1993-09-22 - News You Can Use

Header Data

From: Duncan Frissell <frissell@panix.com>
To: CYPHERPUNKS@toad.com
Message Hash: a3181bbac58657565a3cd33398bed2a452ea009f19e701ec742d0e383c5b4661
Message ID: <199309221916.AA17396@panix.com>
Reply To: N/A
UTC Datetime: 1993-09-22 19:20:19 UTC
Raw Date: Wed, 22 Sep 93 12:20:19 PDT

Raw message

From: Duncan Frissell <frissell@panix.com>
Date: Wed, 22 Sep 93 12:20:19 PDT
To: CYPHERPUNKS@toad.com
Subject: News You Can Use
Message-ID: <199309221916.AA17396@panix.com>
MIME-Version: 1.0
Content-Type: text/plain


AP 09/21 0844  Encryption Software

Copyright, 1993. The Associated Press. All rights reserved.

   SAN JOSE, Calif. (AP) -- A federal grand jury is investigating exports 
of a controversial computer program in a case that could affect how 
software is distributed worldwide.
   U.S. Customs officials asked for an investigation into ViaCrypt of 
Phoenix and Austin Code Works of Austin, Texas, and the companies' plans 
for foreign distribution of software, including PGP, a program that turns 
data into an indecipherable code using encryption technology.
   William Keane, an assistant U.S. attorney, confirmed that an 
investigation is continuing, but declined to comment on the case.
   The PGP program has been distributed worldwide over computer networks 
by some computer enthusiasts who oppose the U.S. government's trade 
regulations on encryption.
   The National Security Agency, which monitors international 
communications, has supported strict encryption technology export 
regulations, arguing that it would be difficult to keep tabs on hostile 
governments and foreign terrorists.
   But opponents say the restrictions hurt sales and violate the First
Amendment that protects the right to publish information about encryption.
   "I wrote PGP to make democracy healthier. I didn't do it to make 
money," said Philip Zimmermann, a computer consultant who developed PGP.
   "We believe everything we are doing is above board and well within the 
law," said ViaCrypt president Leonard Mikus. He said the company had no 
intentions of violating export regulations.



WP (Washington Post) 09/18  Encryption Program Stirs Security Debate

By John Mintz and John Schwartz
Washington Post Staff Writers

    Computer industry officials and civil-liberties activists are 
launching new attacks on the Clinton administration's plan to make the 
so-called clipper computer chip the national standard for encrypting, or 
scrambling, data and voice communications.
    Under the clipper plan announced this year by the Clinton White House,
police agencies that receive court authorization for a wiretap to 
intercept encrypted communications would then need the technological 
cooperation of two independent "escrow" agents to crack the code.
    Earlier this week administration officials told congressional staff 
members that the two escrow agents will be officials of two government 
agencies: the Commerce Department's National Institute of Standards and 
Technology (NIST), and a non-law enforcement section of the Treasury 
Department that has not been selected.
    Yesterday industry and civil-liberties groups criticized that 
selection because they said NIST and Treasury are not independent, but 
arms of the same federal government that could some day be called upon to 
listen in on their communications.
    Douglas Miller, government affairs representative of the Software
Publishers Association, made up of U.S. software firms, said his group has
"grave doubts" that foreign corporations will encrypt their communications 
with the clipper chip because "the U.S. government holds the key."
    A main reason the administration is promoting clipper is that the U.S.
National Security Agency, the super-secret code-breaking agency, wants to
discourage use of highly capable, non-clipper encryption programs that are
becoming increasingly popular but  that  the NSA can't pierce.
    Industry officials for years have regarded NIST as a stalking horse 
for the NSA.
    Jerry Berman, director of the Washington office of the Electronic 
Frontier Foundation, which promotes public-interest causes in 
technology-policy areas, said NIST is "so close to the NSA that it can't 
give the public comfort that this is a true escrow system."
    John Podesta, assistant to the president and a key White House staff 
member on this issue, said such objections are "a phony issue."
    "We clearly are looking for procedures and escrow agents that would
maintain privacy and confidentiality and security of the keys," Podesta 
said.  "Cryptography lends itself to a certain degree of paranoia."
    Kate Martin, director of the Center for National Security Studies of 
the American Civil Liberties Union, mocked use of the term "escrow" in 
this case. An escrow agent is someone who is independent of two parties 
potentially in conflict, like a settlement attorney at a real estate 
closing, she said.
    "As long as the escrow agents are government agencies, it's misleading 
to call them that," she said. "The government doesn't have a fiduciary 
obligation to the people whose (communications) keys it holds," but only 
to the government.
    "The whole idea continues to be structurally flawed," said Bruce 
Heiman, attorney for the Business Software Alliance, a group of top U.S. 
software firms, such as Microsoft, Novell, Lotus and Apple. Companies and 
individuals who transmit secure information "will have serious doubts 
about the integrity of the system."
    Since the government currently prevents the export of many powerful
U.S.-made encryption techniques, the administration's attempts to promote 
its clipper chip "will discourage use of encryption, period, or hand over 
the market for encryption to foreigners."
    When one listens to an encrypted conversation, it sounds like a 
crackle or buzz.
    Under the plan, every law-enforcement agency will have a special 
personal computer or "black box" to descramble that crackle, but the 
device will work only when they have been given a special key from the 
escrow agents.
    When police get a judge's permission to intercept an encrypted 
conversation or stream of computerized data, they would use the box to 
determine the special encryption identifier or label assigned to that 
particular encryption device.
    A detective would notify NIST and Treasury that he or she has 
permission to listen in on the party. NIST and Treasury would have a list 
of the secret encryption key numbers - extremely long lists of 0s and 1s - 
for every encryption device sold in the  United States.  NIST and Treasury 
would find the appropriate one on the list, and then they would send the 
needed key number to the police over telephone lines. The police would 
then insert that decoder number into the black box to tap the phone line 
in question.
    The ACLU's Martin said the government, given lists of secret 
encryption numbers, "has an enormously greater ability to eavesdrop than 
it's ever had." Government officials deny that.


Duncan Frissell

The $1 Trillion/year Health Security Act of 1993, the most expensive 
government program in the hisotry of mankind.

--- WinQwk 2.0b#0
                                                                                                                      





Thread