From: Black Unicorn <unicorn@access.digex.net>
Date: Sun, 15 May 94 09:38:16 PDT
To: cypherpunks@toad.com
Subject: Baker Rebuke (LONG! BASIC, Vet's Ignore)
Message-ID: <199405151637.AA15166@access1.digex.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----
 
 
Here is my assesment of the arguments Mr. Baker presented on the pro-
Clipper side.
 
Feel free to post it to usenet if you think it's worthwhile.
 
 
- - -uni- (Dark)
 
- - ------- Forwarded Message
 
Copyright and distribution policy attached to the end of document. FYI.
 
X-within-URL: http://www.wired.com/Etext/2.06/Features/nsa.clipper.html
 
 
                     NSA'S CHIEF COUNSEL TO APPEAR ONLINE
                                       
   Stewart A. Baker, Chief Counsel for the National Security Agency and
   featured writer in WIRED 2.06 will host a Q&A session on the Clipper
   Chip. He will appear on America Online in Center Stage (from AOL type
   keyword: "center stage") on Thursday May 26, 1994, from 7-9 p.m. EST.
   
   Baker is the NSA's top lawyer and supports the Clipper Initiative. He
   worked briefly as Deputy General Counsel of the Education Department
   under President Jimmy Carter. His article "Don't Worry Be Happy"
   refutes seven myths of key escrow encryption and is a WIRED
   Exclusive.
   
     _________________________________________________________________
                             DON'T WORRY BE HAPPY
   Why Clipper Is Good For You
   
    By Stewart A. Baker, Chief Counsel for the NSA
     _________________________________________________________________
   
 
   With all the enthusiasm of Baptist ministers turning their Sunday
   pulpits over to the Devil, the editors of WIRED have offered me the
   opportunity to respond to some of the urban folklore that has grownup
   around key escrow encryption -- also known as the Clipper Chip.
   
   Recently the Clinton administration has announced that federal
   agencies will be able to buy a new kind of encryption hardware thatis
   sixteen million times stronger than the existing federal standard
   known as DES. But this new potency comes with a caveat. If one of
   these new encryption devices is used, for example, to encode a phone
   conversation that is subject to a lawful government wiretap, the
   government can get access to that device's encryption keys. Separate
   parts of each key are held by two independent "escrow agents," who
   will release keys only to authorized agencies under safeguards
   approved by the attorney general. Private use of the new encryption
   hardware is welcome but not required. That's a pretty modestproposal.
 
First off, notice the characterization here.  The methods used for 
access to the keys are approved by the attorney general.  An 
administrator appointed by the Executive branch, who has the greatest 
interest in lax standards, perhaps a greater interest than anyone else 
in government might.
 
 
 
   Its critics, though, have generated at least seven myths about key
   escrow encryption that deserve answers.
   
   MYTH NUMBER ONE: Key escrow encryption will create a brave new world
   of government intrusion into the privacy of Americans. 
   
   Opponents of key escrow encryption usually begin by talking about
   government invading the privacy of American citizens. None of uslikes
   the idea of the government intruding willy-nilly on communications
   that are meant to be private.
   
   But the key escrow proposal is not about increasing government's
   authority to invade the privacy of its citizens. All that key escrow
   does is preserve the government's current ability to conduct wiretaps
   under existing authorities. Even if key escrow were the only form of
   encryption available, the world would look only a little different
   from the one we live in now.
 
His argument here hinges on the definitions of expand and preserve.  
Right now, the government has (it seems) little ability to eavesdrop on 
electronic messages sent with PGP or RIPEM.  Preserving the status quo 
would preserve the abilities of individuals to maintain unobserved 
conversations.
 
If indeed the abilities of the government are only to be preserved, why 
is additional legislation required?
 
Do we fund bold advances in police spending to "preserve" the abilities 
of the police?  Or to expand against some new threat?  It's important to 
distinguish exactly what is being preserved.  Is it the "capability" of 
the government?  Or the effect of that "capability?"
 
Consider an example.  The government has little trouble looking through 
blinds with thermal scopes.  Citizens begin to use lead based blinds.  
The government wants to sell blinds that are transparent to thermal 
scopes and drive lead blinds out of the market.  The government is 
trying to expand the effect here.  They only want the ability to see 
through the blinds, but they will soon have the ability to see through 
blinds DESPITE the presence of lead blinds.  The concept of expansion or 
preservation is simply moot here.  Ask this question instead:  Are they 
REGULATING?  Are they LIMITING?
 
In addition, there is no doubt at all that the "transactional data" 
provided by the LEAF envelope is a new capability.
 
