International Cryptography Campaign 1998

International Cryptography Campaign 1998

Dr Michael Baker, Electronic Frontiers Australia

Erich Moechel, quintessenz user group, Austria

Greg Taylor, Electronic Frontiers Australia

Abstract

Cryptography export controls have been used by western governments to impede the spreading use of strong encryption. National cryptography export controls are coordinated through the Wassenaar Arrangement, an international agreement on weapons export control. Most nations' export controls do not cover intangible exports such as distribution via the Internet.

In 1998 Electronic Frontiers Australia launched a campaign to remove export control over cryptography software and to ensure that no domestic controls over cryptography are introduced. In support of the Australian campaign, EFA launched an International Cryptography Campaign to have cryptography removed from the Wassenaar Arrangement.

A Wassenaar cryptography experts meeting was held in Vienna in September 1998 and a Plenary session was held in early December 1998, also in Vienna. The result of the Plenary meeting was that additional controls over the export of cryptography were introduced into the Wassenaar Arrangement. This has been widely condemned and has lead to the establishment of cryptography mirror sites around the world. In 1999 there is likely to be pressure within Wassenaar to control intangible exports.

Keywords
Cryptography, Wassenaar, Campaign, Export Controls

Introduction

In this paper we outline the International Campaign [1] conducted during 1998 to seek removal of cryptographic products from the Wassenaar Arrangement control lists, and we examine the lessons learned and the implications of the revised Arrangement for future policy outcomes.

Crypto Controls

In the past, governments and their military intelligence organisations carefully restricted cryptography, which meant that it was easy for governments to control the privacy of individuals. Agencies could eavesdrop on private communications in the confidence that an intercepted message would be easily understood.

The wide availability of strong cryptography has fundamentally shifted the power base to the extent that individuals can now largely control their own privacy if they so desire. Governments and their law enforcement and national security agencies are clearly uncomfortable about this recent shift in power. In response, governments in many countries have conspired to control access to strong cryptography by restricting exports. The Walsh Report [2] raised doubts about the effectiveness of such controls, particularly in this era of global electronic transfer of data.

The Wassenaar Arrangement

The Wassenaar Arrangement on Export Controls for Conventional Arms and Dual-Use Goods and Technologies (named after the town in Belgium where it was signed) replaced the Coordinating Committee on Multilateral Export Controls (COCOM), a Cold-War arms-control regime, expanding the membership to 33 nations including some from the former Soviet bloc.

The Wassenaar Arrangement was created in 1995. It establishes an international regime to control the export of conventional arms and dual-use goods and technologies. The Arrangement contains an extensive list of controlled items, and cryptographic products are identified as one of the categories.

The objective of the Wassenaar Arrangement was to prevent the accumulation of military capabilities that threaten regional and international security and stability. It was designed to complement existing weapons control and non-proliferation regimes (the Missile Technology Control Regime, the Nuclear Suppliers Group and the Australia Group). The Arrangement controlled the export of cryptographic products as dual-use goods, i.e. having civilian and military applications. However, the Wassenaar Arrangement was only directed towards offensive weapons proliferation, and expressly excluded controls over genuine civil transactions. Mass market and public domain software were also excluded from control through the General Software Note waiver.

In implementing national policies, some countries, namely Australia, New Zealand, USA, Russia and France, went further than the Wassenaar restrictions, and placed controls over general purpose cryptography software. The Australian Defence Signals Directorate (DSD), the Australian equivalent of the NSA, which was responsible for evaluating cryptographic products for export license applications, had expressed the view that almost all crypto software they had evaluated was either mass market or public domain.

Cryptozilla, a weapon of mass destruction?

In mid 1998 there was extensive media exposure in Australia concerning the embarrassment of the Australian delegate to Wassenaar meetings in April, Robbie Costmeyer, Director of Strategic Trade Policy and Operations, Department of Defence. He was the person responsible for approving licenses for export of Wassenaar controlled goods from Australia. Questions were asked by other delegates about Australia's failure to prevent the release of the Cryptozilla web browser on the Internet. Cryptozilla was based on the Netscape open source code, which was released globally on April 1 1998 with the cryptographic modules removed. The Cryptozilla team, utilising the Australian-developed SSLeay crypto toolkit, had restored the crypto functionality.

The media reports suggested that the Defence Department was threatening to prosecute the Brisbane-based Cryptozilla team under the Weapons of Mass Destruction Act, since a Customs Act prosecution was considered unlikely to succeed in the case of intangible exports [3].

