Samuel Cadogan, Journaliste
E-Business- http://ebusiness.org/ Paris/Lyon/Genenve;
|19, Boulevard de Sébastopol
|27 bis cours d'Herbouville
Samuel Cadogan is a French journalist of Irish extraction specializing in new electronic commerce business applications and technologies. He presently works for the independent French newsletter (e)-business, that he helped launch in March '96. He is also a regular contributor to other French and Anglo-Saxon IT publications.
Unique in the western world for it's blanket ban on the use of strong encryption,France also became in February '98 the first country to official institute a scheme of Trusted Third Parties with Key Escrow. However such an implementation has been far from plain sailing. It is also in contradiction with the choices made by it's European partners, most notably Germany. And finally it thwarts the emergence of a pan-european security industry as well as the creation of a secure and interoperable Internet infrastructure.
France's uncompromising stance on encryption reflects, perhaps, in it's purest form, this country's present inability and unwillingness to adapt to and face off the challenges posed by digital globalisation. Before analysing and detailing the context in greater depth it is important to bear one fact in mind: any use, whatsoever, of encryption over the Internet and on French territory, with key length above 40 bits, is completly outlawed...unless used in conjunction with a key escrow mechanism. The consequences of such a draconian policy are dramatic. Not only are French companies, run, on the whole, by civil civil servants renowned for their unflinching "cartesian" thinking, thus even more reluctant to embrace an open public network such as the Internet. But, perhaps even more alarmingly, France'sblanket ban on encryption is diametrically opposed to the approach adopted by it's European partners. The contrast is particularly blatant with the the liberalism "en vigueur" over the Rhine in Germany. This is all the more galling, at a time when, as the 21st centurty dawns, these two countries are supposed to be the driving force paving the way to European economic integration and political unity.
To start with, it is usefull to understand the legislative backdrop. Back in 1990, when data exchanged on Internet was but a mere trickle, the French governement, under the premiership of the socialist Michel Rocard, accomplished a first milestone. In effect article 28 of the law no. 90-1170 on the "Régulation des Telecommunications"  voted on the 29th of December abolished, for the first time, the classication of encryption as a "weapon of war" ("arme de guerre"). However, it wasn't until the 26th of July 1996, just as the Internet was beginning to rear it's head in France, that a further amendment (Article 17) contained in the final bill no.96-659 on "Réglementation des Telecommunications"  was voted by the new right wing administration of Alain Juppé. In effect this officially instituted the mechanism of Trusted Third Party with Key Escrow. In other words any "liberalisation of encryption" was inextricably tied to the emergence of a nationwide infrastructure of Trusted Third Parties, with Key Escrow. The problem being that no commercial entity was willing to take on the cost and complexity of administering key escrow centers. As Thierry Autret, a consultant at Atos (491,8 million Euro in revenues) , one of France's largest computer services companies, pointed it out "To be financially viable the creation of a key escrow system by the French State would entail creating a new tax for each individual French citizen wishing to use strong encryption to protect his private data !"
A potentially highly unpopular decision at a time when the press has been revealing how ex-French president François Mitterrand wantonly abused of wire tapping to listen in on the telephone conversations of journalists, film stars and other unsuspecting members of the public. A classic case of Catch 22. To illustrate further the technical difficulties, let's take the example a key escrow mechanism used with a symmetric encryption algorithm such as Diffie-Helman. In effect, it would mean every single French citizen, bar none, having to transmit to these centers each randomly generated key for each session every time a secure communication channel was established.
Moreover the key escrow centers would have to establish and log the identity of the users as well as the individual session. Hardly surprising then that the last missing piece the legislative jigsaw, know as the "décrets d'application", were only published two years later in February '98. In French law, these "décrets (no. 98-101 et 98-102)"  , were necessary to define the conditions under which the Trusted Third Parites would be designated and how they would operate. Upon their publication in the "Journal Officiel" most of the press here gave the annoucement a knee jerk rapturous welcome. However, on closer inspection they resolved very little. Whilst, it appeared that electronic signatures technologies (without use of encryption) were now free of use as was the transmission of an encrypted "password", (but not the number a credit card number (!)), there was still no indication how these Trusted Third Parties, with key escrow would operate. The conditions for being at all elligible were however defined. In essence, it was necessary to be a French company with at least four staff permanently on site that were veted by the Ministry of Defense.
This last detail points to the real power behind the throne: a shadowy organisation
called the "Service Central de la Sécurité des Systèmes
d'Information"(SCSSI). Retreated in it's bunker on the "rue du Docteur
Zamenhof" in the southern suburbs of Paris, it is presided over by the Général
Jean-Louis Desvignes and is an emanation of the "Secrétariat Général de la
Défense Nationale" (SGDN). It is in theory only answerable to the Prime Ministers'
Office. Some politicians, such as Christian Pierret, actual Minister of Industry, were
foolhardy enough to promise, on repeated occasions, that 56 bit key would be free of use.
But the Général, drapped in the cloak of the French Jacobin State, insisted at
InfoSec'97 in Paris that this would only happen over his dead body. The publication of the
"decret" in February '98, making compulsory escrow mechanisms for any encryption
above 40 Bit,
was therefore a clear victory for the General. Fully aware however that this stalemate could not go on forever, the General was furiously spearheading behind the scenes all through '97, a whacky implementation a key escrow architecture based on the now infamous "Royal Holloway Protocol" . For memory's sake, this scheme was also supported for a short time and then rejected by the British Authorities (GCHQ Protocol).
