Dan Bernstein's Attempt to Publish Snuffle and The Legal Issues Raised

Jo-Anne M. Kokoski

Paper for MIT 6.805/STS085: Ethics and Law on the Electronic Frontier, Fall 1995

In this increasingly electronic world, on-line privacy is becoming a key issue. The amount of potentially sensitive information available on-line is growing everyday. Everything from bank account and credit card numbers to email is subject to theft on-line by unscrupulous hackers. Not surprisingly, there has been an increase in the interest in encryption techniques available for use in protecting privacy. The field of cryptography, in fact, is concerned with these issues. Defined as the science and study of secret writing, cryptographers develop ways by which communication and data can be encoded to prevent disclosure through eavesdropping and message interception. Due to exporting laws currently in place in the United States, however, many academics are being barred from publishing their work in the field of cryptography. The constitutionality of these export controls is currently being questioned in several court cases. One case in particulat, Dan Bernstein's attempt to publish Snuffle, is chronicled here, including a discussion of the specific legal issues raised by the case.

In 1990, Daniel J. Bernstein, a graduate student in mathematics at the University of California at Berkeley, designed Snuffle, a system which converts a one-way hash function into a zero-delay private-key encryption system, also known as a cipher. Its use is intended, for example, for the exchange of text between two people who have previously exchanged keys, when those keys are combined with a one-way hash function. "Zero-delay" means that the technique can be used in interactive conversations, in which case each character a participant types can be encrypted, sent to the other participant, and immediately decrypted.

Bernstein then decided that he wanted to publish his procedure in order to solicit academic opinions on the technique. His intent was to publish the algorithm, a paper describing and explaining the algorithm, and a computer program that runs the algorithm, in an international electronic conference known as "sci.crypt", which would initiate contact with the world's academic community. After consultation within the field, however, Bernstein discovered that he would need the permission of the State Department to publish his work, despite the fact that Snuffle was not developed for any government agency of with any government funding.

The reason that publication permission is required is that the government has designated cryptographic software as a 'munition' according to the International Traffic in Arms Regulations (ITAR). This essentially means that the government treats cryptography the same way it treats a physical weapon, and therefore regulates its distribution. Any individual or company that wishes to publish, or export, any such information must first obtain a license from the State Department. Each receiver of the licensed material, by the terms of the license, must be tracked and reported to the government, to insure that no foreign person receives the information. Penalties for violating these rules include a one million dollar criminal fine, ten years in jail, and civil fines.

In accordance with this policy, Bernstein wrote a letter to the Department of State on 30 June 1992, rquesting Commodity Jurisdiction--essentially permission to export snuffle 5.0 (the implementation of Snuffle) as well as the documentation of the implementation, with transfer of jurisdiction over the software to the Commerce Department. In this letter, Bernstein said: "In effect what I want to export is a description of a way to use existing technology in a more effective manner. I do not foresee military or commercial use of Snuffle by anyone who does not already have access to the cryptographic technology contained in...I do foresee practical use of Snuffle bythose who do have such access, in particular for the purpose of interactively exchanging encrypted text." (Bernstein, 6/30/92)

On 20 August of the same year, Bernstein received a response from William B. Robinson, Director of the Office of Defence Trade Controls. In it, Robinson relayed the Department of State's decision that Snuffle is subject to the licensing jurisdiction in accordance with ITAR. Robinson said: "This commodity is a stand-alone cryptographic algorithm which is not incorporated into a finished software product. As such, it is designated as a defense article under U.S. Munitions List Category XIII (b) (1). Licenses issued by this office are required prior to export." (Robinson, 8/20/92)

Based on this response, Bernstein was afraid that his paper about the algorithm was attached to the software and was denied for that reason, and therefore resubmitted five separate requests asking separately if he could publish the encryption source code, the decryption source code, an English explanation of how to encrypt, and English explanation of how to decrypt, and the original paper. The State Department combined and summarily denied all five requests. On 22 September 1993, Bernstein appealed his initial request. A response was never received from the State Department.

