1996 Congressional Hearings
Intelligence and Security



Export controls of software and hardware with encryption capabilities must be immediately modernized. Export control relief is necessary to enable American software companies to: remain competitive internationally; provide users worldwide with the tools to protect their electronic information; and continue leading the development of the Global Information Infrastructure.

The computer software industry is an American success story. It is one of the country's fastest growing and most internationally competitive industries. Our mass market software products currently have a 75% worldwide market share.

But existing unilateral U.S. export controls on software with encryption capabilities directly threaten to end this story. American software companies are forced to limit the strength of their encryption to 40-bit keys despite the fact that:

- the current world benchmark is the Data Encryption Standard (DES) with 56-bit keys;

- hundreds of alternatives are available from foreign manufacturers and off the Internet (about half use DES, and an NTT Triple-DES chip and 128 bit PGP is also available); and

- 40-bit encryption is susceptible to commercial attack.

In order to keep U.S. software companies on a level international playing field and permit computer users to properly protect their electronic information it is necessary to immediately:

- permit the export under a DOC general license of software programs using the DES algorithm with 56-bit keys (and other algorithms at comparable strengths);

- automatically increase key lengths to keep up with computer power advances via a Cost of Cracking Adjustment (or "COCA");

- broaden existing licensing for programs using even stronger encryption (e.g. 128 bits for financial applications); and

- remove remaining controls on crypto API's, non-confidentiality uses of cryptography, the personal use of encryption by Americans abroad, and by U.S. multinational corporations.

Importantly, the recent National Research Council's CRISIS Report echoes these views and provides critical independent support for export control relief.

BSA strongly supports pending legislation on H.R. 3011 (the SAFE Act) because it provides the needed export control relief. The bills recognize that the U.S. should not try to control the export of generally available software because it is uncontrollable. It also provides for the export of DES-level custom software and hardware products. But the Administration can and should change current policies on its own.

Key escrow encryption is not the Holy Grail. Instead key recovery_ encryption for stored data promises to address both commercial demand for recovering encrypted data when keys are lost and law enforcement demands for access to encrypted data in criminal investigations. But it is going to take a long time to sort this out. There are many questions that must be addressed. What is clear is that such systems must result from a user-driven, market-led process. It cannot be a mandated, governmentdesigned, top-down, one-size-fits-all

solution.Good Morning. My name is Melinda Brown and I am Vice President and General Counsel of Lotus Development Corp. with headquarters in Cambridge, Massachusetts. Lotus develops and sells business software including such highly popular programs as Lotus Notes.

I greatly appreciate the opportunity to appear today before this Committee on behalf of the Business Software Alliance (BSA). The Business Software Alliance promotes the continued growth of the software industry through its international public policy, education, and enforcement programs in 65 countries throughout North America, Europe, Asia, and Latin America. BSA worldwide members include the leading publishers of software for personal computers including Adobe, Autodesk, Bentley Systems, Lotus Development, Microsoft, Novell, The Santa Cruz Operation, and Symantec. BSA's Policy Council consists of these software publishers and other leading computer technology companies including Apple Computer, Computer Associates, Digital Equipment Corp., IBM, Intel, and Sybase.

But we really are here today to speak on behalf of the tens of millions of users of American software products. The American software industry has succeeded because we have listened and responded to the needs of computer users worldwide. We develop and sell products that users want and are willing to pay for. We have no ability to force users to buy what they don't want.

One of the most important features computer users are demanding is the ability to protect their electronic information and to securely interact worldwide. American companies have innovative products which can meet this demand and compete internationally. But there is one thing in our way - the continued application of outdated, unilateral, "munitions" export controls by the U.S. Government.

For that reason BSA strongly supports H.R. 3011, the Security and Freedom through Encryption (SAFE) Act. Right at the start I want to commend Representative Goodlatte for his vision and leadership in introducing this bill, and the other Members of this Committee who have cosponsored the bill - Representatives Moorhead, Schroeder, Coble, Barr, Bono, Lofgren, Boucher, Chabot, Frank, Heineman and Jackson-Lee. We also thank the distinguished Ranking Member, Mr. Conyers, for his support. Finally, thank you, Mr. Chairman, for holding this hearing.I also want to thank Senator Bums for introducing S.1726, the Promotion of Commerce On-Line In The Digital Era (Pro- CODE) Act and Senator Leahy for introducing S.1587. the Encryption Communications Privacy Act (ECPA) as well as recognize Chairman Pressler's strong support.

