From: Stanton McCandlish <mech@eff.org>
To: farber@cis.upenn.edu (David Farber)
Message Hash: 8f1a5a05ab55f54e32ae105339f4363e1d94fbfa3bfa97f5e65207cf08f8ab64
Message ID: <199405091938.PAA29993@eff.org>
Reply To: N/A
UTC Datetime: 1994-05-09 19:41:40 UTC
Raw Date: Mon, 9 May 94 12:41:40 PDT
From: Stanton McCandlish <mech@eff.org>
Date: Mon, 9 May 94 12:41:40 PDT
To: farber@cis.upenn.edu (David Farber)
Subject: Clipper: Govt. Monopoly in the Making - Ineffective Law Enforcement
Message-ID: <199405091938.PAA29993@eff.org>
MIME-Version: 1.0
Content-Type: text/plain
Date: Mon, 9 May 1994 10:09:02 -0600
From: clewis@ils.nwu.edu (Charles Lewis)
[according to the author, this may be redistributed at will; for print
publication, best contact the author.]
The Clipper Chip:
Government Monopoly in the Making
or Ineffective Law Enforcement
Charles Lewis <clewis@ils.nwu.edu>
2/26/94
On April 16, 1993, the White House released an official
announcement of a new encryption technology called the Clipper Chip.
Developed by the National Security Agency (NSA), and implemented by the
National Institute for Standards and Technology (NIST), the Clipper
initiative was intended to satisfy the private sector's need for secure
encryption of data, specifically telephone communications, and at the same
time allow law enforcement agencies to tap into these encrypted
communications when such actions were approved by the Attorney General.
The needs of private industry for secure lines of communication
have long been left unfulfilled, primarily because of obsolete legislation
that considers encryption algorithms to be a munitions for export purposes.
For fear of the potential uses of such algorithms in the wrong hands, the
export of technology implementing said algorithms has been virtually
impossible. Industry leaders have been reluctant to incorporate encryption
into their products because munitions laws would require that the versions
made for export would have to be significantly different from the ones sold
for domestic use. Meanwhile, industrial espionage remains a significant
risk for many private companies.
The government maintains that introducing secure encryption for
public use could have disastrous effects for law enforcement agencies.
"Unfortunately, the same encryption technology that can help Americans
protect business secrets and personal privacy can also be used by
terrorists, drug dealers, and other criminals," (The White House, Office of
the Press Secretary, April 4, 1994). The Clipper initiative was meant to
satisfy both the needs of the public sector for privacy, and the needs of
law enforcement agencies to conduct legitimate electronic surveillance.
To this end, the government proposed the controversial Escrow
Encryption Standard (EES), of which Clipper is the first implementation.
The concept is simple: Clipper will provide encryption of telephone calls
between two Clipper equipped phones. This encryption will be unnoticeable
at either end of the connection, but the signal in between will be
scrambled to prevent monitoring by unauthorized parties. The scrambled
signal can be decoded by using two data 'keys,' each held by a different
government agency and released only when the Attorney General approves a
request for them. By using this back door in the encryption algorithm, law
enforcement agencies will still be able to conduct surveillance.
Following the Clinton Administration's announcement of EES, there
were concerned responses from many industry leaders and organizations. The
primary cause for their anxiety was the power of the government to override
the encryption provided by Clipper. This was defended as being a trade-off
necessary for the compromise between the availability of encryption to the
public and the needs of law enforcement agencies to effectively do their
jobs. EES proponents argue that it does not make it any easier to obtain
approval for electronic surveillance.
The issue of whether the government can be trusted to hold the keys
to this system is wide open for debate. Essentially, the government is
asking us to trust them in this issue, and many aren't sure that this is
wise or necessary. These arguments have far reaching implications for the
future of personal privacy in America. It is very important for Americans,
both in and out of the government, to consider how these issues affect us
all. In the case of the EES, however, there are much more clear cut
reasons why this initiative is both ineffective in satisfying the purposes
for which it was devised, and damaging to those who would develop or use
encryption.
