From: Mike Godwin <mnemonic@eff.org>
To: cyberia-l@birds.wm.edu )
Message Hash: eff23eda09fadd7421c0b2fccbfaba9090b46c60f5e436fe0ca397c2344a9dff
Message ID: <199402042259.RAA00674@eff.org>
Reply To: N/A
UTC Datetime: 1994-02-04 23:00:19 UTC
Raw Date: Fri, 4 Feb 94 15:00:19 PST
From: Mike Godwin <mnemonic@eff.org>
Date: Fri, 4 Feb 94 15:00:19 PST
To: cyberia-l@birds.wm.edu )
Subject: reno_key_escrow.statement (fwd)
Message-ID: <199402042259.RAA00674@eff.org>
MIME-Version: 1.0
Content-Type: text/plain
Forwarded message:
From postmaster Fri Feb 4 17:49:05 1994
Date: Fri, 4 Feb 1994 17:47:42 -0500
From: Dan Brown <brown>
Message-Id: <199402042247.RAA00201@eff.org>
To: eff-board, eff-staff
Subject: reno_key_escrow.statement
Department of Justice
EMBARGOED FOR 3 P.M. RELEASE AG
FRIDAY, FEBRUARY 4, 1994 (202) 616-2771
ATTORNEY GENERAL MAKES KEY ESCROW ENCRYPTION ANNOUNCEMENTS
Attorney General Janet Reno today announced selection of the two
U.S. Government entities that will hold the escrowed key
components for encryption using the key escrow encryption method.
At the same time, the Attorney General made public procedures
under which encryption key components will be released to
government agencies for decrypting communications subject to
lawful wiretaps.
Key Escrow Encryption (formerly referred to as Clipper Chip )
strikes an excellent balance between protection of communications
privacy and protection of society. It permits the use in
commercial telecommunications products of chips that provide
extremely strong encryption, but can be decrypted, when necessary,
by government agencies conducting legally authorized wiretaps.
Decryption is accomplished by use of keys--80-bit binary numbers--
that are unique to each individual encryption chip. Each unique
key is in turn split into two components, which must be recombined
in order to decrypt communications. Knowing one component does not
make decryption any more feasible than not knowing either one.
The two escrow agents are the National Institute of Standards and
Technology (NIST), a part of the Department of Commerce, and the
Automated Systems Division of the Department of the Treasury. The
two escrow agents were chosen because of their abilities to
safeguard sensitive information, while at the same time being able
to respond in a timely fashion when wiretaps encounter encrypted
communications. In addition, NIST is responsible for establishing
standards for protection of sensitive, unclassified information in
Federal computer systems.
The escrow agents will act under strict procedures, which are
being made public today, that will ensure the security of the key
components and govern their release for use in conjunction with
lawful wiretaps. They will be responsible for holding the key
components: for each chip, one agent will hold one of the key
components, and the second agent will hold the other. Neither will
release a key component, except to a government agency with a
requirement to obtain it in connection with a lawfully authorized
wiretap. The system does not change the rules under which
government agencies are authorized to conduct wiretaps.
When an authorized government agency encounters suspected key-
escrow encryption, a written request will have to be submitted to
the two escrow agents. The request will, among other things, have
to identify the responsible agency and the individuals involved;
certify that the agency is involved in a lawfully authorized
wiretap; specify the wiretap's source of authorization and its
duration; and specify the serial number of the key-escrow
encryption chip being used. In every case, an attorney involved in
the investigation will have to provide the escrow agents assurance
that a validly authorized wiretap is being conducted.
Upon receipt of a proper request, the escrow agents will transmit
their respective key components to the appropriate agency. The
components will be combined within a decrypt device, which only
then will be able to decrypt communications protected by key-
escrow encryption. When the wiretap authorization ends, the device
s ability to decrypt communications using that particular chip
will also be ended.
The Department of Justice will, at the various stages of the
process, take steps to monitor compliance with the procedures.
Return to February 1994
Return to “Mike Godwin <mnemonic@eff.org>”
1994-02-04 (Fri, 4 Feb 94 15:00:19 PST) - reno_key_escrow.statement (fwd) - Mike Godwin <mnemonic@eff.org>