While these bills differ in some respects, they all modernize export laws regarding software and hardware with encryption capabilities thereby permitting American software companies to compete on a level international playing field and providing computer users adequate protection for their confidential information. But it also is important to remember that the Administration can on its own initiative liberalize these controls at any time.

The Importance Of The American Software Industry_

The incredibly dynamic U.S. computer software industry is an American success story.

Since 1980 the industry has grown seven times faster than the rest of the economy and today is now larger than all but five manufacturing industries. Conservative estimates are that more than 500,000 people are employed in the computer software industry alone -- more than 1.2 million are employed in the software, hardware and semiconductor industries. This economic success has fueled the R&D for new generations of products and spurred an abundance of market-leading products and choices. Today, computer users-- consumers -- enjoy unprecedented access to information that is changing the way we all live and work. A prime example is the Global Information Infrastructure, which is made possible by the software that routes information and helps the user navigate oceans of information.

The computer software industry also is one of our country's most internationally competitive. American-produced software accounts for over 70% of the world market in software, with exports of U.S. programs constituting half of many software companies' revenues. This means jobs, highly-skilled, well-paid jobs, and economic prosperity here in the U.S.The Need For Immediate Export Control Relief

1. The Importance of Encryption

Everyone agrees that strong encryption is essential to fulfilling the promise of the Global Information Infrastructure (GII). Encryption can protect the confidentiality and privacy of electronic information as well as ensure its authenticity and integrity. Without encryption, businesses and individuals will not entrust their valuable proprietary information, creative content, electronic commerce, and sensitive personal information to move over/travel within electronic networks. Those who do will risk unauthorized disclosure, theft and alteration of their information or transaction.

The widespread use of encryption is also necessary to protect our national security. Without encryption the electronic networks that control such critical functions as airline flights, health care functions, electrical power and financial markets remain highly vulnerable. Indeed, recently the nation's leading papers have paid greater attention to the possibilities of "cyberterrorism" and "infowar."

2. The Problem With Current Unilateral U.S. Export Controls

Currently there are no restrictions on the use of cryptography within the United States. However, the United States Government maintains strict unilateral "munitions" export controls on computer software -- even mass market software programs such as Lotus Notes -- which offers strong encryption capabilities. Therefore, we can provide programs with strong encryption to customers in the United States but we -- and they -- can't export those same programs. This is problematic for users because they need global interoperability and for software companies because of the additional cost of developing and selling two versions of their program worldwide to meet this user need.The inability of American software companies to supply their users worldwide with strong encryption to meet their legitimate needs for information security directly threatens the continued success of our industry. Moreover, American computer users' information remains vulnerable. Finally, and perhaps most importantly, U.S. export controls threaten to dislodge continued American leadership in developing the Global Information Infrastructure.

American software companies have been forced to continue limiting the strength of their encryption to the 1992 40-bit key length level -- despite an Administration commitment at that time to increase key lengths regularly to take into account technological and market developments. This 40-bit level ignores the facts that:

- the current world benchmark is DES with 56-bit keys;

- hundreds of alternatives are available from foreign manufacturers and off the Internet (about half using DES); and

- 40 bit encryption is susceptible to commercial attack.

3. DES-Level Strength Encryption Is The Minimum Necessary Today For Vendors To Be Competitive and User Information To Be Properly Protected

The Data Encryption Standard (DES) algorithm with 56-bit key lengths (developed by government and industry in the 1970's) continues to be the worldwide "benchmark" algorithm. It is taught in classrooms everywhere. It remains the U.S. Government's standard for unclassified confidential information. Moreover, all the proposed Internet Protocols" addressing security call for encryption at least at the DES level (recognizing the growing popularity of "triple DES" with 112-bit keys and PGP with 128-bit keys). It is essential to understand that the backbone of the Global Information Infrastructure is the Internet -- a network of networks not controlled by any one government or organization. In the last few years, American companies have recognized that they must adapt their business plans to work with theInternet, rather than instead of, or even in addition to, the Internet. Companies wishing to provide software for, or do business on, the Internet must acknowledge such standards if they are to have any chance of gaining widespread acceptance.

