Skip to main content

1998 Statements on Cryptography, Mail Message, December 1998.
statement-iab-1998-statements-on-cryptography-00

Document Type IAB Statement
Title 1998 Statements on Cryptography, Mail Message, December 1998.
Published 1998-12-18
Metadata last updated 2023-08-09
State Active
Send notices to (None)
statement-iab-1998-statements-on-cryptography-00

1998 Statements on Cryptography

Subject: Harmful changes to Wassenaar Arrangement
Date: Fri, 18 Dec 1998
From: The IAB

The IAB and the IESG deplore the recent changes to the Wassenaar

Arrangement (http://www.wassenaar.org) that further limit the

availability of encryption software by including it in the Wassenaar

agreement’s list of export controlled software (section 5.A.2.a.1

of the list of dual-use goods, WA LIST 98 (1)). As discussed in

RFC 1984, strong cryptography is essential to the security of the

Internet; restrictions on its use or availability will leave us

with a weak, vulnerable network, endanger the privacy of users and

businesses, and slow the growth of electronic commerce.

The new restrictions will have a particularly deleterious effect

on smaller countries, where there may not be enough of a local

market or local expertise to support the development of indigenous

cryptographic products. But everyone is adversely affected by

this; the Internet is used world-wide, and even sites with access

to strong cryptographic products must be able to talk to those who

do not. This in turn endangers their own security.

We are happy that the key size limit has been raised in some cases

from 40 bits to 64; however, this is still too small to provide

real security. We estimate that after a modest capital investment,

a company or criminal organization could crack a 64-bit cipher in less

than a day for about $2500 per solution. This cost will only drop

in coming years. A report released about three years ago suggested

that 90-bit keys are the minimum for long-term security.

We are happy that the key size limit has been raised in some cases

from 40 bits to 64; however, this is still too small to provide

real security. We estimate that after a modest capital investment,

a company or criminal organization could crack a 64-bit cipher in less

than a day for about $2500 per solution. This cost will only drop

in coming years. A report released about three years ago suggested

that 90-bit keys are the minimum for long-term security.

Brian Carpenter (IAB Chair) 
Fred Baker (IESG and IETF Chair)


Subject: IAB statement on “private doorbell” encryption
Date: Thu, 15 Oct 1998
From: The IAB

The IAB and IESG are concerned by published descriptions of the

“private doorbell” approach to resolving the encryption controversy.

Essentially, the private doorbell requires that encryption and

decryption be done at a gateway, rather than at an end system; see

http://www.cisco.com/warp/public/779/govtaff/policy/paper/paper_index.html

for one description. This is in conflict with the “end-to-end”

principle, a fundamental tenet of the Internet architecture. While

there is certainly a place for gateway-based encryption in some

circumstances, to require it in all places (and to exclude end-to-end

encryption) would warp the protocol structure. Furthermore, it

offers a significantly lower level of security, in that there is

no longer protection against inside attacks, which by all accounts

are a serious threat.

In addition, putting all security at the gateway ignores the need

for different levels of protection in different situations. For

some applications, encryption to the gateway may suffice. Others

may require encryption and cryptographic authentication of the

individual machine or even user. Should a strong encryption

algorithm be used, or a very efficient one? It is very difficult

to make these decisions anywhere but the end-system. But the

“private doorbell” scheme would block deployment of such fine-grained

protection.