ITAR regulations require government action on any such appeal requests within thirty days of the receipt of the appeal. After fifteen months without a response, Bernstein contacted the Electronic Frontier Foundation (EFF). As a result, the EFF decided to sponsor Bernstein in a federal lawsuit that seeks to stop the government from restricting publication of cryptographic documents and software.. That suit, #C95-0582-MHP, was filed on 21 February 1995 in the Northern District of California, and includes amond its defendants the Departments of State, Defense and Commerce, as as the National Security Agency and the Arms Control and Disarmament Agency. The suit alleges that the ITAR export control law is unconstitutional, since it is essentially prior restraint on publishers protected by the First Amendment. In addition, the suit maintains that the current State Department regulations exceed the authority granted by the law, and that the actual practices of the agencies exceed the authority granted by their own regulations and the law.

Since then, little progress has been made. The government has moved to dismiss the case on justiciablity, in the hopes of showing that the case cannot be brought before the court, and that software is not protected by the First Amendment. On 20 October of this year, an oral hearing was held on the government's motion. The judge has not yet issued a ruling, although one is expected shortly.

The suit raises many issues that are intmately connected with the regulations in question. One of the most important is the allegation that members of both the academic and commercial communities are increasingly afraid to publish work on cryptography for the fear of liability under these regulations. As a result, information is not being disseminated and discussed openly, and it is difficult to track advancement in the field. Bernstein himself, for example, is wary of even of attempting to publish cryptographic works again as a consequence of his own experience.

At a time when encryption techniques are coming to the forefront of American computer culture, it is essential that these ideas be discussed openly in public debate. Cryptography is becoming a highly sought after public commodity as more and more people use private networks, but advances can not be published for fear of exportation. Although Congress has recently considered legislation that would eliminate many of the current restrictions on cryptographic publications, none has been implemented. This suit is an attempt to hasten this process by bringing the constitutionality of the regulations up for scrutiny and debate.

Before beginning to analyze the laws in question in this suit, it is important to clearly define the key terms in the issue. "Export" is defined by ITAR as follows: "Disclosing (including oral or visual disclosure) or transferring technical data to a foreign person, whether in the United States or abroad." "Foreign person", therefore, is defines as "anyone who is not a lawful permanent resident under 8 U.S.C. 1101 (a) (20) or who is not a 'protected individual' under 8 U.S.C. 1324b (a) (3). This section defines 'protected individual' to include U.S. citizens and certain lawfully admitted aliens." ITAR also define "software" as follows: "Software includes but is not limited to the system functional design, logic flow, algorithms, application programs, operating systems and support software for design, implementation, test, operation, diagnosis and repair." (Section 2, #45-47, #C95-0582-MHP)

One of the key ITAR sections at issue is 120.3, which delineates the policy for designating and determining articles as defense articles and services. The criteria listed maintain that an article or service "can be designated a defense article or service if it: a) is specifically designed, developed, configured, adapted or modified for a military application, and i)does not have predominant civil applications, and ii) does not have performance equivalent (defined by form, fit and function) to those of an article or service used for civil applications; or b) is specifically designed, developed, configured or modified for a military application, and has significant military or intelligence capability such that control under this subchapter is necessary." (Section 5, #54, ibid) Furthermore, by ITAR 120.4, the government is required to "provide a preliminary response within 10 working days of receipt of a complete request for commodity jurisdiction. If after 45 days the Office of Defense Trade Controls has not provided a final commodity jurisdiction determination, the applicant may request in writing to the Director, Center of Defense Trade that this determination be given expedited processing." (Count II, #106, ibid) With this preliminary outlining of the issues in contention, the question of constitutionality can be examined.

The constitutionality of the export control laws in ITAR have been the subject of discussion since at least 1978, when then Assistant Attorney General John M. Harmon authored a memo entitled "Constitutionality Under the First Amendment of ITAR Restrictions on Public Cyptography". In this memo, Harmon questioned the applicability of ITAR to cryptographic information developed in the private sector independant of government support and supervision. The memo says, in part: "Even if it is assumed that the government's interest in regulating the flow of cryptographic information is sufficient to justify some form of prior review process, the existing prior review provisions we think fall short of satisfying the strictures necessary to survive close scrutiny under the First Amendment." (Foerstel, 116)

It seems that the heart of the issue is how great a threat to national security cryptographic techniques are. Obviously, the government is frightened because computerized methods for sending coded messages has made the job of intelligence gathering far more difficult. There is concern that terrorist, drug traffickers, and hostile foreign governments could obtain encryption software and communicate through undecipherable coded messages. The flaw with this reasoning, however, is that it assumes that the academic publications, such as the one Bernstein is proposing, are the only means these people have of obtaining the software. This is a naive view; although the government may think that it is at least making the process of obtaining this information more difficult for these hostile entities, the truth is, these people are powerful and focused. They will find ways to encrypt their messages even if Bernstein can't publish Snuffle. The people who are suffering are the academics like Bernstein, and the general, inncocent public that could benefit from these encryption techniques. Just as banning handguns is not going to stop gun fights on the city streets, banning the export of cryptographic materials does not eliminate the use of cryptography by foreign persons, hostile or not.

