TUCoPS :: Crypto :: clipper.txt

Info on the "Clipper" encryption chip

Message #49: White House Announcement on Clipper encryption chip

Ctrl-S to Stop/Ctrl-Q to Restart.
[=--=--=--=--=--=--=--=--=--=--=--=--=]

Msg Left By: WILLY ELECTRIX
Date Posted: Tue Apr 20 00:47:24 1993

Newsgroups: sci.crypt
From: clipper@csrc.ncsl.nist.gov (Clipper Chip Announcement)
Subject: text of White House announcement and Q&As on clipper chip encryption
Message-ID: <C5L17v.GH5@dove.nist.gov>
Sender: news@dove.nist.gov
Organization: National Institute of Standards & Technology
Distribution: na
Date: Fri, 16 Apr 1993 15:19:06 GMT
Lines: 282
 
 
Note:  This file will also be available via anonymous file
transfer from csrc.ncsl.nist.gov in directory /pub/nistnews and
via the NIST Computer Security BBS at 301-948-5717.
     ---------------------------------------------------
 
                         THE WHITE HOUSE
 
                  Office of the Press Secretary
 
_________________________________________________________________
 
For Immediate Release                           April 16, 1993
 
 
                STATEMENT BY THE PRESS SECRETARY
 
 
The President today announced a new initiative that will bring
the Federal Government together with industry in a voluntary
program to improve the security and privacy of telephone
communications while meeting the legitimate needs of law
enforcement.
 
The initiative will involve the creation of new products to
accelerate the development and use of advanced and secure
telecommunications networks and wireless communications links.
 
For too long there has been little or no dialogue between our
private sector and the law enforcement community to resolve the
tension between economic vitality and the real challenges of
protecting Americans.  Rather than use technology to accommodate
the sometimes competing interests of economic growth, privacy and
law enforcement, previous policies have pitted government against
industry and the rights of privacy against law enforcement.
 
Sophisticated encryption technology has been used for years to
protect electronic funds transfer.  It is now being used to
protect electronic mail and computer files.  While encryption
technology can help Americans protect business secrets and the
unauthorized release of personal information, it also can be used
by terrorists, drug dealers, and other criminals.
 
A state-of-the-art microcircuit called the "Clipper Chip" has
been developed by government engineers.  The chip represents a
new approach to encryption technology.  It can be used in new,
relatively inexpensive encryption devices that can be attached to
an ordinary telephone.  It scrambles telephone communications
using an encryption algorithm that is more powerful than many in
commercial use today.
 
This new technology will help companies protect proprietary
information, protect the privacy of personal phone conversations
and prevent unauthorized release of data transmitted
electronically.  At the same time this technology preserves the
ability of federal, state and local law enforcement agencies to
intercept lawfully the phone conversations of criminals. 
 
A "key-escrow" system will be established to ensure that the
"Clipper Chip" is used to protect the privacy of law-abiding
Americans.  Each device containing the chip will have two unique
 
 
                                2
 
 
"keys," numbers that will be needed by authorized government
agencies to decode messages encoded by the device.  When the
device is manufactured, the two keys will be deposited separately
in two "key-escrow" data bases that will be established by the
Attorney General.  Access to these keys will be limited to
government officials with legal authorization to conduct a
wiretap.
 
The "Clipper Chip" technology provides law enforcement with no
new authorities to access the content of the private
conversations of Americans.
 
To demonstrate the effectiveness of this new technology, the
Attorney General will soon purchase several thousand of the new
devices.  In addition, respected experts from outside the
government will be offered access to the confidential details of
the algorithm to assess its capabilities and publicly report
their findings.
 
