From: Richard Johnson <Richard.Johnson@Colorado.EDU>
Date: Thu, 12 May 94 13:06:34 PDT
To: cypherpunks@toad.com
Subject: NSA Chief Counsel in Wired, to appear on AOL
Message-ID: <199405122006.OAA11345@spot.Colorado.EDU>
MIME-Version: 1.0
Content-Type: text/plain



The guy in charge of marginalizing crypto users and privacy seekers for
the NSA, Stuart Baker, tries his hand at logical arguments with a minimum
of name-calling.

Do his arguments stand up?  Not really.  Note how he avoids the issue of
how easy it's getting for authorities to do 'drift-net' fishing -
trotting out the tired old 'no new capabilities' line.  He also seems to
believe that requiring court authorization for wiretaps provides good
protection against their abuse (NSA has its own pet court).

------- Forwarded Message

Copyright and distribution policy attached to the end of document. FYI.

X-within-URL: http://www.wired.com/Etext/2.06/Features/nsa.clipper.html


                     NSA'S CHIEF COUNSEL TO APPEAR ONLINE
                                       
   Stewart A. Baker, Chief Counsel for the National Security Agency and
   featured writer in WIRED 2.06 will host a Q&A session on the Clipper
   Chip. He will appear on America Online in Center Stage (from AOL type
   keyword: "center stage") on Thursday May 26, 1994, from 7-9 p.m. EST.
   
   Baker is the NSA's top lawyer and supports the Clipper Initiative. He
   worked briefly as Deputy General Counsel of the Education Department
   under President Jimmy Carter. His article "Don't Worry Be Happy"
   refutes seven myths of key escrow encryption and is a WIRED Exclusive.
   
     _________________________________________________________________
   
                             DON'T WORRY BE HAPPY
                                       
   
   
   Why Clipper Is Good For You
   
    By Stewart A. Baker, Chief Counsel for the NSA
    
   
   
   
     _________________________________________________________________
   
   
   
   With all the enthusiasm of Baptist ministers turning their Sunday
   pulpits over to the Devil, the editors of WIRED have offered me the
   opportunity to respond to some of the urban folklore that has grown up
   around key escrow encryption -- also known as the Clipper Chip.
   
   Recently the Clinton administration has announced that federal
   agencies will be able to buy a new kind of encryption hardware that is
   sixteen million times stronger than the existing federal standard
   known as DES. But this new potency comes with a caveat. If one of
   these new encryption devices is used, for example, to encode a phone
   conversation that is subject to a lawful government wiretap, the
   government can get access to that device's encryption keys. Separate
   parts of each key are held by two independent "escrow agents," who
   will release keys only to authorized agencies under safeguards
   approved by the attorney general. Private use of the new encryption
   hardware is welcome but not required. That's a pretty modest proposal.
   Its critics, though, have generated at least seven myths about key
   escrow encryption that deserve answers.
   
   
   
   MYTH NUMBER ONE: Key escrow encryption will create a brave new world
   of government intrusion into the privacy of Americans. 
   
   Opponents of key escrow encryption usually begin by talking about
   government invading the privacy of American citizens. None of us likes
   the idea of the government intruding willy-nilly on communications
   that are meant to be private.
   
   But the key escrow proposal is not about increasing government's
   authority to invade the privacy of its citizens. All that key escrow
   does is preserve the government's current ability to conduct wiretaps
   under existing authorities. Even if key escrow were the only form of
   encryption available, the world would look only a little different
   from the one we live in now.
   
   In fact, it's the proponents of widespread unbreakable encryption who
   want to create a brave new world, one in which all of us -- crooks
   included -- have a guarantee that the government can't tap our phones.
   Yet these proponents have done nothing to show us that the new world
   they seek will really be a better one.
   
   In fact, even a civil libertarian might prefer a world where wiretaps
   are possible. If we want to catch and convict the leaders of criminal
   organizations, there are usually only two good ways to do it. We can
   "turn" a gang member -- get him to testify against his leaders. Or we
   can wiretap the leaders as they plan the crime.
   
   I once did a human rights report on the criminal justice system in El
   Salvador. I didn't expect the Salvadorans to teach me much about human
   rights. But I learned that, unlike the US, El Salvador greatly
   restricts the testimony of "turned" co-conspirators. Why? Because the
   co-conspirator is usually "turned" either by a threat of mistreatment
   or by an offer to reduce his punishment. Either way, the process
   raises moral questions -- and creates an incentive for false
   accusations.
   
   Wiretaps have no such potential for coercive use. The defendant is
   convicted or freed on the basis of his own, unarguable words.
   
