NCPA - National Center for Policy Analysis

Terrorism and Encryption Technology

September 20, 2001

The terrorist attack on the U.S. has led to renewed calls for law enforcement agencies to have "backdoor" access to e-mail messages and other documents encoded with cryptographic software. This would require manufacturers to give the government "keys" that would fit "locks" in encoded messages. But computer scientists say that trying to control encryption may be a waste of time and effort.

  • Encryption uses mathematical keys to scramble and unscramble a message.
  • Terrorists, they say, are far more likely to use steganography, which involves obscuring messages from detection in the first place, as well as straightforward codeword-based messages.
  • Although encrypted messages are nearly impossible to decipher, they do reveal to the authorities who is talking to whom, which can be crucial intelligence; by contrast, steganography makes the message "disappear" altogether.

A modern steganographic technique is to hide messages within the data comprising ordinary-looking web images. The effect is the same as having a pre-agreed code word -- unless you know exactly where to look the message is undetectable.

During the 1990s, exporting cryptographic tools from the U.S. was restricted and some programs were even classified as munitions.

But experts say encryption is more relevant to protecting individual privacy than enabling terrorists. And cryptography can protect political dissidents from the surveillance of oppressive regimes. Also, weakening encryption could seriously damage confidence in electronic commerce which relies on encryption to secure transactions conducted over the Internet.

Source: Will Knight, "Controlling encryption will not stop terrorists," New Scientist, September 18, 2001.


Browse more articles on Government Issues