Monday, August 3, 1998

Encryption plan targets export restriction

by Brett Mendel

They may no longer have the keys, but they can still come knocking on the door.

So would be the case under the "private doorbell" proposal put forth last month by a group of 13 networking companies spearheaded by Cisco Systems. The initiative would replace the U.S. government's current export policy, which requires compliance with the much-criticized "key escrow" system for American encryption products of stronger than 40-bits.

Instead, such restrictions would be eliminated from U.S. exports, while the government would retain the ability to access suspicious data, similar to the government's method of wiretapping to eavesdrop on telephone calls.

The plan, which involves features in existing hardware that let network administrators turn off network-level encryption, has users and experts fearful that this could open networks unnecessarily to both the government and the unsavory elements being kept out in the first place.

"There's still the possibility of a network administrator or someone else unencrypting data. Does that not defeat the whole purpose of the encryption process?" asked Bill Clapes, director of franchise systems at AFC Enterprises Inc., a restaurant chain based in Atlanta. The company uses a virtual private network to secure Internet-transmitted communications between headquarters and 450 domestic and international franchises.

Private doorbell was created in response to an even less attractive policy, argue backers of the proposal. In order to export any product with greater than 40-bit en- cryption, manufacturers must agree to "key escrow", a system whereby federal authorities can access all private keys.

Such arrangements have been spurned largely by foreign and U.S. companies alike, say encryption industry experts. "If you give private keys to the government, what guarantees do you have that they will not be misused at some point?", asked Jim Balderston, industry analyst at Zona Research Inc., a consultancy in Redwood City, Calif. "The federal government is not really good at keeping secrets."

American made

As a result, companies outside the U.S. have been left with either inferior American products or a growing selection of foreign-made products using algorithms as strong as 128-bits, neither of which are subject to key escrow.

In exchange for lifting all demands on key escrow, the government would still be allowed to tap a company's network. With features that the manufacturers claim already exist in their products, network administrators would be able to turn off encryption for a given data stream if presented with a court order to do so.

For example, the "clear zone" capability in Cisco's routers allows selected areas of data to go unencrypted based on criteria such as an IP address. Then, government authorities with court-approved permission could then peer in on plain-text data in real time as it passes through the router.

Although nothing is preventing the government from gaining access this way today-key escrow or not-proponents say the doorbell policy would standardize such procedures.

"Different [manufacturers] had different ways of doing it", said Dan Scheinman, general counsel at Cisco in San Jose, Calif. "This allows for a common approach to the problem."

Such a compromise allays government fears that illicit activity can be hidden in virtually uncrackable code while network security is controlled by administrators, say backers of the plan.

However, experts wonder whether the doorbell approach still gives away the keys to the kingdom without much in return.

"Private doorbell is not a compromise, or a middle solution, or a new idea. This is key escrow. It's in the network, but it's the same thing", said Bruce Schneier, a cryptographer and president of Counterpane Systems Inc., a consultancy in Minneapolis. "It addresses the government's desire to eavesdrop and does not solve any business need."

Such a policy, say Schneier and others, illustrates the new reality that federal investigators may be increasingly interested in data passing through private networks - a situation that involves the active participation of network administrators.

Arguments against

"I don't like it", said Tim Trudeau, network security analyst at ProActive Megabyte Solutions Inc., an integrator specializing in network security in Kanata, Ontario. "All of a sudden the network administrator becomes the scapegoat if anything goes wrong."

Private-doorbell advocates counter that the proposal is analogous to the telephone world, where wiretaps are still uncommon and hard to get. Less than 1,000 warrants were issued for communication in transit last year, the large majority of which were for voice transmission, said Cisco's Scheinman.

The doorbell plan is protected from further government abuse because of its real-time nature, say others. That is, authorities can capture only live data rather than capturing data first and obtaining a search warrant later.

Furthermore, the proposal applies only to products shipped overseas. Managers of networks in the United States can obtain greater than 40-bit encryption without key escrow, and are just as subject to search warrants in the future as they are today.

But even those who praise the doorbell plan are wary of the government's intentions. "Network wiretapping probably happens infrequently, but the government anticipates it will need to do it more in the future", said Jim Bidzos, president of RSA Data Security Inc., a manufacturer of cryptography software in San Mateo, Calif., that is not a member of the doorbell coalition.

Even if it doesn't foreshadow a police state in which investigators are beating down the doors of network managers, the doorbell plan is not without limitations. For example, it does not accommodate data that gets encrypted by end users or the network applications they use. Rather, data would have to be encrypted only in the network device in order for the plan to work.

"The only way an organization can really implement the private-doorbell concept is to prevent end users from using their own encryption prior to the traffic going to the router", said Patricia E. Gibbons, acting chief communications technician for the city of San Jose. However unlikely, such a requirement would turn companies and Internet service providers into data-recovery agents more than they should be, she adds.

"It looks to me like any organization that actually provides Internet access to an employee or subscriber becomes the traffic cop that hands out decrypts to anyone who looks appropriate", Gibbons said.

Partial solution

Even if the group's proposal alleviates the restrictions encryption placed on exported goods, proponents of the doorbell solution, by their own admission, say it is only a partial answer to a complex issue. At the least, it is slightly more secure than key escrow, and, even at the network-device level, it still encompasses the lion's share of traffic, they say.

Government meddling and conspiracy theories aside, the proposal still leaves some users uneasy about the potential impact on the overall security of their networks. "I'm less worried about legal intrusion into the network than about someone improperly abusing that authority", said AFC Enterprises' Clapes. "Encryption or not, a court order will grant a government agency access to data. But if someone else who has the right tools can access the network on a whim, the security seems like wasted money."

Added RSA's Bidzos, "If it can be turned off by the government, then can it be turned off by someone else?"

Copyright © 1998 by CMP Media, Inc. All Rights Reserved. Reprinted with permission.