Forwarded From: Raj Mathur <raju@sgi.com>
http://www.wired.com/news/news/politics/story/16623.html
Crypto Setback in Vienna Reuters
4:50 p.m. 3.Dec.98.PST
WASHINGTON - Clinton administration officials said Thursday they have
persuaded other leading countries to apply the same strict export controls
on computer data-scrambling products as they apply to weapons.
At a meeting on Thursday in Vienna, the 33 nations that have signed the
Wassenaar Arrangement limiting arms exports -- including Japan, Germany,
and Britain -- agreed to impose controls on the most powerful
data-scrambling technologies, including for the first time mass-market
software, US special envoy for cryptography David Aaron told Reuters.
The United States, which restricts exports of a wide range of
data-scrambling, or encryption, products and software has long sought
without success to persuade other countries to impose similar
restrictions.
"We think this is very important in terms of bringing a level playing
field for our exporters," Aaron said.
Leading US high-technology companies, including Microsoft and Intel, have
complained that the lack of restrictions in other countries hamper their
ability to compete abroad. The industry has sought to have US restrictions
relaxed or repealed, but has not asked for tighter controls in other
countries.
Privacy advocates have also staunchly opposed US export controls on
encryption, arguing that data-scrambling technologies provided a crucial
means of protecting privacy in the digital age.
"It's ironic, but the US government is leading the charge internationally
to restrict personal privacy and individual liberty around the world,"
said Alan Davidson, staff counsel at the Center for Democracy and
Technology, a Washington-based advocacy group.
Members of the Global Internet Liberty Campaign issued a statement in
September to the 33 participating states of the Wassenaar Arrangement
calling for the removal of encryption export restrictions from future
revisions.
"It is true that crypto used to be an esoteric field really only of
interest to military and spy agencies," said David Jones, director of the
Electronic Frontier Canada, in an interview last month. "[But] all of that
is changing now as people correspond over great distances through the
Internet and their personal communications are traveling through God knows
what computers."
Special envoy Aaron said the Wassenaar countries agreed to continue export
controls on powerful encryption products in general but decided to end an
exemption for widely available software containing such capabilities.
"They plugged a loophole," Aaron said.
The new policy also reduced reporting and paperwork requirements and
specifically excluded from export controls products that used encryption
to protect intellectual property -- such as movies or recordings sent over
the Internet -- from illegal copying, Aaron said.
Encryption uses mathematical formulas to scramble information and render
it unreadable without a password or software "key." One important measure
of the strength of the encryption is the length of the software key,
measured in bits, the ones and zeros that make up the smallest unit of
computer data.
With the increasing speed and falling prices of computers, data encrypted
with a key 40 bits long that was considered highly secure several years
ago can now be cracked in a few hours. Cutting-edge electronic commerce
and communications programs typically use 128-bit or longer keys.
Under Thursday's agreement, Wassenaar countries would restrict exports of
general encryption products using more than 56-bit keys and mass-market
products with keys more than 64 bits long, Aaron said.
-o-
Subscribe: mail majordomo@repsec.com with "subscribe isn".
Today's ISN Sponsor: Repent Security Incorporated [www.repsec.com]
Received on Tue Dec 8 08:57:47 1998