Fortunately, common sense reigned and no prosecution was launched. Had it been otherwise, there would undoubtedly have been a global outcry which would have made martyrs out of the Cryptozilla group's leaders, Eric Young and Tim Hudson, who had established a solid international reputation for their work in developing the SSLeay package.

Wassenaar on the Danube [4]

At the end of June 1998, Erich Moechel [5] made contact with the Wassenaar Secretariat [6] in Vienna. To Erich's great surprise it seemed that he was the only journalist to be invited to enter the sacred halls of "dual use goods" diplomacy at least during the previous 12 months. Quite likely no scribbler had been there before. We later discovered that as of September 1998, the only people to visit the Wassenaar Office in Vienna seeking information, not being staff or nominated national delegates, were Erich in July 1998 and Barry Steinhardt (ACLU) in September 1998. Prior to this time the Wassenaar Secretariat was a somewhat secretive, if not reclusive, international agency. It must have been an unusual experience for them to receive visits from civil liberties groups.

The Wassenaar Secretariat office is not far from the Vienna State Opera, between the Hotel Bristol and the galleries along Ringstrasse, where Vienna presents one of its nobler faces. There is a tiny, street-level sign on the building at Mahlerstrasse 14, a camera over the buzzer and solid double doors on the fourth floor that lead to a starkly sober interior: grey carpet set against light wood and bare white walls.

When Erich visited Glenn Sibbit, who formerly served the Canadian government and the OECD as a telecommunications expert, Sibbit said "We're not actually an organisation, but rather a clearing house that processes the decisions of the delegates of the signing countries in the plenary meetings. There are no intrigues being cooked up in any back rooms here." Dirk Weicke, Sibbit's equivalent German expert in the Wassenaar office, added with a polite smile "There's really no reason for paranoia, we wouldn't even have the personnel for such things."

What they said was true. Including the cleaning crew, all of ten people were on the payroll of the Wassenaar Arrangement Secretariat, responsible for keeping an eye on the export of so-called "conventional" weapons and the components that make them. Even though many saw the Declaration of Wassenaar as a direct successor of COCOM, which expired in 1994, the Wassenaar experts themselves did not particularly like to look at it that way. COCOM was "not a direct antecedent," said Weicke and Sibbit in unison, but rather, a "previous regime," belonging to a different period (the Cold War) and operating under a completely different set of circumstances than Wassenaar.

This distancing was understandable in light of the fact that COCOM was located directly in the U.S. embassy in Paris and was generally known to be a foreign outpost for various U.S. intelligence services.

The Secretariat appeared to be under resourced. In late September Secretariat staff asked Erich to help them locate the "national amendments" to Wassenaar excepting crypto from the General Software Note. Wassenaar officials did not know which countries had made such amendments to the GSN.

Australian Crypto Campaign

The Wassenaar Arrangement was due for renewal by the end of 1998, otherwise it would have lapsed. Prior to 1998, little attention had been focussed on the agreement, with most of the international controversy about crypto policy being directed at US export controls. However, in mid 1998 Electronic Frontiers Australia (EFA) [7] commenced a campaign [8] aimed at liberalising Australian controls [9] over the export of cryptography products and ensuring that no domestic controls over the use of cryptography were introduced. As the campaign developed, it became apparent that the Wassenaar Arrangement was going to be a major obstacle to reform.

When EFA started its national Cryptography Campaign the time was obviously well nigh for cryptography policy to be taken out of the hands of the cold warriors in the Defence Department. Full strength encryption software was widely and openly available throughout the world yet the cold-war era mentality that existed seemed strangely detached from reality.

How was a web browser a threat to national security? Why was Australia one of the few parties to the Wassenaar Arrangement that refused to allow the General Software Note waiver for mass market and public domain software? Why didn't the Attorney-General prosecute the Defence Department for making PGP available on the FTP site of the Australian Defence Force Academy (ADFA) [10]. Why was the Minister for the Information Economy openly promoting electronic commerce while another branch of the government was doing its best to stifle it? These and other questions came to mind as EFA trawled the labyrinthine corridors of power in Canberra seeking answers to the imponderable.

Wassenaar Experts Meeting

An important issue in our research was the policy position Australia was likely to take to the 1998 round of Wassenaar talks. From public statements by Robbie Costmeyer (Director of Strategic Trade Policy and Operations, Department of Defence) it appeared that the Australian representative would propose that:

• Crypto using 40-bit keys should no longer be controlled (hardly a significant concession!).
• The scope of the General Software Note, which excluded shrink-wrapped and public domain software from export control, should be narrowed so that crypto software would no longer be exempted.
• Intangible exports, i.e. via the Internet, should be brought under the Wassenaar umbrella. At that time only the US controlled the export of intangibles.

