|
|
Moore's Law states that computing power will double approximately every 18 months.
Moore's Law is good news for computer users in general, but bad news for users of encryption software. The faster the computers, the faster any message encoded with low-grade encryption can be decrypted.
Current encryption technology usually uses a double-key system. Every user has a unique pair of keys. The public key can be known by everyone and is used to encrypt the message, while the private key is known only to the recipient and is used to decrypt the message.
Keys can be made in a variety of sizes. Longer keys with more bits are more secure since they allow for more possible combinations. In order to break an encrypted message, a computer needs to try one combination after another until it finds the right combination.
The table below lists the number of possible combinations for various key lengths.
| Key Length | Possible Key Combinations |
| 40 bits | 1,099,511,627,776 |
| 56 bits | 72,057,594,037,927,936 |
| 64 bits | 18,446,744,073,709,551,616 |
| 128 bits | 340,282,366,920,938,463,463,374,607,431,768,211,456 |
In the United States, large keys are legal domestically, but illegal internationally.
Strong encryption is considered a munition and its export is controlled by the Commerce Department. The FBI, NSA, and Justice Department decide what can be exported, how, and to whom. (You can become an international arms trafficker just by going to this Web site and clicking a button to transmit encryption software.)
Currently, the U.S. government Data Encryption Standard allowed for export is 56 bits ("DES-56"). (There are some exceptions which allow U.S. companies to send strong encryption products to their overseas offices, and software companies to sell to certain industries, such as banking, in "friendly" countries.)
As computing power increases, 56-bit encryption is becoming less and less effective.
To demonstrate the decreasing utility of low-grade encryption, RSA Data Security has sponsored a number of challenges to test encryption security. In January 1999 one team, Libertarians for Privacy, broke a 56-bit encrypted message in 22 hours and 15 minutes.
The Data Encryption Standard has to be loosened or eliminated before U.S. companies can compete in the global market for encryption software.
Export restrictions aren't the only tools that governments can use to control encryption.
Some governments want to have key recovery or key escrow systems, where a third party keeps copies of everyone's private keys so that the government, with a court order, can have access to them when needed. A similar government proposal is the infamous "Clipper Chip," a backdoor that's built into the software so that the government can decrypt any message.
In this Policy Spotlight, we have collected some of the most interesting articles on encryption policies and proposals in the U.S. and around the world.
For those of you who want to dig deep into the topic, we offer dozens of references and links. If you want to get a read on how the mainstream media has been treating encryption, see J.D. Tuccille's Media Spotlight. And when you have questions or contributions to make, add them to the discussion forum.
Free-Market.Net Partners
The Cato Institute has been leading the way in free-market policy recommendations related to the Internet, from electronic money to encryption.
Cato's 1999 Congressional Briefing Book contains a discussion of Encryption and Wiretapping.
Solveig Bernstein, Cato's associate director of telecommunications and technology studies, discusses Encryption Policy for the 21st Century and why the government needs to remove restrictions on exports in this Policy Analysis from November, 1998.
Bernstein has also written two op-eds on encryption: The U.S. Government's Encryption Policy Dodge (September, 1996) and Encryption Bound? (August, 1997).
Computer security expert Henry B. Wolf tells how U.S. policies on the export of strong encryption are made irrelevant by companies outside the U.S. producing high quality software. He makes this point in the November 1998 briefing paper, The Myth of Superiority of American Encryption Products.
Cato testimony from the 1995 Congressional Hearings on Wiretapping and other Terrorism Proposals discuss how government policy curtails the First Amendment rights of computer users.
Toward a New Encryption Policy: Facilitating On-Line Commerce was a July 1996 policy forum on encryption technology and is available in RealAudio.
Reason is the premier libertarian magazine and one of the best Web sites for libertarian commentary.
Reason's Rick Henderson discusses the government's policy options regarding encryption in Know the Code (June, 1996).
In CODE BLUE: How to save us from the cybercops (May, 1996), Henderson discusses how encryption can solve many of the concerns about children accessing inappropriate material.
Clipping Encryption (May, 1998) and Keep Cops and Spooks at Bay (March, 1998) take a look at the administration's efforts to control encryption technology.
Jacob Sullum challenges a statement made by an FBI spokesman that "We're just as concerned about protecting the Fourth Amendment as anyone else," in No Secrets (August, 1998).
In We, Spy (November, 1995), Brian Doherty shows that outlawing technology may produce unintended consequences.
Confronting a Crisis (November, 1996) discusses the Clinton administration's policy towards encryption. It shows that this policy is exactly the opposite of what is needed in the new information society.
Justin Matlick, director of the Center for Freedom and Technology at PRI, wrote U.S. Encryption Policy: A Free-Market Primer (March, 1998), one of the best overviews of the issue.
Mr. Matlick has also published a number of recent op-eds on the subject. Don't Restrain Trade in Information (December 1998) was published in the Wall Street Journal in December and looks at privacy concerns on the Internet.
The San Francisco Chronicle (Sept. 1997) and Seattle Times (Oct. 1997) both published short pieces Matlick wrote after a judge declared export restrictions unconstitutional.
National Center for Policy Analysis
NCPA has collected a number of op-eds in support of loosening restrictions on encryption:
From Vitamin B: Your Daily Dose of Bionomics:
David Friedman and Edwin Meese discuss Cybersnoops (Oct. 1997) on Hoover's Uncommon Knowledge PBS program.
The Heartland Institute's Bruce Schneier looks at the The Importance of Keeping Secrets in this June 1994 Heartland Perspective.
Shari Steele, Staff Attorney for the Electronic Frontier Foundation discusses Encryption and Internet rights on the Idea Channel's Main Street Diner (RealAudio)
Eric Vance wrote The Coming War Over Encryption Technology for the Federalist Society.
In History's Greatest Brain Drain (Dec. 1996), Free-Market.Net advisor Bill Frezza illustrates the possibility of people being drawn into the electronic world, behind encrypted economies that the state cannot touch.
In December 2004 this page was modified significantly from its original form for archiving purposes.
, founded in 1995, is now a part of ISIL.
 |