The chip is an important step in addressing the problem of
encryption's dual-edge sword:  encryption helps to protect the
privacy of individuals and industry, but it also can shield
criminals and terrorists.  We need the "Clipper Chip" and other
approaches that can both provide law-abiding citizens with access
to the encryption they need and prevent criminals from using it
to hide their illegal activities.  In order to assess technology
trends and explore new approaches (like the key-escrow system),
the President has directed government agencies to develop a
comprehensive policy on encryption that accommodates:
 
     --   the privacy of our citizens, including the need to
          employ voice or data encryption for business purposes;
 
     --   the ability of authorized officials to access telephone
          calls and data, under proper court or other legal
          order, when necessary to protect our citizens;
 
     --   the effective and timely use of the most modern
          technology to build the National Information
          Infrastructure needed to promote economic growth and
          the competitiveness of American industry in the global
          marketplace; and 
 
     --   the need of U.S. companies to manufacture and export
          high technology products.
 
The President has directed early and frequent consultations with
affected industries, the Congress and groups that advocate the
privacy rights of individuals as policy options are developed.
 
 
 
                                3
 
The Administration is committed to working with the private
sector to spur the development of a National Information
Infrastructure which will use new telecommunications and computer
technologies to give Americans unprecedented access to
information.  This infrastructure of high-speed networks
("information superhighways") will transmit video, images, HDTV
programming, and huge data files as easily as today's telephone
system transmits voice.
 
Since encryption technology will play an increasingly important
role in that infrastructure, the Federal Government must act
quickly to develop consistent, comprehensive policies regarding
its use.  The Administration is committed to policies that
protect all Americans' right to privacy while also protecting
them from those who break the law.
 
Further information is provided in an accompanying fact sheet. 
The provisions of the President's directive to acquire the new
encryption technology are also available.  
 
For additional details, call Mat Heyman, National Institute of
Standards and Technology, (301) 975-2758.
 
---------------------------------
 
 
QUESTIONS AND ANSWERS ABOUT THE CLINTON ADMINISTRATION'S
TELECOMMUNICATIONS INITIATIVE
 
 
 
 
Q:   Does this approach expand the authority of government
     agencies to listen in on phone conversations?
 
A:   No.  "Clipper Chip" technology provides law enforcement with
     no new authorities to access the content of the private
     conversations of Americans.
 
Q:   Suppose a law enforcement agency is conducting a wiretap on
     a drug smuggling ring and intercepts a conversation
     encrypted using the device.  What would they have to do to
     decipher the message?
 
A:   They would have to obtain legal authorization, normally a
     court order, to do the wiretap in the first place.  They
     would then present documentation of this authorization to
     the two entities responsible for safeguarding the keys and
     obtain the keys for the device being used by the drug
     smugglers.  The key is split into two parts, which are
     stored separately in order to ensure the security of the key
     escrow system.
 
Q:   Who will run the key-escrow data banks?
 
A:   The two key-escrow data banks will be run by two independent
     entities.  At this point, the Department of Justice and the
     Administration have yet to determine which agencies will
     oversee the key-escrow data banks.
 
Q:   How strong is the security in the device?  How can I be sure
     how strong the security is?  
 
A:   This system is more secure than many other voice encryption
     systems readily available today.  While the algorithm will
     remain classified to protect the security of the key escrow
     system, we are willing to invite an independent panel of
     cryptography experts to evaluate the algorithm to assure all
     potential users that there are no unrecognized
     vulnerabilities.
 
Q:   Whose decision was it to propose this product?
 
A:   The National Security Council, the Justice Department, the
     Commerce Department, and other key agencies were involved in
     this decision.  This approach has been endorsed by the
     President, the Vice President, and appropriate Cabinet
     officials.
 
Q:   Who was consulted?  The Congress?  Industry?
 
A:   We have on-going discussions with Congress and industry on
     encryption issues, and expect those discussions to intensify
     as we carry out our review of encryption policy.  We have
     briefed members of Congress and industry leaders on the
     decisions related to this initiative.
 
Q:   Will the government provide the hardware to manufacturers?
 
A:   The government designed and developed the key access
     encryption microcircuits, but it is not providing the
     microcircuits to product manufacturers.  Product
     manufacturers can acquire the microcircuits from the chip
     manufacturer that produces them.
 
Q:   Who provides the "Clipper Chip"?
 
A:   Mykotronx programs it at their facility in Torrance,
     California, and will sell the chip to encryption device
     manufacturers.  The programming function could be licensed
     to other vendors in the future.
 