   In addition, the world will be a safer place if criminals cannot take
   advantage of a ubiquitous, standardized encryption infrastructure that
   is immune from any conceivable law enforcement wiretap. Even if you're
   worried about illegal government taps, key escrow reinforces the
   existing requirement that every wiretap and every decryption must be
   lawfully authorized. The key escrow system means that proof of
   authority to tap must be certified and audited, so that illegal
   wiretapping by a rogue prosecutor or police officer is, as a practical
   matter, impossible.
   
   
   
   MYTH NUMBER TWO: Unreadable encryption is the key to our future
   liberty.
   
   Of course there are people who aren't prepared to trust the escrow
   agents, or the courts that issue warrants, or the officials who
   oversee the system, or anybody else for that matter. Rather than rely
   on laws to protect us, they say, let's make wiretapping impossible;
   then we'll be safe no matter who gets elected.
   
   This sort of reasoning is the long-delayed revenge of people who
   couldn't go to Woodstock because they had too much trig homework. It
   reflects a wide -- and kind of endearing -- streak of romantic
   high-tech anarchism that crops up throughout the computer world.
   
   The problem with all this romanticism is that its most likely
   beneficiaries are predators. Take for example the campaign to
   distribute PGP ("Pretty Good Privacy") encryption on the Internet.
   Some argue that widespread availability of this encryption will help
   Latvian freedom fighters today and American freedom fighters tomorrow.
   Well, not quite. Rather, one of the earliest users of PGP was a
   high-tech pedophile in Santa Clara, California. He used PGP to encrypt
   files that, police suspect, include a diary of his contacts with
   susceptible young boys using computer bulletin boards all over the
   country. "What really bothers me," says Detective Brian Kennedy of the
   Sacramento, California, Sheriff's Department, "is that there could be
   kids out there who need help badly, but thanks to this encryption,
   we'll never reach them."
   
   If unescrowed encryption becomes ubiquitous, there will be many more
   stories like this. We can't afford as a society to protect pedophiles
   and criminals today just to keep alive the far-fetched notion that
   some future tyrant will be brought down by guerrillas wearing
   bandoleers and pocket protectors and sending PGP-encrypted messages to
   each other across cyberspace.
   
   
   
   MYTH NUMBER THREE: Encryption is the key to preserving privacy in a
   digital world.
   
   Even people who don't believe that they are likely to be part of
   future resistance movements have nonetheless been persuaded that
   encryption is the key to preserving privacy in a networked, wireless
   world, and that we need strong encryption for this reason. This isn't
   completely wrong, but it is not an argument against Clipper.
   
   If you want to keep your neighbors from listening in on your cordless
   phone, if you want to keep unscrupulous competitors from stealing your
   secrets, even if you want to keep foreign governments from knowing
   your business plans, key escrow encryption will provide all the
   security you need, and more.
   
   But I can't help pointing out that encryption has been vastly oversold
   as a privacy protector. The biggest threats to our privacy in a
   digital world come not from what we keep secret but from what we
   reveal willingly. We lose privacy in a digital world because it
   becomes cheap and easy to collate and transmit data, so that
   information you willingly gave a bank to get a mortgage suddenly ends
   up in the hands of a business rival or your ex-spouse's lawyer.
   Restricting these invasions of privacy is a challenge, but it isn't a
   job for encryption. Encryption can't protect you from the misuse of
   data you surrendered willingly.
   
   What about the rise of networks? Surely encryption can help prevent
   password attacks like the recent Internet virus, or the interception
   of credit card numbers as they're sent from one digital assistant to
   another? Well, maybe. In fact, encryption is, at best, a small part of
   network security.
   
   The real key to network security is making sure that only the right
   people get access to particular data. That's why a digital signature
   is so much more important to future network security than encryption.
   If everyone on a net has a unique identifier that others cannot forge,
   there's no need to send credit card numbers -- and so nothing to
   intercept. And if everyone has a digital signature, stealing passwords
   off the Net is pointless. That's why the Clinton administration is
   determined to put digital signature technology in the public domain.
   It's part of a strategy to improve the security of the information
   infrastructure in ways that don't endanger government's ability to
   enforce the law.
   
   
   
   MYTH NUMBER FOUR: Key escrow will never work. Crooks won't use it if
   it's voluntary. There must be a secret plan to make key escrow
   encryption mandatory.
   
   This is probably the most common and frustrating of all the myths that
   abound about key escrow. The administration has said time and again
   that it will not force key escrow on manufacturers and companies in
   the private sector. In a Catch-22 response, critics then insist that
   if key escrow isn't mandated it won't work.
   