 
   In fact, it's the proponents of widespread unbreakable encryption who
   want to create a brave new world, one in which all of us -- crooks
   included -- have a guarantee that the government can't tap ourphones.
   Yet these proponents have done nothing to show us that the new world
   they seek will really be a better one.
   
   In fact, even a civil libertarian might prefer a world where wiretaps
   are possible. If we want to catch and convict the leaders of criminal
   organizations, there are usually only two good ways to do it. We can
   "turn" a gang member -- get him to testify against his leaders. Or we
   can wiretap the leaders as they plan the crime.
 
Now were this my position, that law enforcement NEEDS to have wiretap 
ability, how does Clipper help us?  There is no dispute that Clipper 
will not catch those criminals who use other "commercial" encryption.  
The NSA answer to this is a petty "Well, we'll catch stupid criminals."  
It amazes me they even have the audacity to assert this position.  
Anyone who is going to shell out ~ $1000 for a encrypted phone, is 
hardly a stupid criminal.
 
   I once did a human rights report on the criminal justice system in El
   Salvador. I didn't expect the Salvadorans to teach me much abouthuman
   rights. But I learned that, unlike the US, El Salvador greatly
   restricts the testimony of "turned" co-conspirators. Why? Because the
   co-conspirator is usually "turned" either by a threat of mistreatment
   or by an offer to reduce his punishment. Either way, the process
   raises moral questions -- and creates an incentive for false
   accusations.
   
   Wiretaps have no such potential for coercive use. The defendant is
   convicted or freed on the basis of his own, unarguable words.
 
As an attorney, I really wish it were this simple.  The NSA is trying to 
insulate this argument from the Constitution.  Apparently the courts 
have other ideas about the pitfalls of wiretapping considering the 
rather strict rules they have imposed on it.  In addition, the argument 
is not merely about the value of wiretapping.  It is the methods 
employed that are a concern.  If the methods are unsound, why are we 
pouring thousands, millions of dollars (billions if you include DigiTel) 
into this project?  "Stupid" criminals are not the type that need a 
project like Clipper to get caught.
 
   In addition, the world will be a safer place if criminals cannot take
   advantage of a ubiquitous, standardized encryption infrastructurethat
   is immune from any conceivable law enforcement wiretap. Even ifyou're
   worried about illegal government taps, key escrow reinforces the
   existing requirement that every wiretap and every decryption must be
   lawfully authorized. The key escrow system means that proof of
   authority to tap must be certified and audited, so that illegal
   wiretapping by a rogue prosecutor or police officer is, as apractical
   matter, impossible.
   
I agree the world would be a safer place if criminals could not take 
advantage of a standardized encryption structure, but how much better if 
they can take advantage of a non-standard encryption structure?  How 
does Clipper assure us they cannot take advantage of either?  Perhaps it 
keeps criminals from taking advantage of a standard encryption 
structure, but so would a 20 bit encryption standard.  Mr. Baker's 
assertion then holds true even if the government creates a secret 
standard that is never released.  The creation of this standard has 
prevented criminals from taking advantage of a standardized encryption 
system.  Instead they have to resort to non-standard methods, which are 
more secure anyway.  Mr. Baker's statement is thus, entirely without 
meaning.
 
Regardless, even with Clipper there is no showing how criminals will not 
be able to take advantage of strong crypto.  Even the statistics that 
the various pro-clipper agencies like to tout show us that the primary 
focus of wiretapping falls in to some distinct and demonized categories.
1>  Drug dealers
2>  Terrorists
3>  Organized crime "gangs."
All of these targets are those most likely to have the resources and 
organization to purchase non-escrowed cryptography, and the intelligence 
to use it.  Who is honestly going to assert that some drug organization 
that builds a semi-submersible craft out of an aircraft nose at an 
expense of millions of dollars to smuggle drugs into the United States 
is going to just be careless and buy a Clipper phone?  That a terrorist 
organization will continue to use Clipper phones because a lackey tried 
to get his deposit back at a rental car agency?
 
It is clear that Clipper will do none of these things.  Instead it will 
prevent (assuming only clipper phones are available) only the small time 
and less resourced offenders from evading capture.  Despite all the hype 
and rhetoric, Clipper is basically an auto thief catcher, a small time 
dealer working out of his home catcher.
 
   MYTH NUMBER TWO: Unreadable encryption is the key to our future
   liberty.
   
   Of course there are people who aren't prepared to trust the escrow
   agents, or the courts that issue warrants, or the officials who
   oversee the system, or anybody else for that matter. Rather than rely
   on laws to protect us, they say, let's make wiretapping impossible;
   then we'll be safe no matter who gets elected.
 
