For everyone's information, below is an interesting story from the July 14 Boston Globe. The article concerns encrypting information as it is passed between network routers, rather than at the workstation. US law enforcement agencies are apparently more amenable to this approach. What it bodes for Jaws is unclear to me.
-------------------------------------------------------------------------------------------------------------
Encryption plan gives computer industry hope. Would allow software exports, ease US security concerns. By Hiawatha Bray, Globe Staff, 07/14/98
A new data-scrambling technology probably won't resolve a long-running dispute between law enforcement officials and the computer industry, according to industry specialists. But the plan announced yesterday could enable American firms to export data protection products worth billions, while easing concerns about national security.
A consortium of 13 firms led by Cisco Systems Inc. proposed a new way to use sophisticated encryption technology to scramble Internet messages so that unauthorized people could not read them. The system is designed for use by major corporations that send Internet messages to their offices around the world.
Under the plan, the encryption would occur inside the ''router,'' a computer on the network that sends the information to its destination. There, another router would decode the message. Between the two routers, the message would be gibberish, even if it were intercepted. But at either end, the message would be in the clear, and easy to read.
Cisco, a computer networking company based in San Jose, Calif., is the world's leading maker of network routers.
The new system would allow the network operator to intercept messages from individual computers before they were encrypted and sent over the Internet. If a law enforcement agency suspected illegal activity, it could obtain a court order forcing the company to intercept the data prior to encryption.
Presently, the federal government won't allow US firms to export their top-quality encryption products. The government fears that the software will fall into the hands of spies and terrorists, who would then be able to plan crimes without fear of government wiretaps.
Federal officials have offered their own compromise. They would allow exports of the software only if companies gave copies of its code-cracking keys to some outside agency, which in turn would provide them to the police. But security specialists have denounced this plan, saying it would be hard to prevent the spare keys from falling into the hands of hackers or rogue government agents.
Dan Scheinman, Cisco's vice president of legal and government affairs, said the new approach solves this problem. ''There are no keys,'' Scheinman said. ''The only people who have access to the data are the people who have access to the data today, which are the network managers.''
The Internet news service Wired News reported that the Federal Bureau of Investigation sees merit in the plan. ''If the router is in the possession of a third party such as an Internet service provider, that would very much meet the needs of law enforcement,'' said FBI spokesman Barry Smith. But Scheinman said the new system would mainly be designed for internal corporate communication, not for individual users connected to Internet service providers.
Software executives are desperate for a solution to the encryption deadlock. A report issued in April by the Economic Policy Institute, a Washington-based think tank, said the US computer industry will lose $35 billion in revenues over the next five years, as foreign firms provide encryption products that US firms are barred from exporting.
Scott Schnell is vice president of marketing for RSA Data Security Inc., a leading encryption software company that licenses its software for use in other firms' products. Schnell would like to see no restrictions on encryption software exports. But the new plan holds out hope of a compromise that would allow at least some sales to major corporations and government agencies abroad.
''We're pragmatists,'' said Schnell. ''Our focus is in helping our licensees help to sell their products freely on a worldwide basis. Anything that fosters that goal is good.''
Alan Davidson, staff counsel for the Center for Democracy and Technology, and a staunch critic of encryption controls, agreed the new plan is good news.
''Any opportunity to get more encryption in the hands of more people is a step forward for Internet privacy,'' Davidson said.
But he noted the proposal is only useful for large organizations with network routers that can handle data encryption. It does nothing for Internet users who want to encrypt and decrypt messages on their personal computers. Exports of this kind of software are still subject to strict control. Davidson asked: ''What about the rest of us?''
Cisco's stock yesterday closed at 94 1/4, up 15/16, on the Nasdaq stock market.
This story ran on page D01 of the Boston Globe on 07/14/98.
------------------------------------------------------------------------------------------------------------- |
