Piecing Together the Encryption Puzzle


No one issue currently galvanizes the Internet community quite so much as the Administration's encryption policy. "Key recovery" has become the mantra of FBI Director Louis B. Freeh, as well as many in Congress. Like the Internet itself, the state of encryption regulation today accurately can be described as in "flux."

Let's Start With the Basics

  • All encryption items must receive a license or license exception before export to any country other than Canada.

  • No license is required for domestic use. (In the world of export regulation, both the U.S. and Canada are considered "domestic" -- though don't tell the Canadians.)

  • An encryption item is, quite simply, any commodity, software or technology with encryption features, except certain items designed for military application, which are treated separately under the regulations.

Late last year, President Clinton, in a move ostensibly intended to facilitate export of encryption software, transferred primary responsibility for approval of exports of encryption items from the State Department to the more trade-friendly Bureau of Export Administration (BXA), which is part of the Department of Commerce. Until the move, all encryption items were considered munitions.

However, at the same time, in what can be described as "giving with one hand while taking away with the other," the President established a more extensive inter-agency review of all encryption export requests, which effectively gives "veto" power to the FBI and National Security Agency.

  • The NSA so far has put forward a friendly public face, in sharp contrast to its past hyper-secretive image. It is the "good cop" to the FBI's "bad cop." In addition, its experts -- perhaps from their own extensive experience with use of encryption -- typically understand the products submitted for review, which facilitates communication and frequently makes extensive elaboration unnecessary. Largely as a result of that expertise, NSA tends to be the most active participant in the review process.

  • The FBI, on the other hand, remains squarely in the Luddite camp, largely lacking in technical expertise and behaving as if it hopes to awaken one morning to find that demands of companies and individuals for encryption technology have disappeared. Not surprisingly, the FBI is the cause of much of the delay experienced by companies seeking export approval.

Lest one be misled, however, there should be no doubt that NSA and FBI work in tandem, with each committed to the Administration's overall policy of control. Indeed, frequently it will be NSA that floats "suggestions" to industry designed to meet "anticipated" FBI objections. Many times, particularly if a suggestion is not expressly required in the regulations, the wise response is to do nothing. As often as not, NSA does not pursue the matter and issues the approval anyway.

What do the Regulations Require?

Currently, the Administration has adopted a policy of generally approving exports for encryption of 40 bits or less with little ado. Moderate encryption, between 40 bits and 56 bits, is in a gray zone, with the regulations formally requiring adoption of a key recovery plan that the exporter or manufacturer has to commit to implement within two years.

Export of encryption items containing encryption of over 56 bits requires adoption of a key recovery structure prior to export. The regulations impose no limit on key length for these key recovery items, and, in fact, the BXA approvals typically do not contain a key length limitation. However, to date, we are aware of only one company (our client, NetDox) to have received approval for a product containing encryption of as high as 256 bits.

Certain types of encrypted information may not be subject to these controls. For example, encryption software designed solely to protect credit card numbers as part of commercial Internet transactions, to encrypt sound recordings that are downloaded for a fee, or to authenticate users is not subject to these restrictions.

Lately, BXA has announced new exemptions from the key recovery requirements for financial institutions. Thus, banks, brokerages and similar enterprises can communicate internally among international branches and offices without need for key recovery measures. (FBI Director Freeh has characterized this plum as a reward for financial institutions' history of cooperation with law enforcement.) Importantly, institutions can use this exemption only for financial transactions; other types of transactions or communications with clients or other third parties still require key recovery.

Apart from these exemptions, encryption items (both the weaker non-key-recovery and the stronger key- recovery items) are approved for export under what is called a license exception. In other words, because the product meets the criteria set forth in the regulations, no license is needed. Of course, there is no way to know whether a license exception is applicable without seeking a ruling from BXA and the interagency review committee.

Items not meeting the standards for a license exception can only be exported with a license. BXA says that applications for licenses are considered on a case-by-case basis. The truth is: don't hold your breath. If you don't get a license exception, you likely won't be able to export.

BXA says that the process of requesting confirmation of the applicability of a license exception is supposed to take 15 days. In reality, requests have been pending with the agencies for up to four times as long. In response to a howl of industry protest, BXA head William Reinsch has promised to speed up his agency's performance, and, in fact, matters have improved. However, much of the delay lies beyond his control, and is attributable to other agencies' involvement in the process.

Key Recovery

"Key recovery" are perhaps the two most distasteful words to the Internet community. (Well, perhaps a close third to "key escrow" and the infamous "Clipper Chip.")

What is key recovery? The answer is not as simple as you may think.

Usually, when people think about key recovery, they believe that the private key necessary to decrypt itself must be turned over to the government pursuant to a lawful subpoena or other court order. As we have proven on behalf of one client, that is not necessarily the case.

The client in question offers a product using two layers of encryption. We obtained approval of a unique system through which the client, acting as key recovery agent, decrypts the strong, outer layer of encryption upon lawful request and presents the requesting party with the underlying information. The key itself is never turned over. In addition, because of the dual character of the encryption, the underlying information itself remains encrypted with the inner, weaker (40 bit) layer of encryption. The government then decrypts this inner layer on its own.

What is a key recovery agent?

A key recovery agent is a person or entity approved by the government who has access to and control over information necessary to decrypt encryption. All key recovery items must have a key recovery agent.

You can be your own key recovery agent. However, all key recovery agents must meet stringent criteria established by BXA and designed to ensure the agent's trustworthiness. Companies serving as their own agent may face more exacting scrutiny.

It is important to know, particularly in the topsy-turvy world of Internet companies, that changes in ownership or control of the key recovery agent must be reported to BXA before exports under a key recovery scheme tied to that agent can continue. For example, if your company acts as its own agent, and it is acquired by another entity, it must notify BXA and certify continued compliance with the required standards before continuing export of the key recovery item.