1994-08-09 - Gore Letter and Software Key Escrow

Header Data

From: tcmay@netcom.com (Timothy C. May)
To: cypherpunks@toad.com
Message Hash: aaf9aa04471e998c64e656a86818e69cefe3f0fd2dda4c6216d83677acea203d
Message ID: <199408090004.RAA25895@netcom11.netcom.com>
Reply To: N/A
UTC Datetime: 1994-08-09 00:04:14 UTC
Raw Date: Mon, 8 Aug 94 17:04:14 PDT

Raw message

From: tcmay@netcom.com (Timothy C. May)
Date: Mon, 8 Aug 94 17:04:14 PDT
To: cypherpunks@toad.com
Subject: Gore Letter and Software Key Escrow
Message-ID: <199408090004.RAA25895@netcom11.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain



Some interesting comments from a recent issue of "EE Times":

"While some critics declared Clipper dead, Gore made it clear  that
any encryption system used for voice communications must retain that
the key-escrow framework that is the central feature of the Clipper
chip. The only difference will be whether private-sector escrow agents
will be added." ["Gore letter clouds U.S. Clipper policy," George
Leopold, "EE Times," 1994-07-25, p. 4]

[the article mentioned Gore's "We welcome the opportunity to work with
industry to develop a more versatile, less expensive system. Such a
key-escrow system would be implemented in software, firmware, hardware
or any combination thereof, would not rely on upon a classified
algorithm, would be voluntary and would be exportable."]

In an earlier article:

"Sen. Patty Murray, D-Wash., cosponsor of the Senate bill, said the
Clipper-chip proposal "has had a chilling effect on software
manufacturers in my state," particularly Microsoft Corp. She and other
Clipper critics testifying last week argued that software encryption
is widely available. "Federal efforts to put the genie back in the
bottle will be futile," Murray said." ["Congress adds its voice to
Clipper debate," George Leopold, "EE Times," 1994-05-09, p. 16]

And this chilling comment from Stephen Walker of TIS:

" "Most Americans would accept government-imposed key escrow if it was
established by law" and subject to judicial review, said Stephen
Walker, president of Trusted Systems Inc. [sic] and a former NSA
official." ["Congress adds its voice to Clipper debate," George
Leopold, "EE Times," 1994-05-09, p. 16]


From these and other articles I continue to believe that several
related things are happening:

* The Administrations has backed away from the hardware-based,
proprietary Skipjack approach that Clipper and EES represented. Though
Clipper is not yet officialy dead, its brain wave has flatlined.

* The software industry was apparently pressured, based on comments by
various people, including Rep. Maria Cantwell (D-Wash) and Sen. Patty
Murray. The form and timing of this pressure is not public knowledge,
but hints of it keep emerging.

* A software-based key escrow system, involving the new
Walker-Belenson-others algorithm, is the likely basis for this new
"more versatile, less expensive system" that Gore says would be
"implementable in software, firmware, hardware or any combination
thereof..." Practically speaking, this means software, as the hardware
base of machines already out in the world pretty much makes hardware-
or firmware-based deployment very problematic...few people will buy
new hardware, which is what helped to kill Clipper.

* Ostensibly this will be "voluntary," but the "voluntary" part may
only be choice from a Chinese menu of approved and licensed escrow
agents. [This is my interpretation, reading between the line of a
dozen or so articles, articles which quote sources about how "private
industry" will provide escrow agents, how choice will be preserved,
and how the infamous "legitimate needs of law enforcment" will be
preserved.

* This compromise will likely put software key escrow (SKE, or Carl
Ellison's "GAK"..."Government Access to Keys") into the software for
audio and video teleconferencing, communication, and possibly into the
OS itself (as this would be needed to ensure wide coverage of
installed machines).

* The articles suggest Sen. Leahy, Rep. Cantwell, and many others have
already accepted this compromise. Enabling legislation could come at
any time, and may be closely related to the Digital Telephony Bill,
which has had the same behind-the-scenes negotiating. 

In closing, I reject the point made by Walker, that Americans will
accept a "government imposed key escrow if it was established by law."

I think this is the real threat on the horizon.

--Tim May


-- 
..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,  
tcmay@netcom.com       | anonymous networks, digital pseudonyms, zero
408-688-5409           | knowledge, reputations, information markets, 
W.A.S.T.E.: Aptos, CA  | black markets, collapse of governments.
Higher Power: 2^859433 | Public Key: PGP and MailSafe available.
"National borders are just speed bumps on the information superhighway."




Thread