1994-08-01 - Philadelphia Enquirer Story on Clipper

Header Data

From: schneier@chinet.chinet.com (Bruce Schneier)
To: cypherpunks@toad.com
Message Hash: cbcb30521abb365f0d1b88c451e3439eeb4dfbb8d2240a591aace7ce73056330
Message ID: <m0qUosJ-0002EdC@chinet>
Reply To: N/A
UTC Datetime: 1994-08-01 04:50:23 UTC
Raw Date: Sun, 31 Jul 94 21:50:23 PDT

Raw message

From: schneier@chinet.chinet.com (Bruce Schneier)
Date: Sun, 31 Jul 94 21:50:23 PDT
To: cypherpunks@toad.com
Subject: Philadelphia Enquirer Story on Clipper
Message-ID: <m0qUosJ-0002EdC@chinet>
MIME-Version: 1.0
Content-Type: text/plain





                             PHILADELPHIA INQUIRER
                  Copyright Philadelphia Newspapers Inc. 1994

 DATE: SATURDAY  July 23, 1994
 PAGE: A01                                         EDITION: FINAL
 SECTION: NATIONAL                                 LENGTH: LONG
 GRAPHICS: PHOTO AND DIAGRAM
 SOURCE: By Michael L. Rozansky, INQUIRER STAFF WRITER

                PHONE-SCRAMBLING CHIP STIRS A DEBATE ON*PRIVACY*
                 U.S. IS PROMOTING A CODE SYSTEM IT CAN CRACK.

