Tech Bytes: Stronger Encryption Approved for Export

V-One Corp., provider of the SmartGate data security system, said it has obtained Department of Commerce approval to export strong forms of data encryption.

V-One, closely allied with MCI Communications Corp. and counting several major banks among its customers, joins a growing list of technology vendors able to export levels of cryptography that had been restricted by the U.S. government for military and law-enforcement reasons.

But V-One's approval adds a new wrinkle: It does not necessarily require that a trusted third party, or "key escrow agent," serve as custodian of encryption keys. Under a key escrow system, the agent, if subpoenaed or otherwise legitimately entreated, would relinquish the keys to decipher the encrypted data.

V-One, with what it calls Trusted First Party, leaves control of the keys within the user company. Though they are similarly subject to court orders, they are not limited to 56-bit key lengths, the current government- sanctioned maximum for key escrow systems.

"We feel that key escrow in a third-party, glass-house environment carries the risk of compromise," said V-One senior vice president James Heerwagen. "The first-party approach gives key recovery capability to the end user and enables use of keys of any length."

V-One president James Chen added that the approach sets the company up as a single-source, full-service vendor that can seamlessly support a multinational company's security architecture.

"I've been predicting for several years that government key escrow and escrow with trusted third parties would not be acceptable in the marketplace," said Jim Bidzos, president of RSA Data Security Inc., the leading provider of encryption algorithms. "It appears that the U.S. government has accepted the V-One type of approach as the best compromise. In my opinion, it also happens to be the best balance of commercial and government concerns."