Q:   How do I buy one of these encryption devices? 
 
A:   We expect several manufacturers to consider incorporating
     the "Clipper Chip" into their devices.
     
Q:   If the Administration were unable to find a technological
     solution like the one proposed, would the Administration be
     willing to use legal remedies to restrict access to more
     powerful encryption devices?
 
A:   This is a fundamental policy question which will be
     considered during the broad policy review.  The key escrow
     mechanism will provide Americans with an encryption product
     that is more secure, more convenient, and less expensive
     than others readily available today, but it is just one
     piece of what must be the comprehensive approach to
     encryption technology, which the Administration is
     developing.
 
     The Administration is not saying, "since encryption
     threatens the public safety and effective law enforcement,
     we will prohibit it outright" (as some countries have
     effectively done); nor is the U.S. saying that "every
     American, as a matter of right, is entitled to an
     unbreakable commercial encryption product."  There is a
     false "tension" created in the assessment that this issue is
     an "either-or" proposition.  Rather, both concerns can be,
     and in fact are, harmoniously balanced through a reasoned,
     balanced approach such as is proposed with the "Clipper
     Chip" and similar encryption techniques.
 
Q:   What does this decision indicate about how the Clinton
     Administration's policy toward encryption will differ from
     that of the Bush Administration?  
 
A:   It indicates that we understand the importance of encryption
     technology in telecommunications and computing and are
     committed to working with industry and public-interest
     groups to find innovative ways to protect Americans'
     privacy, help businesses to compete, and ensure that law
     enforcement agencies have the tools they need to fight crime
     and terrorism.
 
Q:   Will the devices be exportable?  Will other devices that use
     the government hardware?
 
A:   Voice encryption devices are subject to export control
     requirements.  Case-by-case review for each export is
     required to ensure appropriate use of these devices.  The
     same is true for other encryption devices.  One of the
     attractions of this technology is the protection it can give
     to U.S. companies operating at home and abroad.  With this
     in mind, we expect export licenses will be granted on a
     case-by-case basis for U.S. companies seeking to use these
     devices to secure their own communications abroad.  We plan
     to review the possibility of permitting wider exportability
     of these products.



Message #50: White House "Encryption Fact Sheet"

Ctrl-S to Stop/Ctrl-Q to Restart.
[=--=--=--=--=--=--=--=--=--=--=--=--=]

Msg Left By: WILLY ELECTRIX
Date Posted: Tue Apr 20 00:49:34 1993

Newsgroups: alt.privacy,sci.crypt,alt.security,comp.security.misc,
     comp.org.eff.talk
From: clipper@csrc.ncsl.nist.gov (Clipper Chip Announcement)
Subject: White House Public Encryption Management Fact Sheet
Message-ID: <C5LGAz.250@dove.nist.gov>
Sender: news@dove.nist.gov
Organization: National Institute of Standards & Technology
Distribution: na
Date: Fri, 16 Apr 1993 20:44:58 GMT
Lines: 94
 
 
 
Note:     The following was released by the White House today in
          conjunction with the announcement of the Clipper Chip
          encryption technology.
 
                           FACT SHEET
 
                  PUBLIC ENCRYPTION MANAGEMENT
 
The President has approved a directive on "Public Encryption
Management."  The directive provides for the following:
 
Advanced telecommunications and commercially available encryption
are part of a wave of new computer and communications technology. 
Encryption products scramble information to protect the privacy of
communications and data by preventing unauthorized access. 
Advanced telecommunications systems use digital technology to
rapidly and precisely handle a high volume of communications. 
These advanced telecommunications systems are integral to the
infrastructure needed to ensure economic competitiveness in the
information age.
 
Despite its benefits, new communications technology can also
frustrate lawful government electronic surveillance.  Sophisticated
encryption can have this effect in the United States.  When
exported abroad, it can be used to thwart foreign intelligence
activities critical to our national interests.  In the past, it has
been possible to preserve a government capability to conduct
electronic surveillance in furtherance of legitimate law
enforcement and national security interests, while at the same time
protecting the privacy and civil liberties of all citizens.  As
encryption technology improves, doing so will require new,
innovative approaches.
 
