IP: UK Government Launches HMS Clipper (ASCII 2 of 2)

[Dave Farber <farber () central cis upenn edu>]

(b)  Services Offered


9.  The services which a TTP may provide for its customers will be a
commercial decision.  Typically,  provision of authentication services may
include the verification of a client's public key, time stamping of documents
and digital signatures (which secure the integrity of documents).   TTPs may
also offer a service of key retrieval (typically for documents and files
that have
been encrypted by employees) in addition to facilitating the real time
encryption of a client's communications.


10.  Licensed TTPs operating within a common architectural framework, on a
European or even a global  basis, will be able to facilitate secure
communications between potential business partners in different countries.
Providing the respective clients trust their TTPs, secure electronic commerce
between parties who have not met will become possible because they will
have confidence in the security and integrity of their dealings.


   The use of the word 'dealings' here in place of 'communications'
   implies that more than the communications can be trusted - it is close
   to saying that if a TTP can be trusted then so can its clients.  In practice
   this will not be the case unless there is a VERY rigorous vetting process
   before a TTP takes on any client and it is hard to see that this will be
   economically justified in many cases.  In any event, there is a
   presumption that criminals and terrorists are operating somewhere
   within the domain of all TTPs so not everyone can be behaving in a
   completely trustworthy manner.


(c)  Architecture and supporting products


11.  It is envisaged that a common architectural framework will be needed to
support the information security services being offered by TTPs in different
countries.  Clearly this will be a matter for negotiation between interested
parties taking into account developments in international standards
organisations.  The architecture would need, however, to support both the
provision of integrity and confidentiality and therefore be capable of
verifying
public encryption keys and escrowing private ones.  There is no reason why it
should not also support a choice of encryption algorithms, such as those on
the ISO (International Standards Organisation) register.


12. In support of such an architectural framework we would envisage
manufacturers developing  software or hardware products for use by the
business community.  Such products will need to be consistent with whatever
standard (or standards) are arrived at to enable TTPs to interoperate.  The
type
of algorithm used for message encryption, and whether it is implemented in
hardware or software,  will be a matter of business choice.


   Not entirely a business choice since I assume that it will not be possible
   for two or more co-operating TTPs to use an algorithm or an approach
   which they do not reveal to the Government since any disclosed keys
   could then be useless (remember that it is keys that the Government is
   seeking to gain access to, not the protected information).


 (d)  European Union


13.  The Government is working closely with the European Commission on
the development of encryption services through their work on information
security. Arrangements concerning lawful interception and the regulation of
TTPs in that context are matters for Member States to determine.  However,
the Commission has an important role in facilitating the establishment of an
environment where developments in the use of TTPs can be fostered.   The
Commission should soon be in a position to bring forward a programme of
work involving, for example, the piloting and testing of TTP networks.


   It would be nice to have a successful TTP pilot BEFORE announcing a
   policy based on TTP principles.  It is surely 'putting the cart before the
   horse' to announce a policy before its feasibility, its affordability or its
   practicality have been demonstrated.


(e)  OECD


14.  The Government are also participating in discussions at the OECD on
encryption matters.  Where possible we will encourage the development of
networks of TTPs which facilitate secure electronic trading on a global basis.


(f)  Export Controls


15. Export controls will remain in place for encryption products (whether in
hardware or software form) and for digital encryption algorithms.   However,
to facilitate the participation of business and commerce in the information
society the Government  will take steps, with our EU partners, with a view to
simplifying the export controls applicable to encryption products which are of
use with licensed TTPs.


   This paragraph is not very helpful since current export controls are
   lacking in clarity and precision and urgently require revision to remove
   the confusion and uncertainty which this causes.  Now that the UK
   Government is committed to at least some amendments of these controls
   it will be important to grasp the opportunity which this provides to
   establish export control laws for cryptographic products which are
   precisely and clearly defined and which are limited in scope to the
   essential minimum to meet openly stated Government objectives whilst
   also being consistent with modern approaches to computer and network
   systems engineering.


   In particular the current export controls on products which contain no
   cryptography themselves but which have fully and openly defined
   interfaces which allow the use of external cryptographic modules need
   to be removed.


   Export controls on cryptographic software need to be better defined in
   order to ensure that they are truly enforceable.


   In the United States a distinction is made between the publication of
   cryptographic algorithms in descriptive text or computer language
   source code form on paper and the identical descriptions held on
   magnetic media or transmitted over networks.  The reason for the
   distinction is that US export controls on cryptography are interpreted to
   cover export on magnetic media and via networks whilst the export of
   identical information on paper is not subject to any such control.


