Forwarded From: phreakyat_private From: http://www.newsbytes.com/pubNews/123032.html Different Algorithms For Different Folks 14 Dec 1998, 4:27 PM CST By Robert MacMillan, Newsbytes. WASHINGTON, D.C., U.S.A., The acting chairman of the President's Export Council Subcommittee on Encryption today told Newsbytes it soon plans to release recommendations on lifting strong encryption technology export restrictions for online commerce purposes. Chairman Stewart Baker, a partner at Washington, D.C., law firm Steptoe & Johnson, said the encryption policies espoused by the Clinton administration are somewhat confusing, because they are in a state of flux. Encryption restrictions on online shopping and other types of electronic commerce soon will grow weaker, he also said. "(The administration) announced that they were going to lighten up the regulations for financial institutions almost a year ago," Baker said. "It took them nine months to get the regulations out. They were issued just before another announcement that they were going to lighten up on another sector, in this case, online merchants." As the process for setting encryption policy currently stands, the administration typically announces changes to the regulations that govern the export of encryption technology. Those changes are then implemented some time later. In the current setup, official White House policy currently allows private communications and many non-business functions that span international borders to be protected with nothing stronger than 56-bit algorithms. White House policy also enables protection for international banking, healthcare and financial transactions with any level of encryption strength, including 128 bits and above. Before last year, a "key escrow" policy with the Department of Commerce was mandatory, Baker said. This meant the US government would hold a third key it could use to unscramble highly encrypted communications if it had sufficient cause. By the end of the month, the online commerce industry is expected to receive the government's blessing to protect their international transactions with 128-bit and stronger encryption. Encryption technology that protects online communications usually is measured by the number of bits that are contained in the scrambling algorithm used to protect the communication. The Clinton administration limits the export of certain stronger types of encryption technology on the advice of the National Security Agency and other law enforcement groups, chiefly because of the terrorist threat they consider inherent in unrestricted scrambling of private communications. Baker said that the recent signing of the Wassenaar Arrangement will change almost nothing in the international encryption export scene for online business and other industry sectors with the 128-bit blessing. "It's as close to irrelevant as you can get," Baker said, although he added that for international consumers looking for strong encryption for their personal communications, it will reduce their choices. Baker said the Wassenaar Arrangement was Undersecretary of Commerce David Aaron's attempt, on behalf of the US government, to fill in some legal loopholes that allowed countries outside the US to trade in strongly encrypted personal communications software. Companies like Microsoft Corp. [NASDAQ:MSFT] had complained that their inability to export strong encryption technology for personal use would hurt their and the US software industry's competitive edge in the global marketplace. Under the Wassenaar terms, which were signed by 33 countries including the UK, Germany and Japan, personal communication encryption technology is restricted to 64 bits. The upcoming relaxation in online commerce crypto export controls should, in spite of the tighter personal restrictions from Wassenaar, provide a better incentive for the European Union and other countries and trade groups to pursue electronic commerce opportunities with the US, Baker said. -o- Subscribe: mail majordomoat_private with "subscribe isn". Today's ISN Sponsor: Repent Security Incorporated [www.repsec.com]
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:13:52 PDT