    The FBI, CIA and National Security Agency say that advances in technology 
are making it impossible to wiretap and decode the phone calls and computer 
communications of terrorists and criminals.
    So they came up with this solution:
    This little square of silicon sealed in black plastic is called the 
Clipper chip that Uncle Sam wants businesses and individuals interested in 
keeping their telecommunications confidential to buy. It scrambles 
conversations so that no one who eavesdrops on a call can understand them.
    No one, that is, except the U.S. government.
    That's because the government's concept was to keep a copy of the 
electronic key to each Clipper chip that, with a court order, would allow it 
to unscramble calls and listen in.
    All this has provoked what one White House official has dubbed the ''the 
Bosnia of telecommunications policy.''
    The first great civil-liberties battle of the '90s is here, and it's 
being fought over*privacy*in cyberspace.
    This week the Clinton administration took the first step toward clipping 
the Clipper. Vice President Gore wrote to a congressional critic that the 
administration would consider alternatives. Indeed, it wanted to explore 
industry alternatives, he said.
    But there are no signs that the government is altering its fundamental 
drive to make sure that changes in technology and advances in encryption do 
not make it impossible for the government to tap into telephone conversations 
and data communications.
    Some critics hailed Gore's letter as a major victory, others said it was 
less than it seemed.
    ''They are not withdrawing Clipper, they are not relaxing export 
controls, it doesn't change anything,'' said Dave Banisar, a policy analyst 
at the nonprofit Electronic*Privacy*Information Center in Washington.
    The government says the Clipper chip lets people and businesses protect 
their*privacy,*while giving police and spy agencies the ability to wiretap, 
with a court order, to catch terrorists, drug dealers and mobsters.
    Opponents say it's part of a broad government assault on*privacy.*
    ''Clipper is the tip of the iceberg,'' says Banisar. ''It's part of a big 
push by law enforcement to have their fingers in a lot of pies.''
    In addition to Clipper, Uncle Sam has come up with Capstone, a system 
similar to Clipper, for high-speed computer communications. The government 
also wants the telephone industry to spend what may be billions of dollars 
reworking its system to make it easier for the government to tap 
conversations.
    These and other plans have aroused the fury of an unlikely coalition of 
civil-liberties advocates and high-tech industry groups, which say those 
plans are unworkable, unnecessary and harmful to business.
    IBM and the International Chamber of Commerce oppose Clipper. So do the 
Cypherpunks, a band of cryptography buffs, computer hackers and programmers 
concerned with*privacy.*An anti-Clipper petition circulated on the Internet 
gathered 47,000 electronic signatures.
    The government was so intent on promoting Clipper that it eased rules 
covering its export while continuing to ban the export of competing systems 
capable of creating encryption that is almost unbreakable, known as ''strong 
encoding'' systems. Some strong encoding systems, which are classified as 
''munitions,'' can be obtained free on the Internet.
    One result is that U.S. companies are losing business to foreign 
competitors that make the same type of encryption systems the United States 
refuses to export, said Douglas Miller, government-affairs manager for the 
Software Publishers Association. He said 340 foreign crytographic systems 
were available in 31 countries.
    But issues of liberty versus government prying are what dominate the 
debate.
    ''If the government succeeds in this effort, the resulting blow to 
freedom and*privacy*could be immeasurable,'' Jerry Berman, executive director 
of the Electronic Frontier Foundation of Washington, the leading cyberspace 
civil- liberties organization, wrote in an electronic memo posted on Internet 
bulletin boards.
   *''Privacy*is necessary for democracy and liberty,'' said cryptographer 
Bruce Schneier, author of Applied Cryptography. ''You can't have a real 
democracy if you're required to tell the government all your secrets.''
    He and other critics say the Clipper plan is ripe for mistakes or 
government abuse that will compromise*privacy.*
    Law-enforcement officials counter that the Clipper and the related 
proposal, the Capstone chip, do not give them any greater right to wiretap 
than they have now.
    They frame the debate in different terms, saying that the key issue is 
what happens if the government cannot break the encryption used by major 
criminals.
    ''There's a potential for dire consequences, absolutely,'' said Jim 
Kallstrom, FBI special agent in charge of New York's electronic surveillance 
unit. ''If you're working on a kidnapping case, it's no good to get the 
criminal information a week later.''
    He adds: ''Are we going to have a cop on the (information) superhighway, 
or are we going to create a sanctuary for criminals?''
    Government officials say using Clipper - and its Capstone sister chip - 
is voluntary.
    ''There's nothing to say people can't ignore the government endorsement 
and use proprietary products,'' said F. Lynn McNulty, associate director for 
computer security at the National Institute for Standards and Technology, 
which developed the system.
    In practice, critics say, the government is not so neutral. Companies 
that have contracts to do sensitive work for the government, for example, may 
be required to use Clipper encryption. And the government is buying Clipper 
chips - the FBI alone has ordered 9,000 - which creates a market for Clipper 
and encourages more purchases. And the ban on exports of competing strong 
encoding systems also favors Clipper, the critics assert.
                                       *
    The Clipper chip was born largely out of fear - fear that the three-
letter police and spy agencies would lose their ability to wiretap.
    By the late '80s, the U.S. government worried that its old standard form 
of encoding, called the Data Encryption Standard, was getting easier to crack 
by newer, more powerful computers. Work began on a new standard form of 
encoding.
    While that was underway, in 1991, AT&T Corp. told the government it was 
going to come out with a mass-market voice-scrambling box: the $1,195 Surity 
3600.
    Until then, very strong encryption was generally used for data, not voice 
communications, said the FBI's Kallstrom. For example, banks use encryption 
to electronically transfer billions of dollars. But most scrambling systems 
for phone calls degraded sound quality so badly they were rarely used, he 
said.
    ''For the first time, there was something available that . . . was small, 
compact, inexpensive,'' and, ''for all practical purposes to law enforcement, 
was virtually unbreakable,'' Kallstrom said. ''That changed the balance of 