One of the chief problems with ITAR is that its definitions are far roo broad for universal understanding of exactly what it applies to. One court held that "an expansive definition of technical data could seriously impede scientific research and publishing and the international scientific exchange." Even the Department of Defense admitted that "the ITAR, if enforced to the letter, would cover virtually everything done in the United States." (Foerstel, 156) Bernstein's suit alleges that ITAR fails "to give adequate notice to people of ordinary intelligence concerning the conduct they proscribe. Accordingly, they fail to give fair warning to the innocent, they are susceptible to arbitrary and discriminatory enforcement, and they operate to inhibit the exercise of First Amendment freedoms by creating a chilling effect on constitutionally protected free speech." (Count V, #135, #C95-0582-MHP) The ITAR was drafted broadly so that it would extend to private commercial transactions across national boundaries as well as noncommercial expression or communication of technical information in public settings such as conferences and symposia. Ruth Greenstien, former Associate General Council for the National Science Foundation, maintains that export controls are deliberately written broadly to ensure that anything of importance can be controlled. As a result, they ultimately restrict information that is a best remotely or indirectly related to national security concerns. "The difficulty is increased by the nature of the current regulatory controls, which constitute a 'prior restraint' on communication. That is, current export controls seek not merely to punish offending communications, but also to prevent communications before they take place. Courts have long found prior restraint more obnoxious than other forms of regulation of speech." Greenstein goes on to explain the effect this prior restraint is having on protected speech, by shifting the burden of justifying communication on the scientist. "This shift may have a 'chilling effect' on protected speech. A system that requires scientists to become entangled in government bureaucracies may discourage them from working in controlled areas of research. The effect may be to suppress not only the speech the controls are designed to suppress, but also speech beyond the scope of controls. The fear of being called upon to defend one's actions, precisely the position many scientists believe they are in, must necessarily [lead them to] steer far wider of the unlawful zone than if the state must bear these burdens." (Foerstel, 159-60)

Goldstein eloquently captures the problems associated with ITAR's restriction on publication. The government, through these ITAR export regulations, is suppressing the academic community in particular in ways it is not justified to. In essence, the government is violating the First Amendment rights to speak, to publish, to associate and engage in academic inquiry and study. Since ITAR is written so broadly, it is hard to find any justification for the restrictions place on cryptography. The suit alleges: "No adequate governmental justification exists for there prior restraints. The statutes and regulations impose requirements and subsequent civil and criminal penalties grossly disproportionate to any legitimate or compelling governmental purpose and are not justified bu a proper governmental objective. They are justified by neither a rational or a compelling government interest, are not narrowly drawn to express any such interest, and there is no grave, imminent or highly probably harm to any such interest sufficient to justify the imposition of this prior restraint." (Count I, #100, #C95-0582-MHP)

Upon reading through Bernstein's suit, I found myself agreeing with most of the point that were made. It seems apparent to me that cryptographic materials should not be included in these restrictions: however, I have a hard time accepting one point that Bernstein's suit alleges. The suit alleges that Bernstein's writing regarding Snuffle are political speech. The passage is this: "Plaintiff's scientific paper, algorithm and computer program adapt existing exportable authentication technology in order to allow encryption. They were designed to point out the futility of attempting to decontrol authentication while continuing to control cryptography, by showing how the techniques for both are largely the same so authentication algorithms and computer programs can be easily transformed to perform encryption tasks." (Section J, #84, ibid) In all the material I have read regarding this case, including Bernstein's correspondence, I have never seen anything that even hinted at this intent. Granted, I cannot read the actual documents because they are under the seal of the Court. However, this allegation seems rather weak and lawyer-contrived to me. I don't see the supporting evidence as easily as I do for the other issues. Political speech is afforded the most protection of any speech in the United States, so it is understandable that Bernstein would want to draw a parallel. It seems though, that his other First Amendment arguments are much stronger than this one, and this one should not pursued unless it can be strenghtened.