Note the portrayal of the opposition.  All of them are radicals, none 
are those concerned about the economic consequences, or the 
international markets, or the potential for United States espionage.  
None of them are simply worried about the effectiveness of the program, 
they are all anarchists.
 
   This sort of reasoning is the long-delayed revenge of people who
   couldn't go to Woodstock because they had too much trig homework. It
   reflects a wide -- and kind of endearing -- streak of romantic
   high-tech anarchism that crops up throughout the computer world.
 
I won't even dignify this character attack with a response.  The reader 
will judge the value of this argument him or herself
 
   The problem with all this romanticism is that its most likely
   beneficiaries are predators. Take for example the campaign to
   distribute PGP ("Pretty Good Privacy") encryption on the Internet.
   Some argue that widespread availability of this encryption will help
   Latvian freedom fighters today and American freedom fighterstomorrow.
   Well, not quite. Rather, one of the earliest users of PGP was a
   high-tech pedophile in Santa Clara, California. He used PGP toencrypt
   files that, police suspect, include a diary of his contacts with
   susceptible young boys using computer bulletin boards all over the
   country. "What really bothers me," says Detective Brian Kennedy ofthe
   Sacramento, California, Sheriff's Department, "is that there could be
   kids out there who need help badly, but thanks to this encryption,
   we'll never reach them."
 
And Clipper will help this problem by?  Encouraging smart pedophiles to 
use it?  It's clear this argument either has no merit, or foreshadows a 
more sinister regulatory action.
 
There are good and bad sides to every technology.  This pedophile 
argument is akin to demonizing baseball bats because they might cause 
harm.  Or forbidding computers with accounting software because bookies 
might use them.  It is in the American tradition to legislate this way.  
Look at the speed limit, the trends in Tort law.  The assault weapons 
ban.  Everything is geared to the worst case.  The good or bad of this 
argument depends on how effective the legislation really is at 
accomplishing its goal.  Here it looks like Clipper, as it stands now, 
would have done no good.  This pedophile knew what was good for him in 
the face of the law, and Clipper wasn't it.  Unless the administration 
is prepared to put their cards on the table and call for a ban on 
encryption, this argument has absolutely no place here.
 
   If unescrowed encryption becomes ubiquitous, there will be many more
   stories like this.
 
And perhaps many more freedom fighter stories as well.  This argument is 
based on speculation that the author has assumed in order to prove.  
Encryption will make the world better because it will be better, in 
effect.
 
 
   We can't afford as a society to protect pedophiles
   and criminals today just to keep alive the far-fetched notion that
   some future tyrant will be brought down by guerrillas wearing
   bandoleers and pocket protectors and sending PGP-encrypted messagesto
   each other across cyberspace.
   
 
Nor then, can we afford as a society to protect the rights of the 
accused, and privacy in any form to keep alive the far-fetched notion 
that some future tyrant will be brought down by people with the romantic 
and old fashioned notion that some two hundred year old document might 
have some merit.  So I propose the Clippered Constitution.
 
This argument relies on your willingness to balance the rights of the 
people against the need for law enforcement in this particular case.  
Essentially what Mr. Baker is doing here is asking you to find that the 
prospect of catching pedophiles (a prospect that is by no means a 
certainty) is worth the sacrifice in privacy, and the expenditure in 
cost.
 
The most efficient law enforcement known is a dictatorship, and if we 
were to carry Mr. Baker's line of argument to it's conclusion, it is 
only some old fashioned notion that people have rights that stops us 
from eliminating all or nearly all crime.  By Mr. Baker's standards it 
seems that the exclusionary rule (which forbids the admission of 
evidence wrongly obtained under the 4th amendment) might as well be 
removed.  Afterall, the guy is obviously guilty, we found him with 6 
kilos of coke, so why let him go because our MEANS were not sound?  
C'mon judge, this is some old fashioned and antiquated notion that the 
right against unlawful search and seizure is important.
The fact is the problem is not approached this way in the United States 
traditionally, and this argument is really a question of degree, not one 
of yes or no.
 
   
   MYTH NUMBER THREE: Encryption is the key to preserving privacy in a
   digital world.
   
   Even people who don't believe that they are likely to be part of
   future resistance movements have nonetheless been persuaded that
   encryption is the key to preserving privacy in a networked, wireless
   world, and that we need strong encryption for this reason. This isn't
   completely wrong, but it is not an argument against Clipper.
   
