DEVELOPER CAMP

Tales from the Crypt

Simson L. Garfinkel

Privacy of personal and business communications and security from being overheard are two features demanded by computer users in the 1990s. But two U.S. government bureaucracies don't want the best technology to find its way into the hands of U.S. citizens and companies.

One of the most eagerly anticipated features of NeXT-STEP 3.0 was encryption for electronic mail and files. The promise was that any NeXTSTEP user anywhere in the world would be able to send a private, secure e-mail message to any other NeXTSTEP user. The message would be unreadable by anyone but the intended recipient, so if the message accidentally got bounced into some postmaster's mailbox Ð or intercepted by a corporate spy Ð no damage could be done.

NeXT's Fast Elliptic Encryption technology works. It works so well, in fact, that Uncle Sam won't let NeXT export it.

Under current U.S. law, the State Department has an absolute veto over the export of any computer program that lets a person encrypt or decrypt a message. The law Ð a holdover from the Cold War Ð places PC programs that allow encryption in the same category as munitions.

The irony is that federal law allows the free export of books and magazine articles describing encryption algorithms; it's only programs using those algorithms that can't be sent overseas. These export restrictions translate directly into lost sales for U.S. companies.

The State Department restrictions on cryptography stem from recommendations of the National Security Agency (NSA), a part of the Department of Defense so secret that even its budget is classified.

It is widely believed that the NSA monitors between one and ten percent of all international telecommunications activity originating within the United States.

If U.S. companies used good encryption technology to communicate with their overseas subsidiaries, it would make the NSA's job of monitoring those communications much more difficult.

"The NSA has a job to do," says Jim Bidzos, president of RSA Data Security in Redwood City, California, a vendor of encryption systems. "It sees the uncontrolled proliferation of good cryptography as the biggest threat to its mission.

This July, the Software Publishers' Association (SPA) cut a deal with the NSA to allow the export of mass-market computer programs that performed encryption with RC2 or RC4, two cryptographic algorithms also developed by RSA Data Security. But the deal is really a sham: Under the agreement, the key size is limited to 40 bits. That's more security than a Captain Crunch decoder ring Ð but not much more. A network of 1000 NeXTstations could forcibly decrypt a message encoded with RC2 and a 40-bit key in less than three days.

"It's not as bad as it sounds," says Bidzos. But, he adds, "if I were a using a product [with a 40-bit key], I wouldn't put anything in there that was extremely sensetive. People can escrow your messages Ð store them away Ð and break them in a few years, when 40 bits is trivial."

The sad fact is that the NSA won't let U.S. companies export any cryptographic system that the agency itself can't break. But computers are evolving quickly. If the NSA can break a code today, your competitors can tomorrow.

The SPA deal came too late for NeXTSTEP 3.0. But it might not even matter: Many people inside NeXT seem to feel that no encryption would be better than bad encryption. So don't expect to see encryption in NeXTSTEP anytime soon. And if you're a NeXTSTEP developer in the United States, don't put encryption capabilities into your products unless you plan to offer a version without encryption for sales overseas. Alternatively, you can move your development operations to Europe Ð where there are no such restrictions Ð and export software to the United States.

While the NSA is trying to keep software that provides mathematically secure communication from being exported, the FBI and the Attorney General are trying to prevent the dissemination of secure communications systems within the country.

The issue is wiretapping. Ever since 1968, the FBI has been legally allowed to wiretap telephones if it first obtained a court order. But rapid advances in telecommunications technology are making it harder and harder for those orders to be carried out.

To prevent that from happening, the FBI early this year introduced a "Digital Telephony" proposal that would require makers of communications systems Ð everything from telephone switches and fax machines to computers Ð to build provisions for wiretaps into their systems. The newest draft of the legislation, being privately circulated by the Office of Management and Budget, essentially requires companies that sell both hardware and software to make their systems "wiretap ready."

The FBI's proposal directly applies to NeXTSTEP programs like Mail and Adamation's LiveWire. Why? Because right now, two individuals negotiating a drug transaction could circumvent an active wiretap by conducting their conversation over a modem with two NeXTstations. Even if the FBI recorded every modem blip, piecing together the text of the conversation from a sea of protocols would prove to be formidable task.

Civil libertarians are charging that making wiretaps easier for the FBI will make it easier for industrial spies as well. Furthermore, says Marc Rotenberg, director of the Washington, DC, office of Computer Professsionals for Social Responsibility, "the FBI has mischaracterizied the legal status of wiretap authority. It is an investigative method of last resort. To treat it as a design goal of first priority is to stand the law on its head."

"The cat is already out of the bag," says Mitch Kapor, founder of the Electronic Frontier Foundation. "There are 80 million PCs, and uncounted tens of thousands of software packages, all of which are capable of play-ing a role in communications. Given that we have mathematical ways of making totally secure communications, how is law enforcement going to be able to do its job? That's a profound question for which there aren't ready answers at hand."

Simson L. Garfinkel, a NeXTWORLD senior editor, is coauthor of NeXTSTEP Programming (Springer-Verlag, 1992).