testimony by Steve Walker on Export controls

[David Farber <farber () linc cis upenn edu>]

communications to begin.  Public key algorithms such as RSA have
become as popular and widely used as DES throughout the world for
integrity, confidentiality, and key management.


SPA Study of Availability of Cryptography


The Administration has asserted that export controls are not
harming U.S. firms by causing them to lose market shares because
there are no foreign products and programs available. 
Implementations of DES, RSA, and newer algorithms such as the
International Data Encryption Algorithm (IDEA), an algorithm that
has a key length more than twice that of DES, are available
routinely on the Internet from sites all over the world.  But
according to the Administration, these do not count as commercial
products.


In order to develop a definitive assessment of just how
widespread cryptography is in the world, in May of this year, the
SPA commissioned a study of products employing cryptography. 
There was a significant amount of knowledge about specific
products here and there, but no one had ever tried to assemble a
comprehensive database with, where possible, verification of
product availability.


The SPA research team focused exclusively on products providing
text, file, and data communications encryption capabilities and
on programs and products using DES or its equivalent, i.e., the
precise products subject to export restrictions.  We did not
include facsimile and voice encryption products.  The team
obtained information from product literature, reference guides,
industry surveys, trade press and journal articles, and responses
to requests for information from SPA members, cryptography
experts, and information requests put on the Internet.


Whenever possible, the team followed up information with requests
for product literature.  This was carefully scanned by at least
two independent project members, and the data was prepared for
entry into the database.  To the greatest extent possible, phone
calls have been made to vendors to clarify ambiguous technical
information.


Information on new products continues to flow in daily but as of
October 12:


     o    We have identified 264 foreign hardware, software, and
          combination products for text, file, and data
          encryption from 21 foreign countries: Argentina (1),
          Australia (18), Belgium (8), Canada (16), Denmark (14),
          Finland (1), France (5), Germany (33), Hong Kong (1),
          India (1), Ireland (1), Israel (10), Japan (2), the
          Netherlands (15), New Zealand (1), Norway (1), Russia
          (8), South Africa (7), Sweden (17), Switzerland (18),
          and the United Kingdom (86).


     o    Of these 264 products, 123 employ DES.


     o    We have confirmed the availability of 58 foreign
          encryption software programs and kits that employ the
          DES algorithm.  These are published by companies in
          Australia, Belgium, Canada, Denmark, Finland, Germany,
          Israel, the Netherlands, Russia, Sweden, Switzerland,
          and the United Kingdom.  We know some have distributors
          in other foreign countries and in the United States;
          one, a UK company, has distributors in 13 countries
          (Bahrain, Denmark, France, Greece, Ireland, Italy,
          Malta, the Netherlands, Norway, Singapore, Spain,
          Sweden, and Yugoslavia).  One in Germany has
          distributors in 14 countries (Australia, Austria,
          Belgium, Canada, France, Italy, the Netherlands,
          Norway, Spain, Sweden, Switzerland, Turkey, the UK, and
          the U.S.).  The programs are installed by the user
          inserting a floppy diskette; the kits enable encryption
          capabilities to be easily programmed into a variety of
          applications.


A complete listing of all confirmed products in the database is
identified in Attachment 1.


We have ordered and taken delivery on products containing DES
from four countries: Denmark, Germany, Israel, and the United
Kingdom.


Foreign customers increasingly recognize and are responding to
the need to provide software-only encryption solutions.  Although
the foreign encryption market is still heavily weighted towards
encryption hardware and hardware/software combinations, the
market trend is towards software for reasons of cost,
convenience, and space.


     o    On the domestic front, we have identified 288 products,
          of which 142 employ DES.  Thus, at least, 142 products
          are unable to be exported, except in very limited
          circumstances, to compete with the many available
          foreign products.


     o    In total, we have identified to date 552 cryptographic
          products, developed or distributed by a total of 366
          companies (211 foreign, 155 domestic) in at least 33
          countries.


DES is also widely available on the Internet, and the recently
popularized Pretty Good Privacy (PGP) encryption software
program, which implements the IDEA, also is widely available
throughout the world.


The ineffectiveness of export controls is also evident in their
inability to stop the spread of technology through piracy.  The
software industry has a multibillion dollar worldwide problem
with software piracy.  Mass market software is easy to duplicate
and easy to ship via modem, suitcase, laptop, etc.  Accordingly,
domestic software products with encryption are easily available
for export--through illegal but pervasive software piracy--to
anyone who desires them.


It cannot be any clearer:  the existence of widespread and
affordable cryptographic products overseas is an indisputable
fact.  Based on that fact, unilateral U.S. export controls keep
U.S. firms from competing in the global marketplace.