The latter issue was a particularly sore point for Costmeyer, following his embarrassment over the Cryptozilla saga. We assumed that the Australian position on Wassenaar was shared by other countries, particularly those who strongly supported US policy.

International Crypto Campaign

EFA was totally opposed to the Australian government stance because of the adverse impact these proposals would have on electronic commerce, and on the security of private and commercial communications. EFA saw that it would be necessary to work with others on an international basis to make sure that as many national representatives as possible were fully briefed on the impact of the existing controls and the proposed amendments. The International Crypto Campaign was established to lobby for the removal of crypto export controls from the Wassenaar Arrangement.

The meeting of the crypto expert group of the Wassenaar Arrangement was to be held in mid September 1998 in Vienna, with plenary discussion scheduled for late November.

Erich discovered that the UKUSA treaty nations had been doing some detailed work on crypto to amend the 1996 version of the Wassenaar control lists. He also discovered that there was considerable opposition from the EU nations, who disliked US policy.

At around this time, Brian Gladman published a paper [11] [12] in the UK analysing the Wassenaar crypto controls, incorporating ideas from David Jones of Electronic Frontiers Canada. His main thesis was that crypto controls were against the stated aims of the Wassenaar Arrangement and that control of commercial crypto was not justified by the aims of the Arrangement. Other key points were that cryptography is not a weapon and that it was quite possible to draw a distinction between military and commercial use of cryptography. The points raised in Brian's paper later became the basis of a Declaration by members of the Global Internet Liberty Campaign (GILC) [13].

The GILC Declaration

In August 1998 the Irish government released a White Paper on Cryptography Policy [14], containing the the following statement:

"The export of cryptographic products is to continue to be regulated in accordance with the relevant EU Regulations and Decisions and Irish national legislation which reflect the Wassenaar Arrangement on Export Controls for Dual-Use Goods and Technologies and Conventional Arms."

This, together with information from Wassenaar officials that EU countries are bound by two control arrangements, suggested that we would have to consider the "relevant EU Regulations and Decisions" if we were to have any influence on the stance of the European signatories to Wassenaar.

In early September, in cooperation with other members of GILC, we developed a GILC Member Declaration [15]. The Declaration highlighted that export controls were not justified by the Wassenaar Arrangement on cryptography, as a defensive technology, and that these controls contradicted the principles of the Arrangement. Moreover, the GILC Member Declaration highlighted the fact that export controls on cryptography prevent human rights activists from around the world from protecting their life and their freedom, and that they hurt law-abiding citizens and organisations without having any significant impact on the ability of criminals, terrorists or belligerent nations to obtain any cryptographic products they wished.

The Declaration, signed by 24 members of the Global Internet Liberty Campaign, was sent to the Wassenaar Secretariat on 15th September 1998. The essence of the Declaration was a call for the Wassenaar representatives to remove cryptography from the control lists, on the grounds that it was a defensive tool and not a weapon and that according to the stated aims of the Wassenaar Arrangement it should not restrict the export of cryptography.

After the release of the GILC Member Declaration there was press coverage of the campaign in Austria, Canada, France, Germany, Spain, the UK and the US. [16]

Support for the GILC Member Declaration was subsequently expressed by 27 companies and associations [17].

September meeting of Wassenaar Expert Group

The 1998 round of Wassenaar talks took place in Vienna. There was an 'experts group' meeting in September followed by a plenary session in December.

Unsurprisingly, the Wassenaar crypto expert group made no announcements in September. However, word filtered out that plans to tighten controls had not reached agreement and that a decision would be made prior to the plenary meeting in December. At around the same time a controversy erupted in Europe over the Echelon global surveillance system, amid concerns that the US was able to monitor the communications of its European allies. Perhaps this influenced the Wassenaar delegates to proceed cautiously. Whatever the background, we concluded that the hardliners in Wassenaar had not gotten their way.

December Plenary Meeting

The Wassenaar Plenary meeting was held in Vienna on 2/3 December 1998. Prior to the meeting, opinion seemed to be that the US, UK and France were taking a hardline stance for greater restrictions in the General Software Note, and controls over electronic exports. However, many European countries seemed to favour relaxation of the controls. Since Wassenaar requires unanimous agreement, it seemed unlikely there would be any significant changes.