   That misunderstands the nature of the problem we are trying to solve.
   Encryption is available today. But it isn't easy for criminals to use;
   especially in telecommunications. Why? Because as long as encryption
   is not standardized and ubiquitous, using encryption means buying and
   distributing expensive gear to all the key members of the conspiracy.
   Up to now only a few criminals have had the resources, sophistication,
   and discipline to use specialized encryption systems.
   
   What worries law enforcement agencies --what should worry them -- is a
   world where encryption is standardized and ubiquitous: a world where
   anyone who buys an US$80 phone gets an "encrypt" button that
   interoperates with everyone else's; a world where every fax machine
   and every modem automatically encodes its transmissions without asking
   whether that is necessary. In such a world, every criminal will gain a
   guaranteed refuge from the police without lifting a finger.
   
   The purpose of the key escrow initiative is to provide an alternative
   form of encryption that can meet legitimate security concerns without
   building a web of standardized encryption that shuts law enforcement
   agencies out. If banks and corporations and government agencies buy
   key escrow encryption, criminals won't get a free ride. They'll have
   to build their own systems -- as they do now. And their devices won't
   interact with the devices that much of the rest of society uses. As
   one of my friends in the FBI puts it, "Nobody will build secure phones
   just to sell to the Gambino family."
   
   In short, as long as legitimate businesses use key escrow, we can
   stave off a future in which acts of terror and organized crime are
   planned with impunity on the public telecommunications system. Of
   course, whenever we say that, the critics of key escrow trot out their
   fifth myth:
   
   
   
   MYTH NUMBER FIVE: The government is interfering with the free market
   by forcing key escrow on the private sector. Industry should be left
   alone to develop and sell whatever form of encryption succeeds in the
   market.
   
   In fact, opponents of key escrow fear that businesses may actually
   prefer key escrow encryption. Why? Because the brave new world that
   unreadable encryption buffs want to create isn't just a world with
   communications immunity for crooks. It's a world of uncharted
   liability. What if a company supplies unreadable encryption to all its
   employees, and a couple of them use it to steal from customers or to
   encrypt customer data and hold it hostage? As a lawyer, I can say it's
   almost certain that the customers will sue the company that supplied
   the encryption to its employees. And that company in turn will sue the
   software and hardware firms that built a "security" system without
   safeguards against such an obvious abuse. The only encryption system
   that doesn't conjure up images of a lawyers' feeding frenzy is key
   escrow.
   
   But there's a second and even more compelling reason why the key
   escrow initiative can't fairly be characterized as interfering with
   private enterprise: The encryption market has been more or less
   created and sustained by government. Much of the market for encryption
   devices is in the public sector, and much of the encryption technology
   now in widespread use in the private sector was funded, perfected, or
   endorsed by the federal government.
   
   And not by accident, either. Good encryption is expensive. It isn't
   just a matter of coming up with a strong algorithm, although testing
   the strength of an algorithm can be enormously time-consuming. The
   entire system must be checked for bugs and weaknesses, a laborious and
   unglamorous process. Generally, only the federal government has been
   willing to pay what it costs to develop secure communications gear.
   That's because we can't afford to have our adversaries reading our
   military and diplomatic communications.
   
   That's led to a common pattern. First, the government develops, tests,
   or perfects encryption systems for itself. Then the private sector
   drafts along behind the government, adopting government standards on
   the assumption that if it's good enough for the government's
   information, it's good enough to protect industry's.
   
   As encryption technology gets cheaper and more common, though, we face
   the real prospect that the federal government's own research, its own
   standards, its own purchases will help create the future I described
   earlier -- one in which criminals use ubiquitous encryption to hide
   their activities. How can anyone expect the standard-setting arms of
   government to use their power to destroy the capabilities of law
   enforcement -- especially at a time when the threat of crime and
   terror seems to be rising dramatically?
   
   By adopting key escrow encryption instead, the federal government has
   simply made the reasonable judgment that its own purchases will
   reflect all of society's values, not just the single-minded pursuit of
   total privacy.
   
   So where does this leave industry, especially those companies that
   don't like either the 1970s-vintage DES or key escrow? It leaves them
   where they ought to be -- standing on their own two feet. Companies
   that want to develop and sell new forms of unescrowed encryption won't
   be able to sell products that bear the federal seal of approval. They
   won't be able to ride piggyback on federal research efforts. And they
   won't be able to sell a single unreadable encryption product to both
   private and government customers.
   
   Well, so what? If companies want to develop and sell competing,
   unescrowed systems to other Americans, if they insist on hastening a
   brave new world of criminal immunity, they can still do so -- as long
   as they're willing to use their own money. That's what the free market
   is all about.
   
