all without the knowledge of the suspect. The scheme was abandoned as soon as it went public.

Which leaves the third line of defense for law enforcement. A final provision of CESA calls for spending for a technical support center at the FBI. The adminstration sought $79 million for the center in the fiscal year 2000 budget. The Defense Department will also boost such spending. The goal is to give law enforcement the technical tools to capture information. This has been a problem in the past: even modest changes in technology, such as the advent of fax machines, required law enforcement to perform a sort of code-breaking. The advent of packet-switched networks, which route phone calls over many phone lines, also slowed the ability of the government to eavesdrop. Still, the new encryption software is so powerful that security experts don't believe code-breaking by law enforcement is realistic. "There's a lot more to doing the law enforcement job than doing cryptography," says William Crowell, a former top official at the National Security Agency who heads a presidential committee on encryption export policy.

Solving those technical issues may be law enforcement's last resort. With strong encryption available on the Internet, the FBI caved in to demands to allow its export. Efforts to gain access to keys, even with the blessing of a court, continue to antagonize privacy advocates. What's left? The technical fix. But little is known about the Pentagon's research program. "Some parts of the budget," explained Deputy Defense Secretary John Hamre, "I can't discuss."

 Bruce Auster is a freelance writer in Washington, D.C.