I believed then, and continue to believe now, that the benefits to our security and freedom of widely available cryptography far, far outweigh the inevitable damage that comes from its use by criminals and terrorists. I believed, and continue to believe, that the arguments against widely available cryptography, while certainly advanced by people of good will, did not hold up against the cold light of reason and were inconsistent with the most basic American values.

The people working in my field also are quite skeptical of our ability to do this. It ultimately boils down to the problem of building complex systems that are reliable and that work, and that problem has long predated the problem of access to encryption keys.

Clipper took a relatively simple problem, encryption between two phones, and turned it into a much more complex problem, encryption between two phones but that can be decrypted by the government under certain conditions and, by making the problem that complicated, that made it very easy for subtle flaws to slip by unnoticed. I think it demonstrated that this problem is not just a tough public policy problem, but it's also a tough technical problem.

When the September 11th attacks happened, only about a year later, the crypto community was holding its breath because here was a time when we just had an absolutely horrific terrorist attack on U.S. soil, and if the NSA and the FBI were unhappy with anything, Congress was ready to pass any law they wanted. The PATRIOT Act got pushed through very, very quickly with bipartisan support and very, very little debate, yet it didn't include anything about encryption.

It may be true that encryption makes certain investigations of crime more difficult. It can close down certain investigative techniques or make it harder to get access to certain kinds of electronic evidence. But it also prevents crime by making our computers, our infrastructure, our medical records, our financial records, more robust against criminals. It prevents crime.

It's only after you get down into the technical weeds - and they are admittedly rather weedy - that it becomes clear that this is much harder than it seems and not something we're going to be able to solve.

If we try to prohibit encryption or discourage it or make it more difficult to use, we're going to suffer the consequences that will be far reaching and very difficult to reverse, and we seem to have realized that in the wake of the September 11th attacks. To the extent there is any reason to be hopeful, perhaps that's where we'll end up here.