Continued unilateral U.S. export controls also have not been effective in restricting the availability of encryption abroad. A recent Department of Commerce study confirms the widespread availability of foreign manufactured encryption programs and products. An on-going industry study reveals that as of December 1995 there were 497 foreign programs and products available from 21 countries, 193 of which employ DES. (There are also 684 American programs and products - 330 with DES -- readily transferable abroad with a modem and public telephone line). The General Accounting Office also confirmed last year industry's assertion that sophisticated encryption software on foreign Internet sites were widely available to foreign users. Pretty Good Privacy ("PGP") - with 128-bit keys - is available for free on the Internet and is soaring in popularity.

I would like to mention just two specific examples with respect to this foreign availability of products. First, we understand that the world's largest telecommunications company -- Nipon Telephone and Telegraph (NTT) -- is about to market triple-DES chips worldwide. Some will tell you that the Japanese Government has promised our Government that they will not allow the chip to be exported: but that is not what BSA representatives were told in Japan last month and it is certainly not the approach taken in a recent edition of Japan Computing. Second, the Apache Group, based in the U.K., announced in April that its Apache Unix Internet Server software with very strong encryption now has a 29% market share.

There also can be little dispute that information encrypted at the 40- bit level no longer provides sufficient protection against even casual hackers using idle computers. Students with Ecole Polytechnique and at our own MIT have "brute force cracked" such 40-bit encryption. Indeed, a report released earlier this year by seven of the leading private sector cryptologists and computer scientists highlighted the vulnerability of 40-bit keys to commercial attack.For all these reasons, in order to keep U.S. software companies on a level international playing field and permit computer users to properly protect their electronic information. it is necessary to immediately:

- permit the export under a Department of Commerce general license of software programs using the DES algorithm with 56- bit keys and other algorithms (e.g., RC2/RC4) at comparable strengths (with unlimited key lengths for key management);

- automatically increase key lengths two bits every three years given the reality of "Moore's Law" which holds that the computing power for the same costs doubles every two years (i.e., institute a Cost of Cracking Adjustment or "COCA");

- broaden existing licensing for programs using even stronger encryption (e.g. 128bit encryption for financial applications);

- permit the export of software with "hooks," or Application Programming Interfaces, enabling foreign customers to

"plug in" whatever encryption they may obtain and use in other countries; and

- remove remaining export control restrictions on non- confidentiality uses of cryptography (i.e. key management, authorization, integrity, signatures), on the personal use of cryptographic programs abroad by American citizens, and by U.S. multinational corporations.

This is the minimum that needs to be done -- and done now!4. The NRC's CRISIS Report Echoes These Views.

As you know, a blue ribbon National Research Council (NRC) Committee has called for U.S. policies which foster the broad use of encryption technologies. The Committee's report echoes what industry has been saying for several years regarding the need for export control relief. Importantly, the Committee concluded that as demand for products with encryption capabilities grows worldwide, foreign competition could emerge at levels significant enough to damage the present U.S. world leadership in information technology products. The Committee felt it was important to ensure the continued economic growth and leadership of key U.S. industries and businesses in an increasingly global economy, including American computer, software and communications companies. The Committee called for an immediate and easy exportability of products with DES level encryption. The Committee also noted that this would have to be updated periodically.

I also want to say just a word about two other critical conclusions of the NRC's CRISIS report.

First, the Committee found that wider use of cryptography not only protects personal privacy and helps American businesses -- but it also promotes national security by protecting the civilian information infrastructure and promotes law enforcement by preventing economic crimes. The Committee found that on balance the advantages of more widespread use of encryption outweighed the disadvantages.

Second, the Committee concluded that encryption policies can be discussed and established on an unclassified basis. This is critical. All too often we in industry have heard from government that "if you knew what I knew then you would agree with us and you would not be asking for export control relief." Importantly, 13 of the 16 members of the NRC's committee had security clearances and received classified briefings. Yet they concluded that although important for specific situations, classified material is not essential for understanding current cryptography policy or how the technology should evolve.