power.''
    The government's response was Clipper. In April of 1993, the government 
introduced a secret mathematical scrambling system, the Skipjack algorithm, 
which was encased in a computer chip to prevent tampering. It was supposed to 
be 16 million times tougher to crack  than the previously endorsed system.
    When the government asked for comment, 320 people responded. Only two 
wrote in support. Despite that, the Clipper plan was endorsed by the White 
House and became government policy in February.
    The government persuaded AT&T to use the Clipper system in its Surity box.
    AT&T, meanwhile, also sells two other versions of the box using its own 
proprietary encoding systems.
                                       *
    To limit government access to scrambled messages to occasions when a 
court authorizes a wiretap, Clipper uses a type of encryption called a ''key 
escrow'' system. When each Clipper chip is programmed at Mykotronx, in 
Torrance, Calif., an extra numerical key is created that can be used to 
decode that Clipper's signals. The extra key is split in two, with each half 
going to an escrow agent - in this plan, two different government agencies.
    Later, if law enforcement finds that a court-authorized wiretap picks up 
a Clipper-scrambled conversation, it can go to the escrow agents, get the key 
parts, assemble them and use the resulting key to decode that and subsequent 
calls from the tapped phone.
    In a separate, controversial move, the FBI proposed a ''Digital 
Telephony'' law that requires phone companies to modify their switching 
systems to facilitate wiretaps. The FBI says that new digital technology 
makes wiretapping tough, and new phone services such as call-forwarding and 
speed- dialing let people bypass wiretaps.
    The Digital Telephony bill would give the agency continued access to the 
phone system not just for wiretaps, but for  data on where and when calls are 
made.
    ''If you think crime is bad now,'' FBI Director Louis J. Freeh warned in 
a May speech, ''just wait and see what happens if the FBI one day soon is no 
longer able to conduct court-approved electronic surveillance.''
    The bill, which has not been introduced yet, is being fought by the 
United States Telephone Association, which says it could cost $2 billion to 
implement and would raise public suspicions about a government ''trapdoor'' 
in the phone system.
    Opponents say it also will enable police to gather information about 
people's consumer, spending and even political habits from monitoring their 
transactions over phone or cable-television lines.
    ''It makes the presumption,'' Banisar said, ''that law enforcement and 
the military have needs above everyone else, and we have to satisfy those 
needs first and then satisfy everyone else's basic civil rights.''
    Freeh and other law-enforcement officials say electronic surveillance has 
been critical in cracking major cases of terrorism, drugs and kidnapping - 
such as the arrests in Chicago's El Rukn street gang, purportedly acting for 
Libya in a plot to shoot down a commercial airplane with a stolen military 
rocket.
    Civil libertarians find the FBI's arguments misleading and inaccurate.
    ''They have a couple of horror stories about child molesters or whatever, 
but they account for just the smallest fraction of what wiretaps are used 
for,'' said Banisar, of the*privacy*information center.
    Banisar said law enforcement seeks and gets court permission for fewer 
than 1,000 electronic surveillance cases a year (there were 976 cases in 
1993), but that those include electronic bugs. Banisar said 70 percent of the 
cases concern drugs.
    Banisar notes that in the El Rukn case the gang bought the stolen 
military rocket in an FBI sting.
    Clipper's critics concede that police may fail to solve some cases if 
strong encryption is widely available.
    ''I am willing to accept that law enforcement will be hamstrung. You're 
giving up some safety in exchange for personal freedom,'' said cryptographer 
Schneier. He said strong encryption protects ''both terrorists and Chinese 
dissidents.''
    Daniel J. Weitzner, senior staff counsel of the Electronic Frontier 
Foundation, said the government certainly has the right to wiretap - but 
''nowhere does it say that law enforcement is entitled to success in every 
search, which is what (Clipper) is saying.''
    Clipper's opponents say it's ineffective for a variety of reasons. 
Because its use is voluntary, they say, crooks can easily use some other kind 
of encryption.
    ''What criminal's dumb enough to go to Radio Shack to buy an encrypting 
device that says 'FBI approved' stamped on the package?'' Weitzner asks.
    That's not the point, say Clipper's defenders. They say the Clipper 
program will ensure at least that the biggest-selling form of encryption can 
be cracked. And, they add, crooks are often really dumb, pointing to 
lawbreakers who leave fingerprints, make calls from their home phones and -  
in the World Trade Center bombing - tried to get back a deposit on the rented 
truck that carried the bomb.
    Allowing non-Clipper systems also seems to undercut any value Clipper has.
    ''It's doubtful that foreign buyers, especially foreign governments, will 
want an encryption system (if) . . . the U.S. government holds and has access 
to the keys,'' said Nanette DiTosto, manager of telecommunications for the 
U.S. Council for International Business.
    She said multinational companies might have to buy two encryption systems 
- one to deal with the U.S. government and another to deal with customers and 
governments overseas.
    Clipper's defenders brush aside many of the protests and focus instead on 
the ramifications of a world without Clipper. Dorothy E. Denning, chairman of 
the computer-science department at Georgetown University and a supporter of 
the Clipper plan, said such a world would be like ''highways without traffic 
lights and people without driver's licenses.'' She said the public was far 
more concerned with crime than*privacy.*
    Weitzner says the government's effort is tantamount to trying to suppress 
a language. ''Can the government ban a language it doesn't understand?'' asks 
Weitzner. ''If there are only two people left in the world who speak Navajo, 
can the government ban them from using the language?''
 GRAPHICS: PHOTO (3)
  1. (Uncaptioned) Clipper chip
  2. Analyst Dave Banisar of the Electronic*Privacy*Information Center said 
law enforcement wants ''to have their fingers in a lot of pies.'' (The 
Philadelphia Inquirer / MICHAEL MALLY)
  3. Daniel J. Weitzner of the Electronic Frontier Foundation says the 
government's Clipper effort is like trying to suppress a language. DIAGRAM (2)
  1-2. The Clipper Chip Controversy: How it works; Government Access (SOURCE: 
Mykotronx Inc., Federal agencies; The Philadelphia Inquirer / CRISTINA RIVERO)
 KEYWORDS: US GOVERNMENT COMPUTER COMMUNICATIONS SCIENCE AND 
TECHNOLOGY*PRIVACY* RIGHT
END OF DOCUMENT.







Thread