1993-05-17 - Third time’s the charm

Header Data

From: Eric Hughes <hughes@soda.berkeley.edu>
To: cypherpunks@toad.com
Message Hash: 3a3b8bef4aa2d5baf2b07bce23937ef347b94945c9b1d7ce66f254764b32375f
Message ID: <9305172317.AA05426@soda.berkeley.edu>
Reply To: N/A
UTC Datetime: 1993-05-17 23:20:46 UTC
Raw Date: Mon, 17 May 93 16:20:46 PDT

Raw message

From: Eric Hughes <hughes@soda.berkeley.edu>
Date: Mon, 17 May 93 16:20:46 PDT
To: cypherpunks@toad.com
Subject: Third time's the charm
Message-ID: <9305172317.AA05426@soda.berkeley.edu>
MIME-Version: 1.0
Content-Type: text/plain


OK.  This time this should work.  The previous file had some periods
on lines by themselves; this was causing my sendmail overhere to think
the end of transmission had arrived.  Damn in-band signalling.

Eric
-----------------------------------------------------------------------------
Date: Mon, 17 May 93 14:04:46 PDT
From: jim@RSA.COM (Jim Bidzos)
Subject: [ROBACK@ECF.NCSL.NIST.GOV: Answers to Your Questions]


FYI. NIST has responded to my questions. Feel free to distribute.

-Jim



Date:    Mon, 17 May 1993 16:44:28 -0400 (EDT)
From: ROBACK@ECF.NCSL.NIST.GOV
Subject: Answers to Your Questions
To: jim@RSA.COM
X-Vmsmail-To: SMTP%"jim@rsa.com"


To:  Mr. Jim Bidzos, RSA Data Security, Inc.

From:  Ed Roback, NIST

Mr. Ray Kammer asked me to forward to you our answers to the questions you
raised in your e-mail of 4/27.  

We've inserted our answers in your original message.  

------------------------------------------------------
From:       SMTP%"jim@RSA.COM" 27-APR-1993 03:13:12.75
To:   clipper@csrc.ncsl.nist.gov
CC:   
Subj:       Clipper questions



Date: Tue, 27 Apr 93 00:11:50 PDT
From: jim@RSA.COM (Jim Bidzos)

Here are some questions about the Clipper program I would like to
submit.

Much has been said about Clipper and Capstone (the term Clipper will
be used to describe both) recently.  Essentially, Clipper is a
government-sponsored tamper-resistant chip that employs a classified
algorithm and a key escrow facility that allows law enforcement, with
the cooperation of two other parties, to decipher Clipper-encrypted
traffic.  The stated purpose of the program is to offer
telecommunications privacy to individuals, businesses, and government,
while protecting the ability of law enforcement to conduct
court-authorized wiretapping.

The announcement said, among other things, that there is currently no
plan to attempt to legislate Clipper as the only legal means to
protect telecommunications.  Many have speculated that Clipper, since
it is only effective in achieving its stated objectives if everyone
uses it, will be followed by legislative attempts to make it the only
legal telecommunications protection allowed. This remains to be seen.

>>>>  NIST:       There are no current plans to legislate the use of Clipper. 
                  Clipper will be a government standard, which can be - and
                  likely will be - used voluntarily by the private sector. The
                  option for legislation may be examined during the policy
                  review ordered by the President.

The proposal, taken at face value, still raises a number of serious
questions.

What is the smallest number of people who are in a position to
compromise the security of the system? This would include people
employed at a number of places such as Mikotronyx, VSLI, NSA, FBI,
and at the trustee facilities.  Is there an available study on the
cost and security risks of the escrow process?

>>>>  NIST:       It will not be possible for anyone from Mykotronx, VLSI,
                  NIST, NSA, FBI (or any other non-escrow holder) to
                  compromise the system.  Under current plans, it would be
                  necessary for three persons, one from each of the escrow
                  trustees and one who knows the serial number of the Clipper
                  Chip which is the subject of the court authorized electronic
                  intercept by the outside law enforcement agency, to conspire
                  in order to compromise escrowed keys.  To prevent this, it
                  is envisioned that every time a law enforcement agency is
                  provided access to the escrowed keys there will be a record
                  of same referencing the specific lawful intercept
                  authorization (court order).  Audits will be performed to
                  assure strict compliance.  This duplicates the protection
                  afforded nuclear release codes.  If additional escrow agents
                  are added, one additional person from each would be required
                  to compromise the system.  NSA's analysis on the security
                  risks of the escrow system is not available for public
                  dissemination.

How were the vendors participating in the program chosen? Was the
process open?

>>>> NIST:        The services of the current chip vendors were obtained in
                  accordance with U.S. Government rules for sole source
                  procurement, based on unique capabilities they presented. 
                  Criteria for selecting additional sources will be
                  forthcoming over the next few months.  

                  AT&T worked with the government on a voluntary basis to use
                  the "Clipper Chip" in their Telephone Security Device.  Any
                  vendors of equipment who would like to use the chips in
                  their equipment may do so, provided they meet proper
                  government security requirements.

A significant percentage of US companies are or have been the subject
of an investigation by the FBI, IRS, SEC, EPA, FTC, and other
government agencies. Since records are routinely subpoenaed, shouldn't
these companies now assume that all their communications are likely
compromised if they find themselves the subject of an investigation by
a government agency?  If not, why not?