Foreign customers who need data security now turn to foreign
rather than U.S. sources to secure that need.  As a result, the
U.S. Government is succeeding only in crippling a vital American
industry's exporting ability.
     
Following the first publication of the cryptographic database at
the Advisory Board meeting on June 2, the Administration
requested a meeting with the SPA research team to review their
approach and findings.  This meeting was held on July 1, 1993, at
the Department of Commerce and involved Government
representatives from the Department of Commerce and NSA.  The
team described both their technique for gathering and cataloging
the information and the latest results.  At the conclusion of the
meeting, it appeared that the Administration representatives were
satisfied that a valid survey process was being carried out.


At the second meeting of the Advisory Board on July 29, a
Government representative of the Administration indicated that
the mere availability of products overseas was not sufficient,
that what was needed was an assessment of the market impact of
those products.  It is important to note to the contrary, though,
that the Department of Commerce, in similar deliberations,
requires only the demonstrated existence of foreign products, not
an assessment of their market share.  It would seem that no
matter how much information is acquired at what level of detail,
the Administration will request more to delay further action.


Nevertheless, the study begun in May by the SPA will continue to
collect additional information on cryptographic product
availability and to periodically publish its results to help
focus attention on this important and often ignored situation. 
We would welcome Government participation in this ongoing effort
to ensure the maximum coverage of available products and maximum
utility to the Government.


Frequently Heard Arguments


One argument that is frequently heard to justify continued export
controls is that cryptographic products are not available outside
the U.S. so U.S. software and hardware developers are not hurt by
export controls.  The statistics from the SPA survey (264 foreign
products, 123 using DES) prove that this argument is patently
false!


A second argument is that even if products are available, they
cannot be purchased worldwide.  This is also patently false!


We have found 366 companies in 32 foreign countries and the U.S.
that are manufacturing, marketing, and/or distributing
cryptographic products, most on a worldwide basis.  The names of
these companies are listed in Attachment 2.


A third argument frequently heard is that the products sold in
other parts of the world are inferior to those available in the
U.S.  Again, the results of our survey show this to be patently
false!


We purchased products from several sources throughout the world. 
We ordered DES-based PC file encryption programs for shipment
using routine channels from:


     o    Algorithmic Research Limited (ARL), Israel


     o    Sophos Ltd., UK


     o    Cryptomathic A/S, Denmark


     o    CEInfosys GmbH, Germany


     o    uti-maco, Germany


     o    Elias Ltd., Russia (distributed through EngRus Software
          International, UK)


All the products we ordered were shipped to us in the U.S. within
a few days.  The German products were sent to us directly from
their U.S. distributors in Virginia and Connecticut,
respectively.  Our experience has been that if there is paperwork
required by the governments in which these companies operate to
approve cryptographic exports, it is minimal and results in
essentially immediate approval for shipping to friendly
countries.


The products we obtained from these manufacturers and
distributors were in every case first rate implementations of
DES.  To better understand if foreign products are somehow
inferior, we tried to order the same Sophos product from their
Bahrain distributor.  We were informed by the distributor that
since we were outside his area, he could not sell directly to us. 
He then told us that everything he sells is shipped directly from
the manufacturer in England.
 
The uti-maco U.S. distributor in Connecticut indicated that he
could ship us his German made product immediately (we received it
the next day), without needing any further approval from the
German parent company or the German government.  Apparently, the
Germans have a form of blanket approval for sale to anyone in the
U.S.  I asked if that was true elsewhere in the world and the
representative told me that while he dealt only in the U.S., he
believed that this was true.


We have no indication that products being shipped to the U.S. or
the rest of the world from foreign manufacturers or distributors
are in any way inferior to products available in the U.S.


Others Use Different Rules


But our survey results also point to a much more ominous finding!
Apparently the controls imposed by the U.S. Government on export
of cryptographic products from the U.S. are far more restrictive
than those imposed by most other countries including our major
allies.  The effect of this most unfortunate situation is to
cripple U.S. industry while our friends overseas are essentially
free to export as they wish.


The U.S. imposes very strict rules on the export of cryptographic
products.  In general, applications for the export of products
that use DES will be denied even to friendly countries unless
they are for financial uses or for U.S. subsidiaries.  We have
been told repeatedly by the U.S. Government that other countries
such as the United Kingdom and Germany have the same export
restrictions that the U.S. does.


But our experiences with these purchases of cryptographic
products show a very different picture.


Companies in the UK, Germany, Denmark, and Israel can freely ship
DES products to the U.S. and presumably elsewhere in the world
with no more then a few days of government export control delay,
if any.  The claim is they have to "fill out some papers," but
it's no big problem.