   Of course, a free market in the US doesn't mean freedom to export
   encryption that may damage US national security. As our experience in
   World War II shows, encryption is the kind of technology that wins and
   loses wars. With that in mind, we must be careful about exports of
   encryption. This isn't the place for a detailed discussion of
   controls, but one thing should be clear: They don't limit the
   encryption that Americans can buy or use. The government allows
   Americans to take even the most sophisticated encryption abroad for
   their own protection. Nor do controls require that software or
   hardware companies "dumb down" their US products. Software firms have
   complained that it's inconvenient to develop a second encryption
   scheme for export, but they already have to make changes from one
   country to the next -- in language, alphabet, date systems, and
   handwriting recognition, to take just a few examples. And they'd still
   have to develop multiple encryption programs even if the US abolished
   export controls, because a wide variety of national restrictions on
   encryption are already in place in countries from Europe to Asia.
   
   
   
   MYTH NUMBER SIX: The National Security Agency is a spy agency; it has
   no business worrying about domestic encryption policy.
   
   Since the National Security Agency has an intelligence mission, its
   role in helping to develop key escrow encryption is usually treated as
   evidence that key escrow must be bad security. In reality, though, NSA
   has two missions. It does indeed gather intelligence, in part by
   breaking codes. But it has a second, and oddly complementary, mission.
   It develops the best possible encryption for the US government's
   classified information.
   
   With code breakers and code makers all in the same agency, NSA has
   more expertise in cryptography than any other entity in the country,
   public or private. It should come as no surprise, therefore, that NSA
   had the know- how to develop an encryption technique that provides
   users great security without compromising law enforcement access. To
   say that NSA shouldn't be involved in this issue is to say the
   government should try to solve this difficult technical and social
   problem with both hands tied behind its back.
   
   
   
   MYTH NUMBER SEVEN: This entire initiative was studied in secret and
   implemented without any opportunity for industry or the public to be
   heard.
   
   This is an old objection, and one that had some force in April of
   1993, when the introduction of a new AT&T telephone encryption device
   required that the government move more quickly than it otherwise would
   have. Key escrow was a new idea at that time, and it was reasonable
   for the public to want more details and a chance to be heard before
   policies were set in concrete. But since April 1993, the public and
   industry have had many opportunities to express their views. The
   government's computer security and privacy advisory board held several
   days of public hearings. The National Security Council met repeatedly
   with industry groups. The Justice Department held briefings for
   congressional staff on its plans for escrow procedures well in advance
   of its final decision. And the Commerce Department took public comment
   on the proposed key escrow standard for 60 days.
   
   After all this consultation, the government went forward with key
   escrow, not because the key escrow proposal received a universally
   warm reception, but because none of the proposal's critics was able to
   suggest a better way to accommodate society's interests in both
   privacy and law enforcement. Unless somebody comes up with one, key
   escrow is likely to be around for quite a while. That's because the
   only alternative being proposed today is for the government to design
   or endorse encryption systems that will cripple law enforcement when
   the technology migrates -- as it surely will -- to the private sector.
   And that alternative is simply irresponsible.
   
   For more information on the Clipper standard you can access WIRED's
   Clipper archive via the following WIRED Online services.
   
     * WIRED Infodroid e-mail server: Send e-mail to infodroid@wired.com
       containing the words "send clipper/index" on a single line inside
       the message body.
     * WIRED Gopher: Gopher to gopher.wired.com and select "Clipper
       Archive."
     * WIRED on World Wide Web: http://www.wired.com select "Clipper
       Archive."
     * WIRED on America Online: The keyword is WIRED.
     * WIRED on the Well: Type "go wired" from any "OK" prompt.
       
   
   
   
     _________________________________________________________________
   
   
   
   Stewart A. Baker is the National Security Agency's top lawyer. He
   worked briefly as Deputy General Counsel of the Education Department
   under President Jimmy Carter, and he practiced international law at
   Steptoe & Johnson, in Washington, DC. He has been at the NSA since
   1992.
   
   
     _________________________________________________________________
   
   WIRED Online Copyright Notice
   
   Copyright 1993,4 Ventures USA Ltd. All rights reserved.
   
   This article may be redistributed provided that the article and this
   notice remain intact. This article may not under any circumstances be
   resold or redistributed for compensation of any kind without prior
   written permission from Wired Ventures, Ltd.
   
   If you have any questions about these terms, or would like information
   about licensing materials from WIRED Online, please contact us via
   telephone (+1 (415) 904 0660) or email (info@wired.com).
   
   WIRED and WIRED Online are trademarks of Wired Ventures, Ltd.

------- End of Forwarded Message