   If you want to keep your neighbors from listening in on your cordless
   phone, if you want to keep unscrupulous competitors from stealingyour
   secrets, even if you want to keep foreign governments from knowing
   your business plans, key escrow encryption will provide all the
   security you need, and more.
 
I suppose this is provided you trust the government's ability to 
preserve the security of the escrow, the ability of counterintelligence 
to catch those who would steal it, the integrity of the government in 
not exchanging the keys for whatever reason, the likelihood of the 
government notifying the public if there has been a breach of security, 
and the procedures of notifying the Clipper user after a warrant has 
been issued for the key and then no crime has been discovered.
 
This is at the core then, a legal process argument.  As long as we give 
the keys to the right administrator, everything will be just fine.  The 
problem with that is you have to trust the government first, trust a 
government to set the right standards for the release of keys, trust a 
government that will never fall into another McCarthyism, never look at 
another passport file for political reasons, and trust a government that 
generally has an interest in compromising the system.
 
Even if you trust government as a whole, can you trust the segments of 
the process?
 
DES is probably more than you need under many of these arguments, the 
fact is its not everything you need in others.
 
 
   But I can't help pointing out that encryption has been vastlyoversold
   as a privacy protector. The biggest threats to our privacy in a
   digital world come not from what we keep secret but from what we
   reveal willingly.
 
For example, if we give our encryption keys to the government?
 
   We lose privacy in a digital world because it
   becomes cheap and easy to collate and transmit data, so that
   information you willingly gave a bank to get a mortgage suddenly ends
   up in the hands of a business rival or your ex-spouse's lawyer.
   Restricting these invasions of privacy is a challenge, but it isn't a
   job for encryption. Encryption can't protect you from the misuse of
   data you surrendered willingly.
   
 
Why is this so?  If there is a standard that is secure from everyone, 
including the government, why can't I exchange my banking information, 
my medical information, my whatever?  This is a societal question, what 
encryption CAN be used for is limited only by what the government will 
allow it to be used for and market forces.  All of these applications 
could conceivably be protected by encryption.  All of these applications 
are thus, victims of potential government intrusions by Clipper.  What 
possible use could the government have for my transactions with my 
Doctor?
 
This argument also has a ring of, "Since most people are killed with 
bats, we need not limit guns."  Personally, I'd like to see the killings 
by BOTH reduced, but that doesn't mean I'm going to resort to banning 
either one, or that I will ignore the one that kills "less."
 
Just because people do their taxes openly, I should be concerned that 
the government might listen to my phone because I have bigger problems 
to deal with?
 
Part of this has to do with the lack of "transparency" in encryption 
systems as well.  A completely transparent encryption method would 
increase privacy as much as any system, be it escrowed or not.  Why this 
mandates Clipper, or somehow makes strong encryption less of an option, 
is beyond me.
 
   What about the rise of networks? Surely encryption can help prevent
   password attacks like the recent Internet virus, or the interception
   of credit card numbers as they're sent from one digital assistant to
   another? Well, maybe. In fact, encryption is, at best, a small partof
   network security.
 
Currently perhaps, but again, this says nothing of potential does it?
Some people, I agree, do not need a high level of privacy, others do.
 
   The real key to network security is making sure that only the right
   people get access to particular data. That's why a digital signature
   is so much more important to future network security than encryption.
 
I would like to see a digital signature that does not use encryption of 
some sort.
 
   If everyone on a net has a unique identifier that others cannotforge,
   there's no need to send credit card numbers -- and so nothing to
   intercept.
 
"If everyone [] had a unique identifier...."  "If everyone had a social 
security number...."
 
   And if everyone has a digital signature, stealing passwords
   off the Net is pointless. That's why the Clinton administration is
   determined to put digital signature technology in the public domain.
   It's part of a strategy to improve the security of the information
   infrastructure in ways that don't endanger government's ability to
   enforce the law.
   
Digital signature technology can be put in the public domain without the 
help of the government thank you very much.
 
Curfews don't endanger the government's ability to enforce the law 
either, but they aren't without drawbacks.
 
   MYTH NUMBER FOUR: Key escrow will never work. Crooks won't use it if
   it's voluntary. There must be a secret plan to make key escrow
   encryption mandatory.
   
   This is probably the most common and frustrating of all the mythsthat
   abound about key escrow.
 
Mostly because there is no effective counter argument.  I do feel sorry 
for Mr. Baker here, a little.
 
   The administration has said time and again
   that it will not force key escrow on manufacturers and companies in
   the private sector. In a Catch-22 response, critics then insist that
   if key escrow isn't mandated it won't work.
 
