Cryptography Reference
In-Depth Information
So this is the background on which we have to see the benefits of cryptography.
Cryptography should be a matter of fact for firms, and individuals should be
responsible for their own data protection. While politicians are still trying to set
up fortresses ('the passing on of data is strictly forbidden'), practice undermines
the walls in several places.
These kinds of considerations spoil the joy about 'revolutionary' changes upon
the release of hard cryptography in some countries. In France, for example,
secure encryption is now also permitted to individuals. The nasty US export
regulations (limiting key lengths to 40 bits in export versions, with a few
exceptions) seem to have been removed. This is certainly a loss for eager
eavesdroppers. In the meantime, however, a large number of other possibilities
for espionage have emerged, and increasingly more insecure computer systems
can be cracked, some even automatically. Also, the pressure of the business
world to permit secure cryptography grew considerably in the 1990s. With
their restrictive export policies, the USA even harmed their own cryptographic
software manufacturers, because European (including German) manufacturers
meanwhile happily jumped into this 'market gap'. We will get back to this
issue in Section 8.2.4.
8.2.3 Key Escrow
As mentioned in the last section, demands for more data protection in the busi-
ness world have increased strongly. Something has to be done. But influential
circles that appreciate the role of cryptology won't have their power restricted
voluntarily. Zimmermann's PGP slogan, 'encryption for everybody', must have
been a thorn in their sides back then.
On the other hand, politicians in many countries confirm that the protection
of secrets is necessary for individuals, too, because this is the only way the
information society will work. The bridge to overcome this conflict of interests
is referred to as key escrow . Everybody may encrypt, but the 'government'
should be allowed to read it upon demand. It should be given the secret key
somehow. As usual in such matters, organized crime has been stated as the
reason for this key escrow. If we can't get hold of the communications of
these criminals, so the argument goes, they will turn into a huge threat.
The consequence was a hefty discussion in many countries, including Germany.
People shouldn't look only at their own countries. I recommend studying the
Crypto Law Surveys by Bert-Jaap Koops, which you find in the txt/policy/claw
1996.txt directory on the Web site. Which give an overview of the legal status
in many countries as of 1996. Compare this with the content of claw2001.txt !
Search WWH ::




Custom Search