It in effect implied the creation of pairs of "Trusted Third Parties" who would ensure the tranmission of user B's key to user A. Deployed on a national scale, let alone internationaly, the complexity of such an archictecture is mind boggling. Undeterred, the General enlisted on his crusade France's Sagem SA. (2,5 billion Euro in revenues)  and another major French company (whose identity has not been revealed). But the fact that this year's "decret" (see above) failed to describe the mechanism of key escrow to be used showed that something was amiss. In fact, Sagem's, as well as it's partner, implementation of the "Royal Holloway" scheme predictiably had had to be abandonned as unworkable. Besides the losses incurred in the developement costs, Sagem no longer had any commercialy viable encryption solution on the domestic market!
It is safe then to assume that the publication of the "décret" in February '98, with the covert support of the French press, can be seen esentialy as a stalling manoeuvre. Because in the meantime, the Général Jean-Louis Desvignes had began working with another French company, just as closely tied to the French Ministry of Defense, CS-Telecom (a business unit of the Compagnie des Signaux - 484 million Euro in turnover)  . Their lead crypto developper has confirmed that they are presently working hard on a next generation implementation of the "Royal Holloway" Scheme integrating smart card and PKI. As they say, if you don't succeed try and try again... Even with a meagre penetration of 2.5% of Internet use in France some companies have felt the urge to jump the gun. However on each occasion their permission to use strong encryption has had to be conditionned to the SCSSI himself acting as a Trusted Third Party with key Escrow ! This was the case for example, for the first fully fledged French Web banking site, openned in november '97 by the "Crédit Commercial de France" (CCF)  .
The same procedure applied to the Certification Authority created by the banking and "high-tech" consortium e-Comm  for the French implementation of Visa's and Mastercard's payment protocol SET. This also goes for the Dassault Electronic's (133 million Euro)  and Lagardère's Group's (9,9 billion Euro) Matranet's  respective IP VPN encryption architectures, known respectively as "Dedicace" and "M-Tunnel/M-Wall". As the General Jean-Louis Desvignes remarked himself at last week's InfoSec'98  the only use of strong encryption allowed without key escrow is for GSM mobile telephones and Pay TV decoders ! But paradoxically, the General was being here economical with the truth. Because on 13th of May of this year his services had allowed a relativly unknown French computer services company called Neurocom SA  (the designated integrator for the CCF) to commercialise a java online banking security architecture using a 128 bit algorithm ("NetSecure Web Applet"). No key escrow would be required, but for this company only!!! The explanation lies in the fact that the advent of the Single European Currency combined with many Web sites of European banks (outside France) openly boasting, as a marketing argument, of using strong encryption with their customers the pressure had grown too strong on French politicians. Nonetheless Neurocom had to hand over it's source code and ensure that it's algorithms could not be used for any interpersonnal communication. Not forgetting that this decision gave Neurocom a near monopolistic grip on the French market. So much for market forces !
Although the unravelling of the present franco-french stalemate may be impossible the predict, the consequences on Europe are all too clear. As the number two economic power in the European Union with a GDP of $1,393 billion dollars France plays a pivotal role in any pan-european economic initiative. Therefore, the consequences of it's virtual ban on encryption are above all economic. Firstly, it prevents the creation of a truly secure and interoperable pan-european Internet infrastructure. For example it is difficult to imagine at all autonomous industry wide cost cutting extranets gaining ground in Europe, along the lines of the "Certification Authority Interoperability pilot" launched in June by the Internet Council of the "National Automated Clearing House Association" (NACHA) with five major US banks, or even the "Automated Network Exchange" presently being tested by Ford Motor Corp, General Motors Corp and Chrysler Corp with their respective suppliers. Secondly, it thwarts the emergence of security companies with a true pan-european foothold. As the Danish Minister for IT Jan Trojborg pleaded on April the 23rd at the "European expert hearing on Digital Signatures and Encryption"  "Europe must seize it's chance to unify it's encryption policies to allow the creation of powerfull international crypto champions". Indeed companies such as Germany's Brokat  and Utimaco  or Siemens' Irish spin-off SSE Lmtd , although incredibly dynamic, cannot yet take full advantage from an integrated and unified European market.
But, For France the supreme irony is that its stance on encryption plays right into the hands of the emerging american security behemoths (Security Dynamics Technologies Inc., Network Associates Inc, etc.) as they continue their feverish consolidation and aquisition raids on their own domestic market. And showing how much he hold European security and econmic interests closely to his heart the General Jean-Louis Desvignes, in an unrepentant statement two week ago, went so far as to admit that "should they (The American administration) lift their restrictions on the export of strong encryption nobody will no longer be able to control anything anymore".
 Loi no. 90-1170 du 29 décembre 1990 sur la réglementation des télécommunications www.adminet.com/jo/PTTX9000123L.html
 Loi n° 96-659 du 26 juillet 1996 de réglementation des télécommunication www.telecom.gouv.fr/francais/activ/telecom/reglemen.htm
 décret n° 98-101 du 24 février 1998 www.telecom.gouv.fr/francais/activ/telecom/deccrypto1.htm décret n° 98-102 du 24 février 1998 www.telecom.gouv.fr/francais/activ/telecom/deccrypto2.htm
 The Royal Holloway TTP-based key escrow scheme (PostScript) ftp://ftp.dcs.rhbnc.ac.uk/pub/Chris.Mitchell/istr_a2.ps A Supplementary Analysis of the Royal Holloway TTP-based Key Escrow Scheme Ben Laurie (firstname.lastname@example.org) 16 Nov 1996 www.algroup.co.uk/crypto/rh.html
 www.cie-signaux.fr/ www.cstelecom.com/