Again, this presupposes a trust in government.  If you look at the words 
in the original announcements, this is NOT what the government says 
either.  They insist that their program will be voluntary, and there are 
"currently no plans" to enforce a ban on other encryption.  If press 
releases from the White House are per se reliable, then we have no need 
of privacy at all since government can be completely trusted.
 
 
   That misunderstands the nature of the problem we are trying to solve.
   Encryption is available today. But it isn't easy for criminals touse;
   especially in telecommunications. Why? Because as long as encryption
   is not standardized and ubiquitous, using encryption means buying and
   distributing expensive gear to all the key members of the conspiracy.
   Up to now only a few criminals have had the resources,sophistication,
   and discipline to use specialized encryption systems.
 
Yes, it is expensive, the cost of an old IBM and a 300 baud modem for 
example.  Certainly no petty thieves will use it.
 
Mr. Baker only points out the counter argument himself here.  Clipper is 
aimed at those who can afford encryption, and those people will have the 
best there is to offer, namely, not Clipper.
 
   What worries law enforcement agencies --what should worry them -- isa
   world where encryption is standardized and ubiquitous: a world where
   anyone who buys an US$80 phone gets an "encrypt" button that
   interoperates with everyone else's; a world where every fax machine
   and every modem automatically encodes its transmissions withoutasking
   whether that is necessary. In such a world, every criminal will gaina
   guaranteed refuge from the police without lifting a finger.
 
And Clipper will solve this how?  If anything it hurts the goal of 
making non-escrow encryption expensive because it generates a market for 
it, and forces manufactures to undercut government subsidized 
manufactures.  The effect is a drop in cost as the non-escrow 
manufactures try to keep competitive.  This is classic Clinton 
administration logic, the market will cease to function for as long as 
it takes for us to implement our policy.
 
   The purpose of the key escrow initiative is to provide an alternative
   form of encryption that can meet legitimate security concerns without
   building a web of standardized encryption that shuts law enforcement
   agencies out. If banks and corporations and government agencies buy
   key escrow encryption, criminals won't get a free ride. They'll have
   to build their own systems -- as they do now. And their devices won't
   interact with the devices that much of the rest of society uses. As
   one of my friends in the FBI puts it, "Nobody will build securephones
   just to sell to the Gambino family."
 
Your friend in the FBI clearly is a graduate of the Clinton/NSA school 
of economics.  People will build secure phones to sell to who is paying.  
If that's the Gambino family, I promise some manufactures will be lining 
up to the promised 2,000 phone order that will result.  What a market 
plus it would be to be the phone the Gambino family uses.  Anyone who 
really wanted security would be impressed; and the sales agents would 
love the chance to look over their shoulder in the showroom and look 
about before whispering in the prospective purchasers ear, "The Gambino 
family just bought 2,000 of these, THAT'S how secure they are."
 
   In short, as long as legitimate businesses use key escrow, we can
   stave off a future in which acts of terror and organized crime are
   planned with impunity on the public telecommunications system. Of
   course, whenever we say that, the critics of key escrow trot outtheir
   fifth myth:
   
And what then, do you make of the legitimate businesses who oppose 
Clipper, of which there are many?  What of the businesses who do 
business internationally?  What of the international fears that Clipper 
causes.  You might look at a recent article in the Toronto (Sun?) which 
bears the opinion of the former Canadian Minister of Defense on the 
subject to get a feel for how other countries would welcome such a 
standard.
   
   MYTH NUMBER FIVE: The government is interfering with the free market
   by forcing key escrow on the private sector. Industry should be left
   alone to develop and sell whatever form of encryption succeeds in the
   market.
   
   In fact, opponents of key escrow fear that businesses may actually
   prefer key escrow encryption. Why? Because the brave new world that
   unreadable encryption buffs want to create isn't just a world with
   communications immunity for crooks. It's a world of uncharted
   liability. What if a company supplies unreadable encryption to allits
   employees, and a couple of them use it to steal from customers or to
   encrypt customer data and hold it hostage? As a lawyer, I can sayit's
   almost certain that the customers will sue the company that supplied
   the encryption to its employees. And that company in turn will suethe
   software and hardware firms that built a "security" system without
   safeguards against such an obvious abuse. The only encryption system
   that doesn't conjure up images of a lawyers' feeding frenzy is key
   escrow.
 
I fail, as an attorney, to follow this argument.  It is clear that it 
would be hard to hold responsible a software company liable for the 
"damage" the software causes.  It is further hard to see how one could 
win a suit that can't prove that data is held hostage, and not just 
random garbage.
 