However, on 3rd December, before the meeting was over, in a move that was initially greeted with scepticism, US Ambassador for Cryptography David Aaron claimed that the Wassenaar countries had agreed to set restrictions on mass market crypto over 64 bits and all other crypto over 56 bits.

Outcome

It is ironic that on the 50th anniversary of the signing of the Universal Declaration of Human Rights in December 1998, 32 nations bowed to US demands to further restrict the export of cryptography software, tools which are often used by human rights organisations to inform the world of atrocities committed by repressive governments.

The changes to the Wassenaar Arrangement control lists were announced from Vienna a week after the meeting. The main changes in respect of cryptography were:

• The General Software Note waiver was changed to exclude the previous general exemption for mass market crypto software.
• Mass market software using symmetric key lengths greater than 64 bits became controlled.
• Non mass-market software using symmetric key lengths greater than 56 bits became controlled.
• Non mass-market software using asymmetric keys based on integer factorisation (e.g. RSA) and greater than 512 bits in length became controlled.

Public domain software remained outside the control list. This suggested that at least the freeware version of PGP might be legally exported.

The term public domain was defined in the lists in a manner quite different from the conventional understanding of the term:

"In the public domain" means "technology" or "software" which has been made available without restrictions upon its further dissemination. N.B. Copyright restrictions do not remove "technology" or "software" from being "in the public domain".

The full control list was made available on the Wassenaar Secretariat website [18]. This publication in itself was one bright spot in the saga. Until then, the actual detail of the Arrangement was a closely guarded secret and only snippets had been available for scrutiny, and even then only from unofficial sources. The open publication of the lists was perhaps a sign that the signatory nations recognised that they could no longer make their decisions in secret and that greater transparency was needed. EFA compiled an extract of the changes that relate to cryptography controls. [19]

Reaction to the outcome

The Wassenaar decision was roundly condemned by a cross-section of industry and privacy advocates.

One reaction to the decision was a campaign to establish and promote online crypto archives [20] around the world to mirror source code and binaries for cryptography software such as SSL, DES, 3DES, Blowfish, PGP etc.

EFA issued a media release saying "Cryptography controls have been universally condemned by privacy advocates, industry groups, and professional bodies for many years. At a time when there was an expectation that common sense might finally prevail, the world's cold warriors have met in closed session in Vienna to rebuff their many critics and to extend existing controls to commonly available commercial products."

On the 18th of December 1998, Brian Carpenter (Internet Architecture Board Chair) and Fred Baker (Internet Engineering Steering Group and Internet Engineering Task Force Chair) issued a statement on behalf of the IAB and the IESG. The statement deplored the changes to the Wassenaar Arrangement. They pointed out that strong cryptography was essential to the security of the Internet, and that restrictions on its use or availability would leave us all with a weak, vulnerable network, endanger the privacy of users and businesses, and slow the growth of electronic commerce. They estimated that after a modest capital investment, a company or criminal organisation could crack a 64-bit cipher in less than a day for about $2500 per solution. This cost would only drop in coming years. A report [21] released about three years previously suggested that 90-bit keys were the minimum for long-term security. On 22nd December 1998 the IAB/IESG statement was endorsed by the Internet Society.

An Intangible Problem

A further issue that remains a matter of controversy is the question of intangible exports via electronic networks such as the Internet. The USA is presently the only country that has implemented regulations restricting intangibles, but several challenges on First Amendment grounds are currently before the courts. One problem with unilateral polices such as this is that it encourages companies to move offshore to a more receptive environment. There is evidence that this has occurred, with countries such as Ireland offering incentives to companies to establish there, a policy that appears to be paying dividends for that country.

Restricting intangible exports is not simply a matter of applying conventional customs law to a new method of transport. There are no customs officers on the electronic borders, in fact the very notion of borders becomes problematical in view of the fact that it is almost as easy to store files on a computer on the other side of the world as on one's desk. Enforcement of any such regulations is therefore well nigh impossible and an unenforceable law might as well not be passed.

A further problem is that intangible goods are difficult to distinguish from ideas, and it is hard to imagine a more chilling prospect than that of containing the communication of thoughts. International research collaboration in the mathematics of cryptography would need to come to a virtual standstill and academic freedom would be severely constrained.

Nonetheless, new information from DSD in Australia, suggests that Wassenaar will this year move towards clamping down on intangible exports.