In the area of communications encryption, the U. S. Government has
developed a microcircuit that not only provides privacy through
encryption that is substantially more robust than the current
government standard, but also permits escrowing of the keys needed
to unlock the encryption.  The system for the escrowing of keys
will allow the government to gain access to encrypted information
only with appropriate legal authorization.
 
To assist law enforcement and other government agencies to collect
and decrypt, under legal authority, electronically transmitted
information, I hereby direct the following action to be taken:
 
INSTALLATION OF GOVERNMENT-DEVELOPED MICROCIRCUITS
 
The Attorney General of the United States, or her representative,
shall request manufacturers of communications hardware which
incorporates encryption to install the U.S. government-developed
key-escrow microcircuits in their products.  The fact of law
enforcement access to the escrowed keys will not be concealed from
the American public.  All appropriate steps shall be taken to
ensure that any existing or future versions of the key-escrow
microcircuit are made widely available to U.S. communications
hardware manufacturers, consistent with the need to ensure the
security of the key-escrow system.  In making this decision, I do
not intend to prevent the private sector from developing, or the
government from approving, other microcircuits or algorithms that
are equally effective in assuring both privacy and a secure key-
escrow system.
 
KEY-ESCROW
 
The Attorney General shall make all arrangements with appropriate
entities to hold the keys for the key-escrow microcircuits
installed in communications equipment.  In each case, the key
holder must agree to strict security procedures to prevent
unauthorized release of the keys.  The keys shall be released only
to government agencies that have established their authority to
acquire the content of those communications that have been
encrypted by devices containing the microcircuits.  The Attorney
General shall review for legal sufficiency the procedures by which
an agency establishes its authority to acquire the content of such
communications.
 
PROCUREMENT AND USE OF ENCRYPTION DEVICES
 
The Secretary of Commerce, in consultation with other appropriate
U.S. agencies, shall initiate a process to write standards to
facilitate the procurement and use of encryption devices fitted
with key-escrow microcircuits in federal communications systems
that process sensitive but unclassified information.  I expect this
process to proceed on a schedule that will permit promulgation of
a final standard within six months of this directive. 
 
The Attorney General will procure and utilize encryption devices to
the extent needed to preserve the government's ability to conduct
lawful electronic surveillance and to fulfill the need for secure
law enforcement communications.  Further, the Attorney General
shall utilize funds from the Department of Justice Asset Forfeiture
Super Surplus Fund to effect this purchase.



Message #51: Initial EFF Analysis of Clinton Privacy and Security Proposal

Ctrl-S to Stop/Ctrl-Q to Restart.
[=--=--=--=--=--=--=--=--=--=--=--=--=]

Msg Left By: WILLY ELECTRIX
Date Posted: Tue Apr 20 00:51:46 1993

Newsgroups: sci.crypt
From: kadie@cs.uiuc.edu (Carl M Kadie)
Subject: [EFF] Initial EFF Analysis of Clinton Privacy and Security Proposal
Message-ID: <C5LH1y.LsM@cs.uiuc.edu>
Followup-To: sci.crypt,comp.org.eff.talk
Organization: University of Illinois, Dept. of Comp. Sci., Urbana, IL
Date: Fri, 16 Apr 1993 21:01:10 GMT
Lines: 107
 
[An article from comp.org.eff.news, EFFector Online 5.06 - Carl]
 
                       April 16, 1993
 
      INITIAL EFF ANALYSIS OF CLINTON PRIVACY AND SECURITY  
                           PROPOSAL
 
       The Clinton Administration today made a major announcement 
on cryptography policy which will effect the privacy and security of 
millions of Americans.  The first part of the plan is to begin a 
comprehensive inquiry into major communications privacy issues 
such as export controls which have effectively denied most people 
easy access to robust encryption as well as law enforcement issues 
posed by new technology.
 