I don't know many judges that would be interested in holding liability 
to extend this far for exactly the reason that Mr. Baker cites, it would 
make business impossible to do in many contexts, not just encryption.  
Telegraph companies are not, for example, per se liable for a loss in 
communication that causes thousands, or even millions of dollars in 
damage.
 
I suppose PGP is somehow responsible for the pedophiles crime?  As an 
accessory?  I suppose gun manufactures are responsible for their 
liability?  I suppose we could sue the manufactures of cars used in get-
aways?  I don't know where Mr. Baker got his law degree, but he doesn't 
seem to understand the liability limiter of supervening cause.
 
In any event, the company could easily secure itself from liability in 
the context Baker describes by instituting a company policy that 
requires users of company lines for company business to turn a copy of 
their key over.  Even father, the company could provide pre-generated 
keys and keep copies.  Why is it that we must constantly rely on 
government to do that which we can easily accomplish ourselves?
 
 
   But there's a second and even more compelling reason why the key
   escrow initiative can't fairly be characterized as interfering with
   private enterprise: The encryption market has been more or less
   created and sustained by government. Much of the market forencryption
   devices is in the public sector, and much of the encryptiontechnology
   now in widespread use in the private sector was funded, perfected, or
   endorsed by the federal government.
 
I would like to see some evidence here.  Indeed the security market is a 
classic in free markets right now.  There are several software vendors, 
several private buyers, and the costs are driven lower by the very 
extensive availability of public domain software for strong encryption.
 
Even aside this, Baker himself argues that the need for network security 
is growing and getting more and more important in the private sector, 
which Clipper is supposedly designed for.
 
   And not by accident, either. Good encryption is expensive.
 
Not PGP, not RIPEM, not IDEA.  Good encryption is cheap, and getting 
cheaper, even in hardware implementations.  Patents are on the road to 
expiration, and licensing agreements are getting looser.
 
If it were so expensive, and if the market is so driven by the public 
sector, why are you so concerned with:
 
   "[A] world where
   anyone who buys an US$80 phone gets an "encrypt" button that
   interoperates with everyone else's;"
 
Again we see the Clinton/NSA school of economics in action.  There is no 
market for encryption in the private sector, so us regulating the market 
in the private sector is really not market regulation.
 
   It isn't
   just a matter of coming up with a strong algorithm, although testing
   the strength of an algorithm can be enormously time-consuming. The
   entire system must be checked for bugs and weaknesses, a laboriousand
   unglamorous process. Generally, only the federal government has been
   willing to pay what it costs to develop secure communications gear.
   That's because we can't afford to have our adversaries reading our
   military and diplomatic communications.
   
   That's led to a common pattern. First, the government develops,tests,
   or perfects encryption systems for itself. Then the private sector
   drafts along behind the government, adopting government standards on
   the assumption that if it's good enough for the government's
   information, it's good enough to protect industry's.
 
A pattern that is fast vanishing, and even gone.  A pattern that burned 
every 3rd world nation that bought into post war encryption distributed 
by the USA, and every nation that thought DES was ok for diplomatic 
encryption.
 
   As encryption technology gets cheaper and more common, though, weface
   the real prospect that the federal government's own research, its own
   standards, its own purchases will help create the future I described
   earlier -- one in which criminals use ubiquitous encryption to hide
   their activities. How can anyone expect the standard-setting arms of
   government to use their power to destroy the capabilities of law
   enforcement -- especially at a time when the threat of crime and
   terror seems to be rising dramatically?
 
There is implicit in this statement, a notion that the private sector is 
screaming out loud for escrowed, and government approved, encryption.
I have seen quite the opposite.
 
   By adopting key escrow encryption instead, the federal government has
   simply made the reasonable judgment that its own purchases will
   reflect all of society's values, not just the single-minded pursuitof
   total privacy.
 
And this indicates that the government is not engaged in market 
regulation how?
 
   So where does this leave industry, especially those companies that
   don't like either the 1970s-vintage DES or key escrow? It leaves them
   where they ought to be -- standing on their own two feet. Companies
   that want to develop and sell new forms of unescrowed encryptionwon't
   be able to sell products that bear the federal seal of approval. They
   won't be able to ride piggyback on federal research efforts. And they
   won't be able to sell a single unreadable encryption product to both
   private and government customers.
 
And so they have doubled the market, and twice the variety in product 
line with the ability to ride out the storm when government cutbacks are 
in order?  Clinton/NSA economics again I suppose.  Only this time the 
markets won't be seperated in terms of export/domestic markets.  There 
can be a price disparity adjustment within the market that serves the 
manufacturer.
 
