Declaration on Encryption Policy

Dorothy E. Denning

June 6, 1997

A recent article by Will Rodger in Interactive Week led some to speculate that I might "switch sides" on the encryption issue. This updated declaration is an attempt to clarify my position, which has not changed but is often misinterpreted.

Encryption policy is an extremely difficult area. I constantly struggle with the issues myself and do not have the answers. I accept that reasonable people can disagree on these issues. The challenges are beautifully illustrated by the juggling figure in the excellent and thoughtful report from the National Research Council, Cryptography's Role In Securing the Information Society (the CRISIS report). The issues are sufficiently rich that to peg people as belonging to one of two sides misses the mark entirely.

I support efforts to develop approaches to encryption that meet requirements for information security yet do not deny government access under a court order or other legal authorization. I support these efforts out of a concern about the long-term impact of encryption on the ability of law enforcement agencies to successfully prevent, investigate, and prosecute criminal and terrorist acts. Strong encryption is certainly needed to protect information from criminals and terrorists, but it also can be used to facilitate their activities.

I acknowledge that systems which allow government access have potential costs and risks. I support efforts to find approaches that minimize these costs and risks. In my assessment, the Clipper chip offered a working example of a key escrow encryption system that provided an extremely high level of security and low level of risk. However, it was expensive and did not offer a public-domain software solution or address the data recovery needs of business or a global economy. Some of the approaches that are coming out of industry now appear to offer strong security at reasonable cost and with features that address business requirements.

I support programs that encourage the development and use of key recovery systems (a.k.a. key escrow and trusted third party systems), including the pilot key recovery projects in the United States and elsewhere. These programs will enable us to test these systems to determine if they can provide high levels of security at reasonable costs and to assess their impact on crime and terrorism. Policy decisions should be based on hard data rather than speculation to the extent possible. If key recovery does not deliver sound, safe, and cost-effective solutions to problems facing business and society, that will be cause for rejection. I support the efforts of those who are working to develop standards for secure and safe key recovery.

I support the efforts of those who seek alternative approaches to providing government access. There may not be a single approach to encryption policy that is best in all contexts. The Administration's decision to allow exports of non-recoverable encryption of unlimited key lengths for financial applications is a good example of an approach adopted for a particular context. In certain contexts, link encryption may also offer a good approach.

I have supported and generally continue to support the steps the Clinton Administration has taken to liberalize export controls and promote the use of both strong encryption and key recovery technologies. I believe the Administration's initiatives have been reasonable and honest attempts to respond to feedback from industry and individuals while responsibly addressing encryption policy.

I also support the efforts on the part of industry, individuals, and advocacy groups to provide information relevant to encryption policy decisions, including information about the impact of export controls on business and information about the capabilities and limitations of encryption and key recovery systems.

I support open, public discussions of and challenges to encryption policy. I also recognize that pertinent information relating to national security, law enforcement, and proprietary interests will not be made public. Encryption policy must be based on all available information.

I do not recommend domestic restrictions on the use encryption within the United States. I do not believe that the current use of encryption by criminals and terrorists justifies the mandatory use of key recovery systems or other systems which afford government access.

I do not know what the future will bring and whether a time may come when the impact of encryption on law enforcement and public safety is such that domestic restrictions on encryption merit our serious deliberation. If we ever reach that stage, it will be important to have working and tested solutions at our disposal and to know their costs, benefits, and risks.

Above all else, I advocate that our decisions on encryption policy be based on thoughtful, reasoned, and well-grounded arguments and as much hard data as possible.

Dorothy E. Denning