BSA Strongly Supports Pending Legislation Because It Provides Needed Export Control Relief

The SAFE, ECPA and Pro-CODE bills recognize as a fundamental proposition that the United States should not try to control the export of something that is, in fact, uncontrollable. It makes little sense for our government to require individual validated export licenses for the export of software that is generally available by virtue of being mass marketed commercially. distributed via the Internet, or found in the public domain. Nor should computer hardware be so controlled simply because it incorporates such software. In short, if it is "out there," if it is already available to millions of people easily and readily transferable electronically, then it makes little sense to continue trying to control such exports.

Importantly, the bills do enable the Secretary of Commerce to continue controls in countries of terrorist concern or other embargoed countries pursuant to the Trading With The Enemy Act or the International Emergency Economic Powers Act.

In addition, the bills provide that if DES-level products have been permitted to be exported to foreign banks, then they should be exportable to other foreign commercial purchasers in that country. Note that the type of software and hardware we are talking about here is a "custom" product (if it were generally available it would qualify for automatic general license treatment under the bill's other provision). Because it is at least theoretically possible to control such exports, the question then occurs as to what should be the allowable level of encryption. For the reasons I explained earlier, nothing less than DES and its equivalents will do.

Once again, the bills do contain safeguards: the Secretary of Commerce is not required to permit such exports if there is substantial evidence that the software will be diverted or modified for military or terrorist use or re-exported without requisite U.S. authorization.

Finally, I do want to note that we believe the sponsors and supporters of the various bills have made a wise decision in seeking to make explicit what is now implicit under existing laws -- that there is not and should not be any restriction on the domestic use, choice or sale of strong cryptography. Some argue that it is already law because there is nothing to the contrary. That is correct -o nevertheless we believe that it is important and helpful to explicitly reaffirm the rights of Americans in this area.

Key Escrow Encryption Is NOT The Holy Grail

There has been much discussion about obtaining access to the keys with which users encrypt information. For example, it is certainly possible to envision companies or organizations wanting access to the keys of their employees so as to be able to recover encrypted information generated in the course of their work. Presumably someone within the organization, or a third party voluntarily entrusted by that organization, would hold the key. We call this key recovery encryption.

Many of our corporate customers have begun to express interest in key recovery systems. Unlike government key escrow proposals, however, the commercial demand for key recovery encryption is limited to stored data (including e-mail, which is store and send). It does not extend to communications.

Importantly, to the extent that such key recovery encryption products are widely used, then much information will be available to the government for law enforcement purposes under appropriate judicial procedures -just like physical property, including memoranda, letters, and files, is today. But users must see the value of key recovery features and want to use them. Whereas if the government mandates key escrow in order to server export control policies, the likely result is that no one will use products implementing these features thereby frustrating law enforcement objectives. In short, any key recovery system must result from a user-driven, market-led process. It cannot be a mandated, government-designed, top-down, one-size-fits-all solution.I would note that for all these reasons. the NRC Committee recommended a policy of "deliberate exploration" rather than one of "aggressive promotion." We couldn't agree more.

Moreover, because it is going to take a long time to achieve international agreements on the export, import and use of products that implement key escrow or key recovery features, it is essential that immediate export control relief be granted for non-key escrow encryption products. As I hope I have explained, we simply cannot afford to wait any longer.

Conclusion - The Window Of Opportunity Is Closing Quickly

In conclusion, let me say that there appears to be a fundamental misunderstanding among some in government that inaction and delay in updating export controls works to the government's advantage. I strongly disagree. The world is not standing still. Major foreign companies already are offering triple DES hardware products. Several American companies already have begun selling 128-bit software products in the U.S. Despite the advantages which would accrue to users and vendors from secure global interaction at 56-bits using a single version of a product, current U.S. export controls have forced BSA member companies to incur the additional costs of developing and supporting two versions of our products. And as more and more U.S. software vendors begin to offer 128-bit non-key escrow encryption domestically, there is no way to see how this would work to law enforcement's advantage in the short run -- or intelligence agencies' benefit in the long rim as 128-bit foreign programs become the norm.

The time for action is now. In order to keep American vendors on a level international playing field and American computer users adequately protected in the near term, software programs with encryption at DES-level strengths must be immediately exportable. The legislation currently pending in Congress will do just that - although the Administration could act any time on its own to change its current policy.

Thank you.