       However, EFF is very concerned that the Administration has 
already reached a conclusion on one critical part of the inquiry, before 
any public comment or discussion has been allowed.  Apparently, the 
Administration is going to use its leverage to get all telephone 
equipment vendors to adopt a voice encryption standard developed 
by the National Security Agency. The so-called "Clipper Chip" is an 
80-bit, split key escrowed encryption scheme which will be built into 
chips manufactured by a military contractor.  Two separate escrow 
agents would store users' keys, and be required to turn them over 
law enforcement upon presentation of a valid warrant.  The 
encryption scheme used is to be classified, but they chips will be 
available to any manufacturer for incorporation into their 
communications products.
 
       This proposal raises a number of serious concerns .
 
       First, the Administration appears to be adopting a solution 
before conducting an inquiry.  The NSA-developed Clipper chip may 
not be the most secure product. Other vendors or developers may 
have better schemes. Furthermore, we should not rely on the 
government as the sole source for Clipper or any other chips.  Rather,
independent chip manufacturers should be able to produce chipsets 
based on open standards.
 
       Second, an algorithm can not be trusted unless it can be tested. 
Yet the Administration proposes to keep the chip algorithm 
classified.  EFF believes that any standard adopted ought to be public 
and open.  The public will only have confidence in the security of a 
standard that is open to independent, expert scrutiny.  
 
       Third, while the use of the split-key, dual-escrowed 
system may prove to be a reasonable balance between privacy and 
law enforcement needs, the details of this scheme must be explored 
publicly before it is adopted.  What will give people confidence in the 
safety of their keys?  Does disclosure of keys to a third party waive 
individual's fifth amendment rights in subsequent criminal 
inquiries?  
 
       In sum, the Administration has shown great sensitivity to the 
importance of these issues by planning a comprehensive inquiry into 
digital privacy and security.  However, the "Clipper chip" solution 
ought to be considered as part of the inquiry, not be adopted before 
the discussion even begins.
 
DETAILS OF THE PROPOSAL:
 
ESCROW
 
The 80-bit key will be divided between two escrow agents, each of 
whom hold 40 bits of each key.  Upon presentation of a valid 
warrant, the two escrow agents would have to turn the key parts 
over to law enforcement agents.  Most likely the Attorney General 
will be asked to identify appropriate escrow agents.  Some in the 
Administration have suggested one non-law enforcement federal 
agency, perhaps the Federal Reserve, and one non-governmental 
organization.  But, there is no agreement on the identity of the agents 
yet.
 
Key registration would be done by the manufacturer of the 
communications device.  A key is tied to the device, not to the person 
using it.
 
CLASSIFIED ALGORITHM AND THE POSSIBILITY OF BACK DOORS
 
The Administration claims that there are no back door means by 
which the government or others could break the code without 
securing keys from the escrow agents and that the President will 
be told there are no back doors to this classified algorithm.  In order 
to prove this, Administration sources are interested in arranging for 
an all-star crypto cracker team to come in, under a security 
arrangement, and examine the algorithm for trap doors.  The results 
of the investigation would then be made public.
 
GOVERNMENT AS MARKET DRIVER
 
In order to get a market moving, and to show that the government 
believes in the security of this system, the feds will be the first big 
customers for this product.  Users will include the FBI, Secret Service, 
VP Al Gore, and maybe even the President. 
 
FROM MORE INFORMATION CONTACT:
 
Jerry Berman, Executive Director
Daniel J. Weitzner, Senior Staff Counsel
 
 
 
 
 
-- 
Carl Kadie -- I do not represent any organization; this is just me.
 = kadie@cs.uiuc.edu =



Message #52: CPSR Statement on White House Crypto Plan

Ctrl-S to Stop/Ctrl-Q to Restart.
[=--=--=--=--=--=--=--=--=--=--=--=--=]