Based on our experiences to date, I conjecture that these
countries are using CoCom (the Coordinating Committee of western
nations and Japan) rules for determining where to allow exports. 
If this conjecture is true, most countries in the free world can
readily receive exports from these countries.  I speculate that
companies in these countries are required to fill out export
forms but if they can show that the destination country is not
proscribed by CoCom or their local equivalent, they can ship
without waiting for further government approval.  Every
experience we have had supports this supposition.


Whether my theory is correct or not, our experience with these
purchases has demonstrated conclusively that U.S. business is at
a severe disadvantage in attempting to sell products to the world
market.  If our competitors overseas can routinely ship to most
places in the world within days and we must go though time
consuming and onerous procedures with the most likely outcome
being denial of the export request, we might as well not even
try.  And that is exactly what many U.S. companies have decided.


And please be certain to understand that we are not talking about
a few isolated products involving encryption.  More and more we
are talking about major information processing applications like
databases, electronic mail packages, and integrated software
systems that must use cryptography to provide even the most basic
level of security being demanded by multinational companies.


Demonstrations of Available Cryptographic Products
 
We have before us today several examples of cryptographic
products that were lawfully obtained in the United States from
foreign vendors:


     o    AR DISKrete:  produced by Algorithmic Research Limited
          (ARL), Israel.
               Uses DES disk/file encryption to provide PC
               security and access control.


     o    EDS:  produced by Sophos Ltd., UK.
               DES-based PC file encryption package.


     o    F2F (File-to-File):  produced by Cryptomathic A/S,
          Denmark.
               DES-based PC file encryption utility.


     o    Softcrypt:  produced by CEInfosys GmbH, Germany.
               DES-based PC file encryption utility.


     o    SAFE-GUARD Easy:  produced by uti-maco, Germany.
               DES-based PC file encryption utility.


     o    EXCELLENCE for DOS:  produced by Elias Ltd., Russia
          distributed through EngRus Software International, UK.
               GOST-based (Russian DES equivalent) PC file
               encryption utility.


We also have a demonstration of the power of the digital
revolution and the impact it will have on all our communications
in the future.  Traditionally, when we think of voice
communications, we think of the telephone in its many forms
(desk, cordless, cellular, car).  However, many modern computer
workstations now have the ability to carry voice as well as other
multimedia communications.  Routinely today on the Internet,
voice conferences are held over packet switched communications
networks.


Today we have a demonstration using two workstations that come
with software to digitize voice communications, packetize it for
transmission over a network, and resynthesize it into perfectly
good (sometimes better than phone quality) voice.  Systems like
these are being used daily for voice conferencing over networks
around the world.


With this capability, it is straightforward to protect phone
conversations from eavesdroppers. Since all the capabilities are
performed in software, it is trivial to add an encryption
algorithm, such as the Data Encryption Standard, to the software
and provide good quality encryption to the digitized, packetized
speech.  Today we have DES versions from Finland, Sweden,
Australia, and the U.S.






HOW IS U.S. INDUSTRY BEING AFFECTED BY EXPORT CONTROLS?


TIS Experiences


To begin this section, I would like to give several examples of
experiences that my company has had recently in dealing with the
export control process.


Trusted Information Systems is a member of the Internet community
and has implemented a version of the Internet Privacy Enhanced
Mail (PEM) system, which it is offering free to users on the
Internet and for sale to commercial users under the name Trusted
MailTM.  Several hundred Internet users have retrieved the PEM
source code, and many of them are using it on a daily basis.  Our
experiences with PEM illustrate the variety of frustrations,
confusion, and lost opportunities that confront U.S. businesses
in the area of international cryptographic products.


PEM is based on international Internet specifications developed
over the past five years by a team of researchers from throughout
the world.  In its present version, PEM uses DES for
confidentiality and RSA for signature and key management.  As
such, it does not meet the U.S. Department of State requirements
for export outside the U.S. or Canada.


In order to establish a distribution system for PEM similar to
that of other software products on the Internet, TIS reviewed
various techniques that universities and other companies have
used.  The "anonymous FTP" approach, in which a user who does not
have an account is allowed to log on to the computer containing
the information and perform a file transfer of the specific
program files, was considered the best choice.  Such techniques
are routinely used throughout the Internet, but in the case of
software that is subject to export controls, one must be
concerned that individuals outside the U.S. and Canada may
attempt to retrieve the programs.  The problem is how to identify
whether someone who is anonymous is approved to retrieve the
software or not.


As had been done earlier by others, we have created a "READ ME"
file that the person seeking the software must read before
retrieving the PEM program.  The reader is cautioned that if he
or she is not from the U.S. or Canada, it is against U.S. export