   In the UK the situation *SEEMS* to be more sensible in that, as far as I
   can tell, there are no UK export controls on cryptographic algorithm
   descriptions in either text or source code form, irrespective of the media
   involved.  However it is possible that there are such controls in theory
   but that no attempt is made to enforce them, a situation that leads to
   uncertainty in such areas as international co-operation in R&D or
   product development.  It will hence be necessary during the amendment
   of UK export controls to ensure that the extent of the export controls on
   cryptographic algorithm descriptions are clear and precise.


   The export controls applicable to cryptographic software in binary and
   executable form also need to be clarified.  Given the widespread
   international availability of encryption algorithms and software on the
   Internet it makes no sense to continue with laws that are not enforceable
   and which have no practical effect.  Therefore, in continuing with export
   controls on cryptographic software, the Government will need to
   demonstrate that such controls:


   +    are designed to achieve fully and precisely enunciated Government
   objectives;


   +    are capable of being enforced in such a way that these objectives can
   be substantially achieved without significant impact on other
   freedoms;


   +    will not be rendered ineffective by activities which are beyond the
   Government's control or influence.


   Any software export controls that do not meet these criteria should be
   discontinued.


CONSULTATION


16.  Officials from the Department of Trade and Industry have already held
preliminary discussions with various industry group on the general concepts
surrounding the provision of encryption services through TTPs. A more
formal consultation on the Government's proposals will  be undertaken by the
Department of Trade and Industry with all interested parties prior to the
bringing forward of legislative proposals.  The Government recognises that
the successful facilitation of electronic commerce through the introduction of
information security services by TTPs either in the UK or in Europe, will, to a
significant extent, depend on their widespread use across business.  It will
therefore  be important to secure the broad acceptance of the business
community for the Government's proposals. The Department will pay
particular attention to this during the consultation process.


   This is a valuable commitment which is somewhat at odds with the
   earlier statement that the policy '... has been decided ...'.   It is clear
   commitment by the Government to introduce an approach only if it has
   the support of the UK business community.  Since any scheme will also
   have a large impact on all UK citizens, a way needs to be found to
   ensure that their voice is heard during the consultation process as well.
   This could be achieved by involving the Chartered Institutions and the
   Learned Societies.  The Government could also do what the United
   States has done by commissioning an independent academic review of
   its proposals. These steps would help significantly in ensuring that any
   policy which emerges commands widespread support throughout the
   UK.


   CONCLUSION


   If this press release represents the *START* of a public debate in the UK
   about the complex balances which need to be struck in the use of
   encryption to secure our National Information Infrastructure (and the
   GII), then it has my wholehearted support and I congratulate the UK
   Government on its publication.


   If, however, it is the *END* of a debate, held behind closed doors, and is
   hence an attempt by the UK Government to impose an encryption
   solution on the people of the UK in the absence of an informed public
   debate about the issues involved, then I will do all that I can to frustrate
   its progress until such a debate has taken place.


   The paper leaves me uncertain about which of these scenarios is correct.


   I am not a crypto-anarchist,  nor am I a crypto-fascist - if anything I
   would characterise my views as broadly crypto-liberal on the grounds
   that this is the only practical stance given that cryptographic knowledge
   and capabilities are now widespread.  No-one should make the mistake
   of reading these comments as indicating that I am opposed to the
   objectives which the Government is trying to achieve.  The issue is not
   the objectives themselves, since these would be hard to dispute, but
   rather the extent to which these are achievable and whether the actual
   gains which are likely in practice will outweigh the disadvantages which
   will be involved.


   Beyond this, however, I am firmly of the view that the people of the
   UK have a right to make an input *BEFORE* Government policy is set in
   all areas where the policy involved will have a profound impact on their
   well-being, their prosperity and their common interest in peace,
   security, freedom and justice.   The security of our NII (and that of the
   wider GII) is just such an area where I fear that the UK Government
   might possibly be attempting to set a policy before any such debate has
   taken place.


   I urge everyone in the UK who reads these comments to approach their
   Member of Parliament to seek their assurance that no legislative action
   will be initiated before there has been an adequate *PUBLIC* debate of the
   issues involved.


   I urge those of you in (and associated with) the media in the UK to
   publicise the Government policy statement and to inform the UK public
   in a *BALANCED* way about the issues which need to be considered in
   arriving at a sensible UK policy stance.






         Brian Gladman, The Hague, The Netherlands, 15th June 1996.


                         email: gladman () euronet nl


               http://www.euronet.nl/users/gladman/index.html










Attachment Converted: C:\WINDOWS\Desktop\attachments\ukcrypol2.doc


Dept. of Computing Science, University of Newcastle, Newcastle upon Tyne,
NE1 7RU, UK
EMAIL = Brian.Randell () newcastle ac uk   PHONE = +44 191 222 7923
FAX = +44 191 222 8232  URL = http://www.cs.ncl.ac.uk/~brian.randell/