Install

Get the latest updates as we post them — right on your browser

. Last Updated: 07/27/2016

Attacks Open Encryption Debate

NEW YORK -- In a terror-induced climate of heightened electronic vigilance, debate is brewing over whether makers of encryption software should be obliged to provide law enforcement with the keys to open scrambled messages.

Encryption supporters thought they had won the battle two years ago when the U.S. government decided to permit the export of full-strength encryption software without requiring programmers to hand over spare keys.

The Sept. 11 attacks changed the atmosphere, and at least one U.S. politician has since called for making keys available. U.S. intelligence says Osama bin Laden's terrorist organization has used e-mail and encryption to communicate.

Agents monitoring e-mail traffic may know two suspected terrorists are talking but can't determine what they are saying. Giving government the keys could help before terrorists strike, says Gene Poteat, president of the Association of Former Intelligence Officers.

"You have to be quicker on your feet," Poteat said. "You have to have the keys to be able to intercept the messages quicker."

For decades, the U.S. government tried to keep encryption from the private sector and foreigners. But mathematicians outside government developed it independently in the 1980s -- and Pretty Good Privacy encryption software was released in 1991 in the United States.

The government then tried to block its export and sought to require a "back door" accessible to law enforcement and intelligence agencies. Under some "key escrow" systems proposed, users encrypting messages would turn over a copy of their keys to a third party, or software manufacturers would build in a second key that law enforcement could use with a warrant.

Technologists denounced key escrows as costly, misguided and risky.

Former President Bill Clinton's administration relented in September 1999, relaxing export controls.

The debate remained dormant until Sept. 13, two days after terrorists believed tied to bin Laden hijacked and slammed airliners into the World Trade Center and the Pentagon.

That's when Senator Judd Gregg said software manufacturers had an obligation to give law enforcement "the technical capability to get the keys to the basic encryption activity."

FBI and CIA officials have refused comment on whether terrorists used encryption to plan the recent attacks, or whether having a back door could have helped thwart the catastrophe.

Despite the challenges of encryption, law enforcement agents have found novel ways to read scrambled messages.

"There's always a weak link," said Bruce Schneier, a crypto expert with Counterpane Internet Security Inc. "The FBI has lots of ways in."

Frank Gaffney, an assistant defense secretary in the Reagan administration, acknowledges that agents have other options. "But it's exceedingly time-consuming and computer-power intensive," Gaffney said. "That's not feasible in the kind of environment we're talking about."