Even if we are to trust that the government is acting in our best
interests by allowing law enforcement agencies to compromise the encryption
standard, and even if we trust that the EES will provide adequate
protection of the keys that can be used to bypass this encryption, many
have asked just how effective the algorithm implemented in Clipper, called
the SKIPJACK algorithm, is in the first place. The answer to this is
impossible to ascertain first hand, unless you are one of the privileged
few who were responsible for the development or testing of the algorithm.
Secrecy is necessary in order to preserve the law enforcement functions ofs
the algorithm. According to the NIST approval of EES, this ensures that no
one can develop communications devices which use the algorithm without the
law enforcement features (NIST, 2/9/94). That is to say that if the
algorithm were made public, it would be no problem for a company to produce
telephones which were capable of having encrypted communications with
Clipper equipped phones, but would be impervious to decryption by law
enforcement agencies, defeating the purpose of the algorithm.
This secrecy comes at a cost. There is universal concern about the
adequacy of an algorithm which cannot be revealed. In order to allay these
concerns, the government had SKIPJACK examined by a panel of independent
experts, who found it to be secure. Even so, it is difficult for many to
simply take the word of this panel rather than to test the algorithm
themselves. Dorothy Denning, a member of this panel, has little patience
for outsiders who want in: "Nothing can be concluded from a statement
questioning the technology by someone who has not seen it regardless of
whether that person is an expert in security," (Denning, 2/9/94). By
making this claim, she uniformly ignores the questions of the entire
cryptography community.
The attitude that no one outside of a government agency or
government appointed panel is worthy of developing or testing SKIPJACK is
echoed by Stuart Baker of the NSA in defending the secrecy surrounding the
algorithm: "There are very few institutions other than government that are
willing to devote both the kind of energy and resources that it takes to
eliminate the last few bugs in encryption software or machinery," (Fourth
Conference on Computers, Freedom, and Privacy, 3/24/94). Denning and Baker
would have us believe that there is nothing useful to be had from
consulting with the many industry and academic experts doing research in
this field. In truth, it has often been the case that innovations in
cryptography have come from non-government sources. There are many private
companies providing encryption services professionally, as well as computer
scientists doing important research in the field. Ignoring the opinions of
these professionals not only damages the study of cryptography, but
potentially hurts the EES by not taking advantage of what these experts
have to offer.
Even the sacrifice of a publicly available algorithm for the sake
of law enforcement is in vain. Whitfield Diffie of Sun Microsystems, a
veteran researcher in cryptography, tells us that "the Clipper system, as
it has been described, is not difficult to bypass," (Diffie, 5/11/93). If
Clipper chips do become as widely available as the government suggests, it
will be possible for them to be used in such a manner as to defeat the law
enforcement features of the chip. Also, what is to stop one from simply
using a different sort of encryption that does not have the back door that
Clipper does?
According to official press releases, nothing. Government
spokespeople repeatedly state that the use of the Clipper chip is entirely
voluntary. But there are some drawbacks to not using it. For one thing,
it is expected that the first big customer of Clipper equipped devices will
be the government itself. Not only will this create many users of the EES
right off, but it will also force companies that do business with the
government to fall in line with the initiative. Another drawback to not
using the government standard will be the old munitions laws restricting
the export of encrypting devices. While the government is planning on
loosening these restrictions for products using Clipper, "...the
Administration will continue to restrict export of the most sophisticated
encryption devices," (White House, Office of the Press Secretary, 2/4/94).
It appears that the government hopes to simply squeeze out Clipper
competitors economically.
There are two possible results of the Clipper initiative. In the
first scenario, competing encryption standards will arise. Without the
government stepping in to make sure that the Clipper chip is the only form
of telecommunications encryption available, this is inevitable. Alternate
encryption standards will sell to the segment of consumers who would rather
not trust the government to listen in on their phone calls. If this
happens, Clipper will become completely ineffective for law enforcement
because of the people using encryption that doesn't conform to the EES. At
best, Clipper will fail.
