Stewart Baker
(sbaker@steptoe.com)
Michael Hintze
(mhintze@steptoe.com)
November 1997
Attached below is the section dealing with encryption from the report of the President's Commission on Critical Infrastructure Protection.
Much is being made of the fact that the report recommends the use of key recovery encryption systems. However, these relatively brief references to key recovery (just over a page out of a 102 page report and 74 pages of appendices) appears to be more a dutiful repetition of Administration policy than a thoughtful analysis of the hard issues. For example, there is no real discussion of why key recovery is preferable and there is no comparison of the relative merits of key recovery systems versus non-key recovery systems.
The full report (in .pdf format) is available at: http://www.pccip.gov/report_index.html
p. 74-75
Encryption
For electronic commerce to flourish, the information infrastructure must be secure and reliable. Protection of the information our critical infrastructures are increasingly dependent upon is in the national interest and essential to their evolution and full use. A secure information infrastructure requires the following:
- Secure and reliable telecommunications networks.
- Effective means for protecting the information systems attached to those networks.
- Effective means for authenticating communications of trading partners, assuring the integrity of data and non-repudiation of transactions.
- Effective means of protecting data against unauthorized use or disclosure.
- Well-trained users who understand how to protect their systems and data.
Strong encryption is an essential element for the security of the information on which critical infrastructures depend. Establishment of trustworthy key management infrastructures (KMIs) is the only way to enable encryption on a large scale, and must include the development of appropriate standards for interoperability on a global scale. Key recovery is needed to provide business access to data when encryption keys are lost or maliciously misplaced, and court-authorized law enforcement access to the plain text of criminal-related communications and data lawfully seized.
Neither private citizens nor businesses are likely to use the information infrastructure on a routine basis if they lack confidence that their communications and data are safe from modification or unauthorized access. To ensure public confidence in key recovery, stored decryption keys must receive the same sort of legal protections that currently exist for mail, telephone communications, and electronic communications, including e-mail. To fairly balance the competing equities of privacy, electronic commerce, national security and law enforcement, and to ensure public confidence, the following are necessary:
- The public should be free to select an agent to issue digital signatures or to serve as a key recovery agent.
- Law enforcement agencies should have lawful access to the decrypted information when necessary to prevent or detect serious crime. Procedures for judicial review prior to granting government access must be defined in law.
- Individual rights of redress when access is abused should also be defined in law.
We Recommend:
Expediting the several government pilot projects underway or recently announced as a means of testing the technical and policy concepts involved and building public confidence and trust with the KMI key recovery approach. Further, the Administration should promote efforts to plan for the implementation of a KMI that supports lawful key recovery on an international basis. Finally, the federal government should encourage efforts by commercial vendors to develop key recovery concepts and techniques.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.
For further information please contact L. Benjamin Ederington on Tel: + 202-429-6411, Fax: 202-429-3902 or E-mail: bedering@steptoe.com
