Escrow: Bad for E-Biz
As federal lawmakers try to line up support for a new key escrow system for encryption software, concern is growing within the cryptographic and security communities that such a measure would not only weaken the countrys defenses but hamstring its e-commerce and banking systems as well.
The main proposal in the governments effort, drafted by Sen. Judd Gregg, R-N.H., seeks to essentially build a back door into all encryption software by requiring users to submit a copy of their private keys to the government or other so-called trusted third party. Such keys would be readily available to law enforcement and intelligence officials during investigations and would allow them to decrypt messages at will.
Greggs proposal is part of a broader effort by the Bush administration to tighten physical and electronic security in the aftermath of the terror attacks on New York and Washington three weeks ago. U.S. Attorney General John Ashcroft is pushing a sweeping anti-terror bill that, among other things, proposes expanding law enforcements wiretapping abilities to allow for more digital surveillance of suspected terrorists.
As for Greggs key escrow proposal, cryptographers and other security experts say it is a flawed idea. In addition to it being impossible to implement on a wide scale, the damage to the "trust" factor for online business-to-business commerce and e-commerce in general would be staggering.
Critics are also quick to point out that no evidence has surfaced that the terrorists who perpetrated the recent attacks used encryption. And they contend there is little chance that terrorists willing to conduct brazen suicide attacks would abide by a law requiring them to provide authorities with a copy of their private keys.
But the most oft-cited argument against new limitations on encryption software is the potential chilling effect it could have on the nations e-commerce system. "Encryption makes e-commerce work," said William Whyte, director of cryptographic research at Ntru Cryptosystems Inc., in Burlington, Mass. "It makes the stock markets work. Youre restricting e-commerce [by restricting encryption]. E-commerce depends on people having trust in their systems, and they cant have that trust without encryption."
Nearly every online marketplace and trading site on the Internet relies on encryption to ensure the integrity of its financial data, as do online banking sites. Many in the financial services industry attacked Greggs plan as unworkable.
"How will they handle the private keys of each individual [public-key infrastructure]? What happens at key recovery?" asked one security specialist for a large investment company who asked to remain anonymous. "I doubt it will happen. Youd have to send an updated private key each time. [Thats] massive amounts of data and storage."
There is also the question of how to secure the system holding the millions of private keys. If such a system were ever breached, the results could be disastrous.
Greggs proposal, which has also drawn the ire of several of his colleagues in the Senate, has many in the cryptographic community recalling the governments past attempts at regulating the sale and manufacture of encryption software.
"I thought we got beyond the government doing this," said Bruce Schneier, chief technology officer of Counterpane Internet Security Inc., in Cupertino, Calif., and a noted cryptographer. "The problem isnt cryptography. If you think it is, youre not paying attention. This is dangerous. It could certainly affect the security of e-commerce and reduce the amount of people who do things like that online."
Aides say Gregg has discussed the proposal with several other senators and Ashcroft and believes that it has a solid base of support.
"He hasnt even really discerned how it will work yet," said Brian Hart, an aide to Gregg. "He wants a quasi-judicial entity appointed by the Supreme Court to oversee this and hold the keys. He doesnt want law enforcement to hold the keys. We dont need some sheriff giving the key to his buddy. It may be that we just go to each individual and borrow the key for 10 minutes when we need it."
Still, the possibility of governmental regulation of cryptography also has some vendors wondering where that would leave them and their products.