   Well, so what? If companies want to develop and sell competing,
   unescrowed systems to other Americans, if they insist on hastening a
   brave new world of criminal immunity, they can still do so -- as long
   as they're willing to use their own money. That's what the freemarket
   is all about.
 
Government subsidizes the manufacture and distribution of a "standard," 
buys thousands to create a market for them where no market before 
existed, and then that's what free market is all about?  Funny, last 
time I checked, the United States has been trying to serve DeBeers (For 
the last five years at least) for doing about the same thing in the 
diamond market.
 
   Of course, a free market in the US doesn't mean freedom to export
   encryption that may damage US national security. As our experience in
   World War II shows, encryption is the kind of technology that winsand
   loses wars. With that in mind, we must be careful about exports of
   encryption. This isn't the place for a detailed discussion of
   controls, but one thing should be clear: They don't limit the
   encryption that Americans can buy or use. The government allows
   Americans to take even the most sophisticated encryption abroad for
   their own protection. Nor do controls require that software or
   hardware companies "dumb down" their US products.
 
They merely have to "dumb down" all their products.
 
   Software firms have
   complained that it's inconvenient to develop a second encryption
   scheme for export, but they already have to make changes from one
   country to the next -- in language, alphabet, date systems, and
   handwriting recognition, to take just a few examples. And they'dstill
   have to develop multiple encryption programs even if the US abolished
   export controls, because a wide variety of national restrictions on
   encryption are already in place in countries from Europe to Asia.
   
And so we will keep the current and highly effective export regulations 
in place and there will never be a market for strong encryption in 
either the U.S or abroad.  Pure fantasy.
   
   MYTH NUMBER SIX: The National Security Agency is a spy agency; it has
   no business worrying about domestic encryption policy.
   
   Since the National Security Agency has an intelligence mission,
 
Read: is a spy agency.
 
   its
   role in helping to develop key escrow encryption is usually treatedas
   evidence that key escrow must be bad security. In reality, though,NSA
   has two missions. It does indeed gather intelligence, in part by
   breaking codes. But it has a second, and oddly complementary,mission.
   It develops the best possible encryption for the US government's
   classified information.
   
   With code breakers and code makers all in the same agency, NSA has
   more expertise in cryptography than any other entity in the country,
   public or private. It should come as no surprise, therefore, that NSA
   had the know- how to develop an encryption technique that provides
   users great security without compromising law enforcement access. To
   say that NSA shouldn't be involved in this issue is to say the
   government should try to solve this difficult technical and social
   problem with both hands tied behind its back.
   
 
 
Then the super smart NSA shouldn't need to classify the method used in 
Clipper as no civilian could ever possibly find a weakness in it.
   
 
   MYTH NUMBER SEVEN: This entire initiative was studied in secret and
   implemented without any opportunity for industry or the public to be
   heard.
   
   This is an old objection, and one that had some force in April of
   1993, when the introduction of a new AT&T telephone encryption device
   required that the government move more quickly than it otherwisewould
   have.
 
For those not in on the argument, AT&T had a (DES?) based hardware 
encryption product that looked much like a caller I.D. box which 
encrypted phone conversation quite well.  AT&T was about to market the 
device, and had produced a large lot ~8,000 units.  NSA expressed 
disapproval, bought the lot up almost entirely and destroyed the units 
so AT&T wouldn't ruin the upcoming market regulation by flooding the 
market with "real" encryption.  In return (probably) AT&T got the 
Clipper contract, and one might look at the recent support AT&T has 
received in contract negotiations with Saudi Arabia from the 
administration and draw your own conclusions.
 
   Key escrow was a new idea at that time, and it was reasonable
   for the public to want more details and a chance to be heard before
   policies were set in concrete. But since April 1993, the public and
   industry have had many opportunities to express their views. The
   government's computer security and privacy advisory board heldseveral
   days of public hearings. The National Security Council met repeatedly
   with industry groups. The Justice Department held briefings for
   congressional staff on its plans for escrow procedures well inadvance
   of its final decision. And the Commerce Department took publiccomment
   on the proposed key escrow standard for 60 days.
 
And despite strong corporate rejection government jumped on the project 
anyhow.  I have not heard any support from the private sector at all, 
except maybe AT&T and those companies that smell a total ban and are 
promising to support the new hardware to hold their place in the market.  
I would like to hear from anyone who has heard otherwise, that is a 
glowing review of Clipper by a private sector entity.
 
   After all this consultation, the government went forward with key
   escrow, [anyhow] not because the key escrow proposal received a []
   warm reception, but because none of the proposal's critics was ableto
   suggest a better way to accommodate society's interests in both
   privacy and law enforcement.
 
