Software giant Microsoft Corp. has joined the ranks of computer companies using a software security system that has sparked concern among some government crime fighters.
The system is being deployed by a growing number of computer makers and software publishers -- including Digital, Lotus and Novell -- to protect and authenticate electronic mail messages and documents stored in computers. It can be used to create a "digital signature" on a message or document and to protect electronic mail from eavesdropping.
Last week, Microsoft Corp. said it has obtained a license to use the system, which was developed by RSA Data Security Inc. of Redwood City, Calif.
Such security measures have raised the hackles of some government agencies, which think the technologies could permit criminals and foreign agents to hide illegal activities.
A counterterrorism bill introduced in January by Sen. Joseph R. Biden Jr., D-Del., includes a resolution that calls on phone companies and computer equipment makers to permit the government to obtain unscrambled voice and data transmissions. The RSA technology would not provide the government such access -- what cryptographers call a trapdoor.
The RSA security standard, now being widely adopted commercially, may also conflict with a separate government effort to set such a standard. In 1987 the National Institute of Standards and Technology, a Commerce Department agency, was given congressional authority to set standards for computer security.
That effort is supposed to be conducted in consultation with the National Security Agency. But the resulting standard, which was to be announced in September, has been delayed.
Some industry executives have said the delay reflects discussions about the trapdoor issue. Privacy advocates have long said the National Security Agency has frequently attempted to delay or undermine improvements in commercial security standards because such technology complicates the agency's task of electronic surveillance of foreign governments.
"People are not going to wait for the government," said Jim Bidzos, president of RSA Data. "It's already too late. Industry has already made its decision."