Regulation Policy

PRI Study: Encryption Vulnerabilities

The U.S. Export Control Administration and other federal agencies are using export regulations to restrict the manufacture, distribution and use of "strong encryption" software used to secure financial data on computer networks and the Internet. Analysts warn that adding requirements for a "clipper chip" and "key recovery" -- in an effort to combat criminals and terrorists -- would actually make data more vulnerable.

Experts say strong encryption technology becomes rapidly outdated and constant innovation is required to keep ahead of code-breakers.

  • For instance, in 1977, RSA Data Security laboratory engineers developed a 129-digit encryption key that, at the time, would have taken 40 quadrillion years to factor out and break.

  • They predicted the technology necessary to break it would not be available until well into the 21st century; but it was broken in 1994 by an international group of mathematicians in only eight months.

  • By 1997 a group of amateur computer users was able to break a 56-bit key in less than six months.

If data cannot be secured on the Internet, it would hamper the growth of electronic commerce.

  • Forrester Research projected that Internet trade in goods and services would reach $8 billion in 1997, rising to $327 billion by the year 2002.

  • And a "high-end estimate" from the National Research Council pegs the size of the future market at "many tens of billions of dollars [per year]."

Two of the largest funds transfer systems, Fedwire and the Clearing House Interbank Payment System, already process more than 350,000 electronic funds messages a day with an estimated value of $1 trillion to $2 trillion.

Source: Justin Matlick, "U.S. Encryption Policy: A Free Market Primer," March 1998, Pacific Research Institute for Public Policy, 755 Sansome Street, Suite 450, San Francisco, Calif. 94111, (415) 989-0833.

For text http://www.pacificresearch.org/fsheet/encrypt/encryption.html

Home | Support Us | All Issues | Social Security | Debate Central | Contact Us

Dallas Headquarters: 12770 Coit Rd., Suite 800 - Dallas, TX 75251-1339 - 972/386-6272 - Fax 972/386-0924
Washington Office: 601 Pennsylvania Ave. NW, Suite 900 South Building - Washington, DC 20004 - 202/220-3082 - Fax 202/220-3096
© 2001 NCPA