The issue of the State Department not following its own regulations is also important to this suit. ITAR requires response within thirty days of receipt the completed file; Bernstein waited two months for his intitial response. He is still waiting for a response on his appeal, over a year and half later. The longer Bernstein has to wait, the more he suffers. As an academic, his career advancement depends on the quantity and quality of publications he produces. He's been trying to publish Snuffle, really, since 1992. There is no motivation for people to pursue this kind of 'restricted' research if publication is impossible. It is one thing for the State Department to have rigid rules and regulations for the sake of national security concerns--it's an entirely different case if they don't follow their own rules. Without avenues for judicial review, as well, people like Bernstein are being denied their right to due process. The government is questioning Bernstein's right to bring the suit--they seem unwilling to act his case, neither do they want anyone else to. It seems evident to me that ITAR also violates the constitutional right to due process.

The First Amendment implications of ITAR have not been extensively analyzed in the courts. In United State v. Donas-Botto (1973), the defendants were charged with conspiracy to export technical data under ITAR without a license. The defendants made a motion for dismissal, claiming the inclusion of technical data in ITAR violated the First Amendment. However, the Court struck down the request: "When matters of foreign policy are involved the government has the constitutional authority to prohibit individuals from divulging 'technical data' relating to implements of war to foreign governments." (Foerstel, 157)

In United States v. Edler (9th Circuit, July, 1978), the defendant, Edler Industries, was charged with unlicensed export of technical data to a French aerospace firm. The trial was held before a jury and the defendant was found guilty. On appeal, Edler contended that the Munitions Control Act and the ITAR were too vague and imposed unconstitutional prior restraint. The court held, however, that they were constitutional provided they "prohibit only the exportation of technical data signifcantly and directly related to specific articles on the Munitions list." The Ninth Circuit further ruled that this construction focused only on the control of conduct, but cautioned that failure to comply with the ITAR licensing scheme may be punished only when the violator knowingly aids and abets a foreign country in the manufacture and use in certain items of war. (Foerstel, 158)

The problem with applying these cases to the current Bernstein situation is that the times and situations are so different. The cases listed above were specific incidents of material that could be used in physically producing items of war. Cryptography is a different class of 'munitions'. First and foremost, it is something that has definite commercial applications by everyday citizens. This is a quality that is lacking in the previos cases. Also, the rapid increase in dependence on the electronic medium for the workings of business and personal life make the techniques discussed in this suit genuinely and immediately applicable in the civil sector.

It is hard to predict at this point which way this suit will go. It seems likely that the court will take up the case. Should that happen, it will probably be several years before any kind of resolution is seen. I think it is necessary for Congress to take up the issue and reconsider abolishing or reforming these restrictions through legislation. I don't think that current ITAR export controls will withstand the examination of First Amendment rights that this suit is going to bring. It is obvious that something needs to be done. With the current level of restrictions, publication within the field of cryptography will stagnate. With the development of the on-line world continuing at the rate it is, we can't afford to let this happen.

Dan Bernstein said, "For the crime of setting Snuffle down on paper, I am an arms manufacturer, and I must register with the State Department--or so I am told by DTC, the Office of Defense Trade Controls. DTC also insists that it would be a felony for me to publish Snuffle without their blessing and approval." (Bernstein, 7/30/93) It seems ridiculous, but that is what this whole thing comes down to. To insure that no other academics find themselves in the same position, these ITAR export controls must be re-evaluated. We are not living in the same world we were when these regulations were written and implemented. The Cold War has ended, the Electronic Age has begun, and we need to re-evaluate what are national security priorities are. ITAR is one place to start.

Works Consulted

Foerstel, Herbert N. _Secret Science_. Praeger Publishers, Westport, CT. p.113-17, 156-60.

The following documents were found from the Home Page of the Electronic Frontier Foundation: http://www.eff.org/pub/EFF/Policy/Crypto/ITAR_export/Bernstein_case/ftp.eff.org

Correspondence between Dan Bernstein and the State Department

"EFF Sues to Overturn Cryptography Restrictions"

O'Connor, Rory J. "Mathematician Challenges U.S. Lid on Encryption Software"

In The United States District Court, Case Number C95-0582-MHP Original Court papers filed as well as Defense Papers Filed in Opposition to the Suit