Home>ANALYSIS>China Prepares for CBDC With Cryptography Law on Encryption Standards
ANALYSIS

China Prepares for CBDC With Cryptography Law on Encryption Standards


On Jan. 1, China’s law governing cryptographic password management came into power. Essentially, the act aims to set standards for the application of cryptography and the management of passwords, and, therefore, ultimately reduces China’s cyber vulnerabilities on a nationwide scale. 

Some local media outlets rumor that the law is paving the way for the long-awaited release of China’s central bank digital currency, although it does not make any explicit references in that regard. Meanwhile, the private sector is worried about the anonymity of its data.

The law outlines three separate kinds of encryption but provides little information beyond that

The initial draft of China’s Cryptography Law was released in April 2017, months before the local government rolled out the blanket ban on cryptocurrencies. Nevertheless, the law has nothing to do with digital assets, and it never even mentioned Bitcoin (BTC) or any other cryptocurrencies. Instead, it focuses on cryptography: items and technologies that are used to encrypt or certify data. 

More specifically, the act divides passwords into three separate categories — core passwords, common passwords and commercial passwords. Under the new law, core and common encryption are required for systems that transmit and store state secrets, while the commercial encryption is intended for business and private use. 

Furthermore, it stipulates that the development, sale and use of cryptographic systems “must not harm the state security and public interests.” Moreover, all such systems must be examined and authenticated by the government before they’re used. The bill was passed by the Standing Committee of the 13th National People’s Congress in China on Oct. 26.

There is little information on the Cryptography Law beyond the above-mentioned encryption classifications and general conditions, says Sale Lilly, China Policy Analyst and Professor of Blockchain Technologies at the Rand Corporation, a nonprofit global policy think tank. As Lilly explained to Cointelegraph, the ambiguity comes from the fact that the act defines core and common encryption techniques as a state secret:

“The passwords are to adhere to a particular cryptographic standard, for example the U.S.’s NSA intelligence organization commonly cites SHA 256 as strong hash function, the PRC might adopt something similar based on the State Cryptographic Administration advice. Because the Cryptographic Law is ambiguous on the crypto standard (we don’t know if it’s simply hash standards or something more comprehensive) I’d say that at a minimum it’s a reasonable guess that the terms ‘Core’ and ‘Common’ crypto refer to an undisclosed hash standard plus cyber hygiene requirements like periodicity of crypto rollover (monthly, weekly etc…).”

As for commercial encryption, private entities will continue to be allowed to operate under separate standards subject to audit by the State Cryptographic Administration, says Lilly. “As written, the law does not state that the Chinese government would hold private keys to commercial encryption tools,” he stresses, adding:

“There is a lot of language included in the latter third of the bill aimed at reassuring commercial vendors that these audits (even of foreign registered firms) will not require the firm to turn over source code, which seems a savvy move by the National People’s Congress law authors.”

Nevertheless, some lawyers are worried that it could not be the case. For instance, Steve Dickinson of China Law Blog, a regional outlet curated by international law firm Harris Bricken, writes that “inviting foreign providers and users of cryptography is just a trap for the unwary,” as the new law allegedly allows foreign encryption systems to be sold in China, “provided that the systems have been approved and certified through a certification system that has not yet been described.” Thus, the blog’s author argues:

“Once data crosses the Chinese border on a network, 100% of that data will be 100% available to the Chinese government and the CCP. Cryptography may work well to prevent access by the public, but all this data will be an open book to the PRC government.”

Moreover, Dickinson argues that most firms encrypt their data with open-source software, like GNU Privacy Guard (GPG), whose essential purpose is to allow companies and individuals to keep their information away from state actors. The issue, therefore, is whether the government will allow the use of GPGs:

“If the answer is no, then the entire set of provisions for foreign encryption systems are completely meaningless. If the answer is yes, then the designation ‘commercial’ has no meaning.”

Similarly, other researchers opine that if firms start using a Chinese-owned software service, all of their data stored and managed by that service can be seized by the government under the new act.

Will the new law pave the way for CBDC?

China seems to be firm on its way to become the first country to issue a CBDC. The project has been in development for five years, but it reportedly accelerated last year when Facebook’s Libra was officially unveiled. 

The potential release of the digital yuan would fall in line with the general “blockchain-before-Bitcoin” attitude championed by the Chinese government — unlike a private, decentralized cryptocurrency, the CBDC will be controlled by the People’s Bank of China and backed one-to-one by the country’s fiat reserves.

In December 2019, Chinese media reported that the central bank was planning to conduct the first real-world test of its CBDC, while earlier this week, the PBoC issued an official statement confirming that it is “progressing smoothly” with the government-backed currency.

Related: Five Countries Where Crypto Regulation Changed the Most in 2019

Lilly told Cointelegraph that the law “is highly complementary to many of the efforts and tasks required to roll out a CBDC,” and that it covers key Chinese players who participate in implementing the digital yuan, namely the PBoC, the State Administration for Foreign Exchange and the Ministry of Finance, all of which will be required to unify their encryption standards along with the rest of the Chinese government.