The Future

To date, there has been no announcement by any country about a change in regulations to conform to the revised Wassenaar Agreement. Australia had initially been expected to move quickly but no changes have been announced to date. However, the recent awarding of an export license to the new Australian subsidiary of RSA is seen by some as a softening in attitude that may augur well for the winds of change to sweep through the corridors of the Defence Department.

France has recently made a dramatic turnaround in its attitude towards cryptography. Previously a nation with one of the most restrictive laws banning even domestic use of cryptography, the country has recently announced a reversal of policy and now endorses strong encryption for all. This is believed to be prompted by a perception, founded on firm evidence, that the US is eavesdropping on the entire planet and that other nations need to protect themselves from the tappers.

It remains to be seen whether these actions might be but the first signs of a global breakaway movement.

Acknowledgements

We would like to acknowledge the work of the national crypto campaign coordinators, members of GILC and others, without whom the International Crypto Campaign would not have occurred.

References

[1] International Cryptography Campaign Home Page http://www.efa.org.au/wassenaar/

[2] Review of Policy Relating to Encryption Technologies. The Walsh Report. http://www.efa.org.au/Issues/Crypto/Walsh

[3] Distributing encryption software by the Internet: Loopholes in Australian export controls. Patrick Gunning, Mallesons Stephen Jacques, 1998. http://www2.austlii.edu.au/itlaw/articles/Gunning_Encryption.html

[4] Erich Moechel, "Wassenaar on the Danube" http://www.heise.de/tp/english/inhalt/te/1535/1.html

[5] Erich Moechel's Wassenaar reporting (in German) http://www.telepolis.de/bin/tp/issue/search.pl?language=deutsch&autorname=Moechel&suchbegriff=Wassenaar&ok.x=39&ok.y=10

[6] Wassenaar Secretariat, Vienna,, Austria. http://www.wassenaar.org

[7] Electronic Frontiers Australia http://www.efa.org.au

[8] EFA Cryptography Campaign http://www.efa.org.au/Campaigns/crypt98.html

[9] Australian Controls on the Export of Defence and Strategic Goods. http://www.dod.gov.au/dao/exportcontrols/greenbk/guidelin.htm

[10] PGP2.6.3i is available from the Australian Defence Force Academy (ADFA) ftp://ftp.adfa.edu.au/pub/security/pgp263i/download.html

[11] The Wassenaar Arrangement and Controls on Cryptographic Products Dr. Brian Gladman, 1998. http://www.seven77.demon.co.uk/wassenaar.htm

[12] Dr Brian Gladman, "Wassenaar Controls, Cyber-Crime and Information Terrorism" http://www.cyber-rights.org/crypto/wassenaar.htm

[13] Global Internet Liberty Campaign http://www.gilc.org/ and http://www.gilc.nl/ [GILC European mirror]

[14] Irish White Paper on Cryptography Policy http://www.irlgov.ie/tec/html/signat.htm

[15] GILC Member Declaration calling for the removal of cryptography export restrictions from the Wassenaar Arrangement http://www.gilc.org/crypto/wassenaar/gilc-statement-998.html

[16] International Cryptography Campaign Press Coverage http://www.efa.org.au/wassenaar/press.html

[17] Companies and Associations supporting the GILC Member statement http://www.efa.org.au/wassenaar/support/companies.html

[18] Wassenaar Arrangement Control List. http://www.wassenaar.org/list/Table%20of%20Contents%20-%2098web.html

[19] Extract of December 1998 changes to Wassenaar cryptographic controls. Electronic Frontiers Australia. http://www.efa.org.au/Issues/Crypto/wass98.html

[20] Known mirrors for the crypto archive movement http://jya.com/crypto-free.htm

[21] Minimal Key Lengths For Symmetric Ciphers To Provide Adequate Commercial Security. A Report By An Ad Hoc Group Of Cryptographers And Computer Scientists http://www.bsa.org/policy/encryption/cryptographers_c.html

About the Authors

Dr Michael Baker is a Consultant Systems and Software Engineer with Adacel Technologies Ltd in Adelaide, and a Board Member of Electronic Frontiers Australia. Email: mbaker@pobox.com, URL: http://pobox.com/~mbaker

Erich Moechel is a freelance journalist and an Internet consultant in Vienna, and publisher of the daily news filter, q/depesche Email: erich-moechel@quintessenz.at, URL: http://www.quintessenz.at

Greg Taylor is IT manager with AGEN Biomedical Ltd in Brisbane and Vice Chair of Electronic Frontiers Australia. Email: gtaylor@efa.org.au, URL: http://www.gil.com.au/~gtaylor