Read: Public input was meaningless because we are much smarter.
 
   Unless somebody comes up with one, key
   escrow is likely to be around for quite a while. That's because the
   only alternative being proposed today is for the government to design
   or endorse encryption systems that will cripple law enforcement when
   the technology migrates -- as it surely will -- to the privatesector.
   And that alternative is simply irresponsible.
 
How about stay out of the commercial markets all together?  Private 
sectors are at least as effective at developing standards.
 
Let me summarize Mr. Bakers arguments:
 
1>  Clipper doesn't create any new capability, because we have the 
ability to do the same intrusive things we could do before.
 
2>  Wiretaps are ok because they are not coercive
 
3>  The radical civil libertarians, who are the only real resistors her, 
want us to fall into anarchy, so they cant have any good points.
 
4>  Because criminals cannot use standardized encryption, they cannot 
use encryption
 
5>  Because the keys are escrowed, threat of irresponsible government is 
reduced.
 
6>  The anti-clipper people are just geeks who missed woodstock, so they 
can't have any perspective here.
 
7>  Because a pedophile once used PGP, we have to have Clipper.
 
8>  We can't let silly notions that the government might one day exceed 
its bounds stop us from effective law enforcement.
 
9>  The need for privacy isn't about Clipper, because Clipper provides 
privacy.
 
10>  Because we reveal so much about ourselves willingly, we don't need 
encryption anyway.
 
11>  The need for digital signatures mandates Clipper.
 
12>  We are just trying to make strong encryption more expensive for 
criminals, and just catch the stupid ones.  So Clipper will limit crypto 
to those with big resources, because one would have to be an idiot to 
want to sell anything to criminals.
 
13>  Government is not interfering with the market because government is 
and will be the only market provider.
 
14>  Companies won't use strong encryption because there is to much 
liability in it.
 
15>  The NSA is the best developer of crypto, and no one would ever 
think of buying anything that does not bear the NSA seal of approval.
 
16>  Because the purchase of escrow encryption by the government is 
merely an imposition of values on the public, its not market regulation.
 
17>  Software companies have been bemoaning the need to make different 
standards for exporting crypto so we are going to impose a crippled 
standard for all crypto and that will solve the problem.
 
18>  The NSA is so good at making codes, we are exactly the people to be 
doing it, and the other developers aren't as good at screening their 
methods.  Even so, we still need strong encryption because however bad 
the private developers are, they are threatening to flood the world with 
encryption we can't break.
 
19>  Since we held pet hearings that looked like a show trial, the 
public got to choose.
 
20>  Since the public was too stupid to like escrow encryption, we're 
going to go ahead with it anyhow; but this doesn't mean the public 
wasn't involved!  (This last one rings right up there with, if you don't 
agree with me, I'll make you agree.)
 
   For more information on the Clipper standard you can access WIRED's
   Clipper archive via the following WIRED Online services.
 
[...]
 
     _________________________________________________________________
   
   
   
   Stewart A. Baker is the National Security Agency's top lawyer. He
   worked briefly as Deputy General Counsel of the Education Department
   under President Jimmy Carter, and he practiced international law at
   Steptoe & Johnson, in Washington, DC. He has been at the NSA since
   1992.
   
   
     _________________________________________________________________
   
   WIRED Online Copyright Notice
   
   Copyright 1993,4 Ventures USA Ltd. All rights reserved.
   
   This article may be redistributed provided that the article and this
   notice remain intact. This article may not under any circumstances be
   resold or redistributed for compensation of any kind without prior
   written permission from Wired Ventures, Ltd.
   
   If you have any questions about these terms, or would like 
information
   about licensing materials from WIRED Online, please contact us via
   telephone (+1 (415) 904 0660) or email (info@wired.com).
   
   WIRED and WIRED Online are trademarks of Wired Ventures, Ltd.
 
 
- - -uni- (Dark)
 
unicorn@access.digex.net
 
 
 
-----BEGIN PGP SIGNATURE-----
Version: 2.3
 
iQCVAgUBLdZaMhibHbaiMfO5AQGtgQQAx4OpCeGcqGAwbZyKVIcOC2EkX/IVYl0V
wXUss+02Cgm8vbYlwJDQkLNuIcBN6Ij4Vnt55j/zhhLXPXMyqGuunDa+kcUM9ajn
6fiJ78tQC0GZ1ID6WhjMtYfXgMsy0dhadRNvkMUmmjo6j+uQozRnZoIkjkdA32XC
oFDNDSXk78Q=
=bavc
-----END PGP SIGNATURE-----