The New York Times, August 18, 1995, pp. D1, D6. U.S. to Urge A New Policy On Software Affempt at Compromise On Scrambling of Data By John Markoff The Clinton Administration broke a year of silence on its data-scrambling policy yesterday by saying it would soon propose an alternative to the Government's so-called Clipper Chip system, which has been widely criticized by makers and users of computer technology. The Administration announcement is an attempt to reach a compromise with American corporations on a software coding system that would protect the privacy of communication over computer networks while still permitting court-authorized wiretaps and eavesdropping by law enforcement officials. Critics of the Clipper Chip have opposed it because the Government refused to allow public examination of the underlying technology to make sure there were no secret backdoors that might allow unauthorized spying. Privacy-rights advocates attacked the policy because it called for a Government agency to hold a numeric key to each user's code. And technology executives have opposed the Government's data-scrambling policy because it restricts export of other types of data-security systems, which is seen as an impediment to sales of American computer products overseas. Officials of the Commerce Department's National Institute of Standards and Technology, which administers the data- scrambling standard, said yesterday that the Government would convene a workshop on Sept. 6 and 7 to discuss the new proposal. The topics include a proposal to relax the export policy and discussion of an alternative to Clipper technology that would be more palatable to industry executives. Industry officials had written two weeks ago to Vice President Al Gore, calling for resumption of talks that had broken off last year. In the talks last year industry leaders had met with Government officials to seek Clipper Chip alternatives. "I think that moving ahead with industry dialogue is positive," Robert W. Holleyman 2d, president of the Business Software Alliance, said yesterday. The alliance is a group of the industry's largest software companies, including Microsoft, Lotus and Novell. "But much more needs to be fleshed out," Mr. Holleyman said. One big criticism of the Clipper policy was the proviso that a Government agency would hold, in escrow, a decoding key that law-enforcement officials could obtain after receiving a court's authorization. The new proposal would still include a provision for holding keys in escrow, but Government officials said they were now willing to discuss letting non-Government escrow agents hold the keys. Later in September, the Government will hold a second workshop to discuss Federal standards for software coding systems that could then be used as an alternative to Clipper and a related technology called Capstone. In an attempt to establish Clipper and Capstone as de-facto industry standards, the original policy mandated that computer and communications systems sold to the Federal Government must contain Clipper or Capstone hardware. But the new approach might allow computer and communications companies to sell products to the Government that achieved the same privacy protection through software- only means. That would relieve companies doing business with the Government of the obligation to invest in Clipper and Capstone technologies that might not find buyers in the commercial marketplace. Another criticism of the Government s policy has been its longstanding export rules, which have put strict limits on the export of software containing data-encoding capabilities. The assumption has been that the Government's electronic spies, the National Security Agency, would be able to break codes with keys of 40 bits or shorter. But now the Government will consider allowing export of coding systems with keys up to 64 bits long -- on the condition that decoding keys be held in escrow for access by authorized law-enforcement officials. "This is definitely a compromise," said Ray Kammer, the deputy director of the National Institute of Standards and Technology. "During the past year we've had a pretty spirited debate about the possibility of a 64-bit software key-escrow system. Law enforcement people had to get used to the notion it might be possible to do this." The vulnerability of 40-bit systems was underscored two days ago. A French student decoded a message that had been encoded using the 40-bit security feature in the European version of the Netscape Communications Corporation software for navigating the Internet's World Wide Web service. The student, Damien Doligez, at Ecole Polytechnique, a French engineering and sciences college, used 120 computers in a campus network to simultaneously test every key possible in a short period. It took him eight days, but he was able to decode a single encoded Netscape message. Mr. Doligez announced his achievement on the Internet. Yesterday, Netscape issued a statement saying that the version of its software distributed in the United States supports 128-bit keys, which the company said would require more than one trillion times the computing power the French student used to decode the message. Despite the industry's tentative willingness to accept a key-escrow coding plan, civil liberties organizations and other computer experts said that escrow techniques made little sense in light of the fact that private individuals might use any kind of coding system they wished to exchange information domestically. Encoding systems without escrow keys are also widely available overseas. "How does key escrow accomplish what the Government has set out to do?" asked David Sobel, legal counsel for the Electronic Privacy Information Center, a Washington D.C. public interest group. "Nonescrowed encryption is out there," he said. "And for the concerns law and enforcement and intelligence have, the problem remains and it will remain under this policy."