>>>> NIST:        No.  First of all, there is strict and limited use of
                  subpoenaed material under the Federal Rules of Criminal
                  Procedure and sanctions for violation.  There has been no
                  evidence to date of Governmental abuse of subpoenaed
                  material, be it encrypted or not.  Beyond this, other
                  Federal criminal and civil statutes protect and restrict the
                  disclosure of proprietary business information, trade
                  secrets, etc.  Finally, of all the Federal agencies cited,
                  only the FBI has statutory authority to conduct authorized
                  electronic surveillance.  Electronic surveillance is
                  conducted by the FBI only after a Federal judge agrees that
                  there is probable cause indicating that a specific
                  individual or individuals are using communications in
                  furtherance of serious criminal activity and issues a court
                  order to the FBI authorizing the interception of the
                  communications. 

What companies or individuals in industry were consulted (as stated
in the announcement) on this program prior to its announcement? (This
question seeks to identify those who may have been involved at the
policy level; certainly ATT, Mikotronyx and VLSI are part of
industry, and surely they were involved in some way.)

>>>> NIST:        To the best of our knowledge: AT&T, Mykotronx, VLSI, and
                  Motorola.  Other firms were briefed on the project, but not
                  "consulted," per se.

Is there a study available that estimates the cost to the US
government of the Clipper program? 

>>>> NIST:        No studies have been conducted on a government-wide basis to
                  estimate the costs of telecommunications security
                  technologies.  The needs for such protection are changing
                  all the time.

There are a number of companies that employ non-escrowed cryptography
in their products today.  These products range from secure voice,
data, and fax to secure email, electronic forms, and software
distribution, to name but a few.  With over a million such products in
use today, what does the Clipper program envision for the future of
these products and the many corporations and individuals that have
invested in and use them?  Will the investment made by the vendors in
encryption-enhanced products be protected? If so, how?  Is it
envisioned that they will add escrow features to their products or be
asked to employ Clipper?  

>>>> NIST:        Again, the Clipper Chip is a government standard which can
                  be used voluntarily by those in the private sector.  We also
                  point out that the President's directive on "Public
                  Encryption Management" stated: "In making this decision, I
                  do not intend to prevent the private sector from developing,
                  or the government from approving, other microcircuits or
                  algorithms that are equally effective in assuring both
                  privacy and a secure key-escrow system."  You will have to
                  consult directly with private firms as to whether they will
                  add escrow features to their products.

Since Clipper, as currently defined, cannot be implemented in
software, what options are available to those who can benefit from
cryptography in software? Was a study of the impact on these vendors
or of the potential cost to the software industry conducted?  (Much of
the use of cryptography by software companies, particularly those in
the entertainment industry, is for the protection of their
intellectual property.)


>>>> NIST:        You are correct that, currently, Clipper Chip functionality
                  can only be implemented in hardware.  We are not aware of a
                  solution to allow lawfully authorized government access when
                  the key escrow features and encryption algorithm are
                  implemented in software.  We would welcome the participation
                  of the software industry in a cooperative effort to meet
                  this technical challenge.  Existing software encryption use
                  can, of course, continue.  

Banking and finance (as well as general commerce) are truly global
today. Most European financial institutions use technology described
in standards such as ISO 9796.  Many innovative new financial
products and services will employ the reversible cryptography
described in these standards.  Clipper does not comply with these
standards. Will US financial institutions be able to export Clipper?
If so, will their overseas customers find Clipper acceptable?  Was a
study of the potential impact of Clipper on US competitiveness
conducted? If so, is it available? If not, why not?

>>>> NIST:        Consistent with current export regulations applied to the
                  export of the DES, we expect U.S. financial institutions
                  will be able to export the Clipper Chip on a case by case
                  basis for their use.  It is probably too early to ascertain
                  how desirable their overseas customers will find the Clipper
                  Chip.  No formal study of the impact of the Clipper Chip has
                  been conducted since it was, until recently, a classified
                  technology; however, we are well aware of the threats from
                  economic espionage from foreign firms and governments and we
                  are making the Clipper Chip available to provide excellent
                  protection against these threats.  As noted below, we would
                  be interested in such input from potential users and others
                  affected by the announcement.  Use of other encryption
                  techniques and standards, including ISO 9796 and the ISO
                  8730 series, by non-U.S. Government entities (such as
                  European financial institutions) is expected to continue.

I realize they are probably still trying to assess the impact of
Clipper, but it would be interesting to hear from some major US
financial institutions on this issue.

>>>> NIST:        We too would be interested in hearing any reaction from
                  these institutions, particularly if such input can be
                  received by the end of May, to be used in the
                  Presidentially-directed review of government cryptographic
                  policy.

Did the administration ask these questions (and get acceptable
answers) before supporting this program? If so, can they share the
answers with us? If not, can we seek answers before the program is
launched?  

>>>> NIST:        These and many, many others were discussed during the
                  development of the Clipper Chip key escrow technology and
                  the decisions-making process.  The decisions reflect those
                  discussions and offer a balance among the various needs of
                  corporations and citizens for improved security and privacy
                  and of the law enforcement community for continued legal
                  access to the communications of criminals.










Thread