US official concedes that key recovery is inferior to alternativ

Wed, 25 Mar 1998 18:02:57 GMT0BST

Members will find the following EPIC press release of interest.

Yaman

==================================================================

       U.S. OFFICIAL CONCEDES THAT "KEY RECOVERY" ENCRYPTION
          IS INFERIOR TO ALTERNATIVE PRIVACY TECHNIQUES

FOR IMMEDIATE RELEASE                    CONTACT:
Wednesday, March 25, 1998                David Sobel/Dave Banisar
                                         (202) 544-9240

WASHINGTON, DC -- A top U.S. official acknowledged more than a
year ago that the Internet privacy technique championed by the
Clinton Administration is "more costly and less efficient" than
alternative methods that the government seeks to suppress.  The
concession is contained in a newly-released high-level document on
encryption policy obtained by the Electronic Privacy Information
Center (EPIC).

In a November 1996 memorandum to other government officials,
William A. Reinsch, the Commerce Department's Under Secretary for
Export Administration, discussed the Administration's efforts to
promote "escrowed" or "recoverable" encryption techniques in overseas
markets.  Such techniques enable government agents to unscramble
encrypted information and they form the cornerstone of current U.S.
encryption policy.

After noting that government regulations permit the export of non-
escrowed encryption products only to "safe end-users" such as foreign
police and security agencies, Reinsch recognized the inferiority of
the Administration's favored technology:

     Police forces are reluctant to use "escrowed" encryption
     products (such as radios in patrol cars). They are more
     costly and less efficient than non-escrowed products.
     There can be long gaps in reception due to the escrow
     features -- sometimes as long as a ten second pause. Our
     own police do not use recoverable encryption products;
     they buy the same non-escrowable products used by their
     counterparts in Europe and Japan.

Ironically, Reinsch's concession is contained in a memorandum that
discusses the Administration's strategy to "help the market transition
from non-recoverable products to recoverable products." According to
EPIC Legal Counsel David Sobel, the newly released document "suggests
that the Clinton Administration is trying to sell key recovery
technology while quietly recognizing its inferiority.  This approach
will ultimately weaken the global position of the American computer
industry and hold back the development of the privacy protections so
badly needed on the Internet."

EPIC and other critics of current U.S. encryption policy have long
maintained that "key escrow" and "key recovery" approaches compromise
the security of private information by providing "backdoor" access to
encrypted data.

The Reinsch memo was released in response to a Freedom of
Information Act request EPIC submitted to the Department of State
concerning the international activities of former U.S. "crypto czar"
David Aaron.  That request is the subject of a pending federal lawsuit
initiated by EPIC last year.

The memorandum is available at the EPIC website at:

     http://www.epic.org/crypto/key_escrow/reinsch_memo.html

                             - end 

.....................................................................
. . David L. Sobel, Legal Counsel                *   +1 202 544 9240
(tel) Electronic Privacy Information Center        *   +1 202 547 5482
(fax) 666 Pennsylvania Ave., SE Suite 301          *   sobel@epic.org
Washington, DC 20003   USA                   *   http://www.epic.org .

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Yaman Akdeniz <lawya@leeds.ac.uk>
Cyber-Rights & Cyber-Liberties (UK) at:
http://www.leeds.ac.uk/law/pgs/yaman/yaman.htm

Read CR&CL (UK) Report, 'Who Watches the Watchmen'
http://www.leeds.ac.uk/law/pgs/yaman/watchmen.htm
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~