The Convergence
Saturday, August 2, 1997

Can you keep a secret?

Canadian crypto: true, strong, free

by David Jones, dxj@theconvergence.com

As we use information technology more and more in our everyday lives, we seem to have less and less privacy. In a vast country like ours, Canadians rely heavily on telecommunication, and though most of us don't know all of the technical details, we know enough to realize it's pretty easy for snoops to rummage through our email correspondence and to listen in on our cell-phone conversations.

Is privacy dead in the Information Age?

The truth is, tools to protect your privacy are alive and well and living in a computer near you. Encryption technology -- methods for encoding and decoding messages so others can't read them -- once of interest only to mathematicians and the military, has now gone mainstream.

Although primitive rules for scrambling messages can often be broken by people with enough time and ingenuity, recent advancements have yielded a variety of sophisticated techniques that, for all practical purposes, simply can't be broken.

And that scares the shit out of some people.

Why? Because unlike most people who think that protecting their privacy is a good thing, there are a select few, principally cops and spies, who have rather enjoyed the ability to eavesdrop on other people's conversations whenever there was something they wanted to know.

Strong encryption changes all that.

-- the geeks vs. the spooks --

In the United States, the Federal Bureau of Investigation (FBI) and the National Security Agency (NSA) have argued that something must be done to prevent organized criminals and international terrorists from using crypto to communicate in secret. Just about everybody else argues that privacy is more important. The result has been a long and tedious battle.

An initial proposal, known as the Clipper Chip, would have required the use of government-approved encryption hardware, with a special "law enforcement access field" (LEAF) to allow eavesdropping, when appropriate. Through a mechanism known as "key escrow," encryption keys were supposed to be deposited with a trusted third party who could provide them to the police, when necessary. Not surprisingly, the proposal was a complete failure.

Since then, the Clipper proposal has been through several revisions, none of them popular, and the spin doctors have dropped the term "key escrow" and substituted "key recovery." The idea is that businesses might want to keep backup copies of encryption keys to make sure they don't lose access to their own encrypted records. With appropriate court authorization, police could get access to those keys as well.

"The government claim is that 'key recovery' is different, but they're just lying," says John Gilmore, a computer scientist who serves on the American Electronic Frontier Foundation's board of directors and co-author of a recent technical paper that highlighted the risks of key recovery and key escrow.

"What exposes the lie," says Gilmore, "is when the government insists on key recovery for encrypted communications, (as opposed to encrypted data in storage). Businesses have no need to 'recover' the keys of encrypted communications such as phone calls or Internet login sessions. In fact, good security practice requires destroying session keys after the communication ends, so they cannot be recovered by someone who has recorded the communication. However, this is the main use that law enforcement anticipates -- decrypting recorded wiretaps."

Jim Dempsey, senior staff counsel at the Center for Democracy and Technology, based in Washington, D.C., agrees that "the distinctions are merely rhetorical." The real issue, he says, "is the presence or absence of user control."

Although the technical details and terminology may sometimes seem confusing, it doesn't have to be that way. For most people, it's really very simple: "It's my lock, it's my key, you can't have it."

-- The secret's out! --

The algorithms used to keep secrets are widely known. They've been incorporated into various software packages that are now widely available on the Internet. Phil Zimmerman's PGP, which stands for Pretty Good Privacy, is a good example. It's commonly used for the exchange of private email messages.

Nevertheless, even though it seems to many like a pointless exercise, the U.S. government has continued to try to enforce regulations that prohibit the export of strong encryption software. Because of the supposed dangers to national security, encryption software has been classified as a "munition" -- like guns and bombs.

But there are loopholes. Since it's not illegal to export books, the source code for PGP (version 5.0) has been exported in book form. A Norwegian student, Stale Schumacher, has been busy scanning in the more than 6,000 pages and should be finished converting the program into executable form very soon.

"We export jobs, not crypto," says Sameer Parekh. In order to sidestep U.S. export regulations, his company, C2Net, develops strong encryption software outside the country, which it can then legally sell anywhere in the world. Sun Microsystems does the same thing, farming out their crypto to a Russian company.

In Canada, we're not bound by the same silly rules. We export crypto, not jobs.

Just this past week, Ottawa-based Entrust Technologies, made their strong encryption product, SOLO, available on the web for anyone in the world to download for free. The software allows people to protect email messages using encryption and authenticate them using digital signatures. With 128-bit keys, it's stronger than anything that can legally be exported from the United States.

Entrust chief executive officer, John Ryan, says the federal government has ruled they are in compliance with all export restrictions and international agreements, such as the General Agreement on Tariffs and Trade (GATT) and the International Traffic in Arms Regulations (ITAR).

Sue Hofer, spokesperson for the U.S. Department of Commerce's Bureau of Export Administration said this week in a telephone interview that Entrust's actions are "under review as a potential enforcement matter."

-- Canadian Crypto Policy --

In Canada, the various law enforcement agencies have occasionally repeated the arguments made by their American counterparts, but to a large extent, their statements have fallen on deaf ears.

Two years ago, in August of 1995, the Canadian Association of Chiefs of Police (CACP) passed a resolution "to facilitate the lawful interception of communications." They urged the government "to enact the appropriate legislation requiring that all present and new telecommunications technologies contain capabilities that will provide law enforcement agencies with the technical assistance necessary to accomplish court-authorized interceptions." That's their way of saying that they want the government to impose restrictions on the use of cryptography, so they can continue to use wiretaps.

More recently, the federal government, led by Industry Canada, has been reviewing Canada's policies relating to the use of cryptography. Since there's a clear consensus about importance of encryption technology for protecting privacy and enabling secure electronic commerce, the only contentious issue that is likely to arise is the same one that is causing such a stir in the United States: government access to encryption keys.

"Mandatory key escrow or key recovery are comparable to the government demanding that every Canadian be required to deposit copies of keys to their residence at the local court house, in order to facilitate police entry, should suspicion of a criminal act arise," says Jeffrey Shallit, "It's simply unacceptable."

Dr. Shallit, a computer science professor at the University of Waterloo and co-founder of Electronic Frontier Canada, helped prepare EFC's position paper on Canadian cryptography policy which was released earlier this week.

Among its recommendations are a few that might cause Industry Canada to sit up and take notice.

"Where session keys are used to protect electronic commerce that is conducted offline, as is the case with some stored value cards [like Mondex], it may be entirely impractical to store or recover those keys. The same is true about many kinds of Internet commerce that have been proposed: the feasibility of microbuck or millicent payments relies upon a very lean mechanism to conduct commercial transactions. Mandatory key recovery could effectively eliminate entire segments of the digital economy."

"Because of the importance of maintaining access to historical records and ensuring the ability to comply with access to information requests, it may be in the public interest to require the government itself to adopt a mandatory key escrow or key recovery paradigm."

Canadians should be able to keep secrets from the government, but not the other way around.

David Jones is a computer science professor at McMaster University,
and president of Electronic Frontier Canada.

Copyright © 1997 by David Jones. All Rights Reserved. Reprinted with permission.