Msg Left By: WILLY ELECTRIX
Date Posted: Tue Apr 20 00:53:10 1993

Newsgroups: sci.crypt,alt.privacy,comp.org.eff.talk,alt.security,
     alt.dcom.telecom
From: Dave Banisar <Banisar@washofc.cpsr.org>
Subject: CPSR Statement on White House Crypto Plan
Message-ID: <1993Apr16.214637.28829@eff.org>
X-Xxmessage-Id: <A7F4A1214F01AC81@coolidge.eff.org>
X-Xxdate: Fri, 16 Apr 93 17:45:05 GMT
Sender: usenet@eff.org (NNTP News Poster)
Nntp-Posting-Host: coolidge.eff.org
Organization: CPSR, Civil Liberties and Computing Project
X-Useragent: Nuntius v1.1.1d17
Date: Fri, 16 Apr 1993 21:46:37 GMT
Lines: 60
 
-----------------------------------------------------------
April 16, 1993                                             
Washington, DC
 
               COMPUTER PROFESSIONALS CALL FOR PUBLIC 
           DEBATE ON NEW GOVERNMENT ENCRYPTION INITIATIVE
 
     Computer Professionals for Social Responsibility (CPSR) 
today called for the public disclosure of technical data 
underlying the government's newly-announced "Public Encryption 
Management" initiative.  The new cryptography scheme was 
announced today by the White House and the National Institute 
for Standards and Technology (NIST), which will implement the 
technical specifications of the plan.  A NIST spokesman 
acknowledged that the National Security Agency (NSA), the super-
secret military intelligence agency, had actually developed the 
encryption technology around which the new initiative is built.
 
     According to NIST, the technical specifications and the 
Presidential directive establishing the plan are classified.  To 
open the initiative to public review and debate, CPSR today 
filed a series of Freedom of Information Act (FOIA) requests 
with key agencies, including NSA, NIST, the National Security 
Council and the FBI for information relating to the encryption 
plan.  The CPSR requests are in keeping with the spirit of the 
Computer Security Act, which Congress passed in 1987 in order to 
open the development of non-military computer security standards 
to public scrutiny and to limit NSA's role in the creation of 
such standards.
 
     CPSR previously has questioned the role of NSA in 
developing the so-called "digital signature standard" (DSS), a 
communications authentication technology that NIST proposed for 
government-wide use in 1991.  After CPSR sued NIST in a FOIA 
lawsuit last year, the civilian agency disclosed for the first 
time that NSA had, in fact, developed that security standard.  
NSA is due to file papers in federal court next week justifying 
the classification of records concerning its creation of the 
DSS.
 
     David Sobel, CPSR Legal Counsel, called the 
administration's apparent commitment to the privacy of 
electronic communications, as reflected in today's official 
statement,  "a step in the right direction."  But he questioned 
the propriety of NSA's role in the process and the apparent 
secrecy that has thus far shielded the development process from 
public scrutiny.  "At a time when we are moving towards the 
development of a new information infrastructure, it is vital 
that standards designed to protect personal privacy be 
established openly and with full public participation.  It is 
not appropriate for NSA -- an agency with a long tradition of 
secrecy and opposition to effective civilian cryptography -- to 
play a leading role in the development process." 
 
     CPSR is a national public-interest alliance of computer 
industry professionals dedicated to examining the impact of 
technology on society.   CPSR has 21 chapters in the U.S. and 
maintains offices in Palo Alto, California, Cambridge, 
Massachusetts and Washington, DC.  For additional information on 
CPSR, call (415) 322-3778 or e-mail <cpsr@csli.stanford.edu>.



Message #53: Clipper chip -- technical details (so far)

Ctrl-S to Stop/Ctrl-Q to Restart.
[=--=--=--=--=--=--=--=--=--=--=--=--=]

Msg Left By: WILLY ELECTRIX
Date Posted: Tue Apr 20 00:56:12 1993

Newsgroups: sci.crypt,alt.privacy.clipper
From: smb@research.att.com (Steven Bellovin)
Subject: Clipper chip -- technical details
Message-ID: <1993Apr18.200737.14815@ulysses.att.com>
Date: Sun, 18 Apr 1993 20:07:37 GMT
Organization: AT&T Bell Laboratories
Lines: 121
 
I received the following two notes from Martin Hellman with details
on how Clipper will work.  They are posted with his permission.  The
implications of some details are fascinating.
 
