The Role of the Government in Encryption Policy Remarks before the House Science Committee Subcommittee on Technology Dorothy E. Denning Georgetown University November 26, 1996 Thank you for the opportunity to be here today to share with you my views on the role of the federal government in encryption policy. It is vital to the country that the government carefully consider, with the private sector, encryption policy, and to that end, I applaud the work of this subcommittee in sponsoring this briefing, the efforts of the Administration's interagency working group on encryption policy, the extensive and thoughtful study performed by the National Research Council, and the efforts of other Congressional committees. I will focus on the use of encryption for confidentiality protection as there does not seem to be much controversy over its use for authentication and digital signatures. I will discuss seven areas where I believe the government should take action. First, the government should buy and use encryption products to protect sensitive information. These products must provide strong confidentiality protection. In addition, they must provide a key recovery mechanism for recovering lost or damaged encryption keys and for facilitating internal investigations of corrupt employees. The government, like any other business, cannot afford to leave sensitive data vulnerable either to unauthorized access or to loss of authorized access, or to allow its employees to engage in activity with total secrecy and no accountability. Royal Dutch Shell, which uses encryption around the world, uses key recovery methods for all their stored data and communications. IBM has stated that "a number of information technology users have begun to view key recovery techniques as a possible solution to their concerns about the loss, destruction, or compromise of keys that they hold today and the associated costs they absorb in managing those keys." Second, the government should use commercial off-the-shelf encryption products to the extent possible. Such products will be considerably less expensive than custom products developed just for the federal government. They will enable the government to adopt new technologies as they become available in the commercial sector. To ensure the availability of COTS products, the government must work closely with industry and participate in industry-led standards groups to ensure that industry standards are responsive to government requirements. Standards adopted by the government for internal use should be based on industry standards to the maximum extent possible. In addition, the government's funded research program should be directed towards meeting requirements for both confidentiality and data recovery. Third, because encryption can undermine law enforcement, public safety, and national security interests by giving terrorists and criminals a tool for making their communications and stored records immune from lawful government access, and because key recovery systems offer an antidote to that while also providing important security and accountability benefits, the government should take reasonable steps to encourage the development of products with key recovery capabilities over those without. The government's approach has been to do this by adopting key recovery for its own use and by liberalizing export controls for products with key recovery. This is preferable to domestic regulations, which could be overly burdensome, objectionable to many, and not cost effective. Because many customers will want key recovery to protect their own assets, manufacturers could elect to incorporate the key recovery features needed for export into a single product line for both domestic and international sales. Thus, the majority of U.S. products, whether sold in the domestic or foreign market, could accommodate government access in investigations of criminal activity. Fourth, the government's actions should ensure the economic strength of the nation and the economic competitiveness of U.S. business. To that end, regulations on encryption must not be so onerous that they prohibit U.S. business from competing here or internationally with foreign companies. Export reviews must be expeditious, and transfer of jurisdiction to the Commerce Department should facilitate the licensing process. Recent announcements by Hewlett-Packard, Microsoft, Intel, Trusted Information Systems, and other companies suggest that industry will be able to develop and export competitive products. The U.S. is not the only country with export controls; indeed, many have import controls as well. HP's International Cryptography Framework is one way of addressing these various regulations while also providing the cryptography needed by business for secure international commerce. Because U.S. companies are aggressively pursuing international approaches and approaches based on key recovery, and because key recovery is recognized by many governments and businesses as the best approach to date, U.S. companies are likely to be major players in the international market. The bills introduced in the House and Senate last year to lift export controls, of course, would also have helped industry compete internationally. However, they likely would have unnecessarily harmed law enforcement interests here and abroad. Although the Administration's approach does not give industry as much flexibility, it provides enough for U.S. business to be a strong player in a market which is increasingly moving toward key recovery methods. Fifth, given that the government is using key recovery services and promoting their use by others, the government should do what it can to make sure that the services do not compromise legitimate security and privacy interests. This can be accomplished by developing, with industry, standards for operating key recovery services, which would include requirements for security and for auditing. The government should adopt legislation penalizing the unauthorized use or release of keys. Legislation should also be adopted to protect key holders from liability claims when keys are properly released. The conditions and procedures under which keys can be released to the U.S. government or to any foreign government should be made public. Sixth, the government should encourage and participate in international organizations and conventions aimed at adoption of encryption policies and standards that support global electronic commerce while also accommodating legitimate law enforcement interests. The OECD guidelines on cryptography policy, which the Administration has been actively involved with, are a good first step. Seventh, the government should establish mutual law enforcement assistance agreements with other governments so that foreign purchasers of U.S. products can use key recovery services in their home country and vice-versa. These agreements must protect U.S. citizens and businesses from espionage by foreign governments, for example, by permitting or requiring the U.S. government to review keys or plaintext released to a foreign government in support of an investigation into U.S. persons or businesses. In this regard, I am encouraged by the appointment of Ambassador David Aaron as Special Envoy for Cryptography. What I have outlined is for the most part the policy of the Clinton Administration. I believe the Administration has been moving forward with encryption policy in a way that can accommodate our interests as a nation in information security, national security, privacy, economic competitiveness, public safety, and law enforcement. At the same time, the market has been moving in the direction of key recovery to protect business interests. These factors together are leading to a workable arrangement that will give users the security they need and industry competitive products.