The only possible way that Clipper can not fail is if U.S.
government successfully eliminates competitors selling encryption without a
back door. Again, the government has repeatedly stated that this is not
part of their game plan. If we are to believe that they will not try to
create a Clipper monopoly, the first scenario is the only one possible. On
the other hand, if the government does in fact force competitors out of the
market using economic and legislative pressures, it would be extremely
damaging both for the agencies outside of the government which work in the
cryptography field, and for individuals using cryptography. The NSA would
become the only agency in America with access to the workings of the system
which the entire industry would be dependent upon. Additionally, only the
NSA would have a say in keeping the EES competitive by incorporating new
advances in encryption. Because of this choke hold, private research and
innovation in this field would be brought to a halt.
Either the U.S. government is prepared to take draconian measures
to ensure that the EES is used universally, or the Clipper chip will be
unable to keep the phone tapping business alive in the Information Age.
The fact that these are the only possible outcomes is reason enough to
oppose the Clipper initiative.
Glossary
Escrow Encryption Standard (EES): The encryption standard proposed by NIST,
which has a back door accessible by keys held in escrow by government
agencies.
Clipper: The first implementation of the EES. This chip will be used in
telecommunications devices.
SKIPJACK: The encryption algorithm used in the EES.
NIST: National Institute of Standards and Technology. Part of the Commerce
Department.
NSA: National Security Agency
CPSR: Computer Professionals for Social Responsibility
EFF: Electronic Frontier Foundation
Sources
Computer Professionals for Social Responsibility (CPSR). Computer
Professionals Call For Public Debate on New Governement Encryption
Initiative, April 16, 1993.
Denning, D. Re:Campaign and Petition Against Clipper, (open letter on the
Internet) February 9, 1994.
Department of Commerce (DOC) National Institure of Standards and Technology
(NIST). Approval of Federal Information Processing Standards Publication
185, Escrowed Encryption Standard (EES), February 9, 1994
Diffie, W. The Impact of a Secret Cryptographic Standard on Encryption,
Privacy, Law Enforcement and Technology (congressional testimony), May 11,
1993.
Electronic Frontier Foundation (EFF). "Initial EFF Analysis of Clinton
Privacy and Security Proposal", EFFector Online, April 16, 1993.
Fourth Conference on Computers, Freedom and Privacy. Data Encryption: Who
Holds the Keys? (panel), March 24, 1994.
Jackson, D. and S. Ratan. "Who Should Keep the Keys", Time, March 14, 1994.
Markov, J. "Electronics Plan Aims to Balance Governement Access With
Privacy", The New York Times, April 16, 1993.
Murray, F. "Government picks affordable chip to scramble phone calls", The
Washington Times, April 17, 1993.
White House Office of the Press Secretary, Statement of the Press
Secretary, February 4, 1994.
Note: the great bulk of this information came from the following FTP sites:
ftp.cpsr.org /cypherpunks/clipper
ftp.eff.org /pub/EFF/Issues/Clipper
----
Charles Lewis Every normal man must be tempted
clewis@ils.nwu.edu at times to spit on his hands,
Institute forthe Learning Sciences hoist the black flag,
Northwestern University and begin slitting throats.
- H.L.Mencken
--
Stanton McCandlish * mech@eff.org * Electronic Frontier Found. OnlineActivist
"In a Time/CNN poll of 1,000 Americans conducted last week by Yankelovich
Partners, two-thirds said it was more important to protect the privacy of
phone calls than to preserve the ability of police to conduct wiretaps.
When informed about the Clipper Chip, 80% said they opposed it."
- Philip Elmer-Dewitt, "Who Should Keep the Keys", TIME, Mar. 14 1994
Return to May 1994
Return to “Stanton McCandlish <mech@eff.org>”
1994-05-09 (Mon, 9 May 94 12:41:40 PDT) - Clipper: Govt. Monopoly in the Making - Ineffective Law Enforcement - Stanton McCandlish <mech@eff.org>