However, Lilly notes that the CBDC-related progress will depend on the stringency of the “Core” and “Common” encryption levels, which he compares to the United States military’s “Top Secret” and “Secret” concealment levels, respectively — and, hence, how CBDC private keys will be encrypted: 

“If China’s experience in trying to unify government cryptographic standards is anything like the U.S. Military’s experience, higher standards of encryption and trust scale users at a slower rate, so onboarding oracles and trusted agents for a private or permissioned access CBDC blockchain implies a natural trade-off between key security and speed of onboarding digital economy participants; banks, vendors, and a slew of Chinese government entities in tax and finance roles.”

Overall, China is continuing its blockchain-positive, anti-anonymity course with its new Cryptography Law. The country continues to use encryption technologies not only to hide its sensitive data but also to supervise what information private entities might be holding. This is similar to how its CBDC is expected to function — and is exactly what Zuckerberg was warning U.S. senators about back in October.





  • Bitcoin
  • Ethereum
  • Bitcoin cash
  • Litecoin
  • Cardano
  • Dash
  • Stellar
  • Ethereum classic
  • Lisk
  • Tron
  • Neo
  • Qtum
  • Omisego
  • Binance coin
  • Zcash
Scan to Donate Bitcoin to 1J6PGL1oemFb3hxabLygq4WgWx8cbfji1r

Please help us if you can with some Bitcoin

Scan the QR code or copy the address below into your wallet to send some Bitcoin

Scan to Donate Ethereum to 0xA8E701dd11280a98e8F2e0A14064AC829E32D50F

Please help us if you can with some Ethereum

Scan the QR code or copy the address below into your wallet to send some Ethereum

Scan to Donate Bitcoin cash to qrth4e0g93h3gpxex8ycwuxtsa332tha5qvkmlz0g5

Please help us if you can with some Bitcoin cash

Scan the QR code or copy the address below into your wallet to send some Bitcoin cash

Scan to Donate Litecoin to LTxxjySMDtERJhHYJ99UFW9AamAWTwCAZ4

Please help us if you can with some Litecoin

Scan the QR code or copy the address below into your wallet to send some Litecoin

Scan to Donate Cardano to DdzFFzCqrhsopoZLhbouUwh2NvvWMPeFrXQW9vNNpPKrjKbRGyLRN5joJgCeZ6e1MRHtPHeLffpkNpQs5AdDA8qFCZ4gA9bYtaerNQTk

Please help us if you can with some Cardano

Scan the QR code or copy the address below into your wallet to send some Cardano

Scan to Donate Dash to XmAdEHrwiVZJVkAxe8hK5U6HZB59L5yhmK

Please help us if you can with some Dash

Scan the QR code or copy the address below into your wallet to send some Dash

Scan to Donate Stellar to GD4KROE42HPOMT7BT6M27HHLFCOSIXPYY2V3WSCX5FYEWRJDIJQ4RWFT

Please help us if you can with some Stellar

Scan the QR code or copy the address below into your wallet to send some Stellar

Scan to Donate Ethereum classic to 0x5BF3fCAC8deA20CF21C9D0D9d058E00EEfc431Ae

Please help us if you can with some Ethereum classic

Scan the QR code or copy the address below into your wallet to send some Ethereum classic

Scan to Donate Lisk to 15642042552518336132L

Please help us if you can with some Lisk

Scan the QR code or copy the address below into your wallet to send some Lisk

Scan to Donate Tron to TYnAenRiV6BsTiE6FVyAcDDxZtBKUQTFxN

Please help us if you can with some Tron

Scan the QR code or copy the address below into your wallet to send some Tron

Scan to Donate Neo to ATiXRHVqYqrNktbxJfcDETfnrSUWSG4cPb

Please help us if you can with some Neo

Scan the QR code or copy the address below into your wallet to send some Neo

Scan to Donate Qtum to QUYXxY6kX7TY2HSLwVYMwFaJNZLwvX5uyp

Please help us if you can with some Qtum

Scan the QR code or copy the address below into your wallet to send some Qtum

Scan to Donate Omisego to 0xA8E701dd11280a98e8F2e0A14064AC829E32D50F

Please help us if you can with some Omisego

Scan the QR code or copy the address below into your wallet to send some Omisego

Scan to Donate Binance coin to 0xA8E701dd11280a98e8F2e0A14064AC829E32D50F

Please help us if you can with some Binance coin

Scan the QR code or copy the address below into your wallet to send some Binance coin

Scan to Donate Zcash to t1cBCyKgSSqWaNrkpvQZUSTuxMmAbbAyFpZ

Please help us if you can with some Zcash

Scan the QR code or copy the address below into your wallet to send some Zcash



Source link

Review Overview

Summary