-------
Date: Sat, 17 Apr 93 23:05:23 PDT
From: "Martin Hellman" <hellman@isl.stanford.edu>
To: (a long list of recipients)
Subject: Clipper Chip
 
 
Most of you have seen the announcement in Friday's NY Times,
etc. about NIST (National Institute of Standards & Technology)
announcing the "Clipper Chip" crypto device. Several messges
on the net have asked for more technical details, and some have
been laboring under understandable misunderstandings given
the lack of details in the news  articles. So here to help out
is your friendly NSA link: me. I was somewhat surprised Friday
to get a call from the Agency which supplied many of the missing
details. I was told the info was public, so here it is (the cc of this
to Dennis Branstad at NIST is mostly as a double check on my
facts since I assume he is aware of all this; please let me know
if I have anything wrong):
 
The Clipper Chip will have a secret crypto algorithm embedded in 
Silicon. Each chip will have two secret, 80-bit keys. One will be the 
same for all chips (ie a system-wide key) and the other will be unit 
specific. I don't know what NIST and NSA will call them, but I will 
call them the system key SK and unit key UK in this message. 
The IC will be designed to be extremely difficult to reverse so 
that the system key can be kept secret. (Aside: It is clear that 
they also want to keep the algorithm secret and, in my opinion, 
it may be as much for that as this stated purpose.) The unit key 
will be generated as the XOR of two 80-bit random numbers K1 
and K2 (UK=K1+K2) which will be kept by the two escrow 
authorities. Who these escrow authorities will be is still to be 
decided by the Attorney General, but it was stressed to me that 
they will NOT be NSA or law enforcement agencies, that they 
must be parties acceptable to the users of the system as unbiased. 
When a law enforcement agency gets a court order, they will 
present it to these two escrow authorities and receive K1 and 
K2, thereby allowing access to the unit key UK.
 
In addition to the system key, each user will get to choose his 
or her own key and change it as often as desired. Call this key 
plain old K. When a message is to be sent it will first be 
encrypted under K, then K will be encrypted under the unit key UK, 
and the serial number of the unit added to produce a three part 
message which will then be encrypted under the system key SK 
producing
 
     E{ E[M; K], E[K; UK], serial number;  SK}
 
When a court order obtains K1 and K2, and thence K, the law 
enforcement agency will use SK to decrypt all information 
flowing on the suspected link [Aside: It is my guess that 
they may do this constantly on all links, with or without a 
court order, since it is almost impossible to tell which links 
over which a message will flow.] This gives the agency access to 
 
     E[M; K], E[K; UK], serial number
 
in the above message. They then check the serial number 
of the unit and see if it is on the "watch list" for which they 
have a court order. If so, they will decrypt E[K; UK] to obtain K, 
and then decrypt E[M; K] to obtain M.
 
I am still in the process of assessing this scheme, so please do 
not take the above as any kind of endorsement of the proposed 
scheme. All I am trying to do is help all of us assess the scheme 
more knowledgably. But I will say that the need for just one court 
order worries me. I would feel more comfortable (though not 
necessarily comfortable!) if two separate court orders were 
needed, one per escrow authority. While no explanation is
needed, the following story adds some color: In researching
some ideas that Silvio Micali and I have been kicking around,
I spoke with Gerald Gunther, the constitutional law expert
here at Stanford and he related the following story: When
Edward Levi became Pres. Ford's attorney general (right
after Watergate), he was visited by an FBI agent asking
for "the wiretap authorizations." When Levy asked for
the details so he could review the cases as required by
law, the agent told him that his predecessors just turned
over 40-50 blank, signed forms every time. Levi did not
comply and changed the system, but the lesson is clear: 
No single person or authority should have the power to
authorize wiretaps (or worse yet, divulging of personal
keys). Sometimes he or she will be an Edward Levi
and sometimes a John Mitchell.
 
Martin Hellman
 
----
 
Date: Sun, 18 Apr 93 11:41:42 PDT
From: "Martin Hellman" <hellman@isl.stanford.edu>
To: smb@research.att.com
Subject: Re: Clipper Chip
 
It is fine to post my previous message to sci.crypt 
if you also post this message with it in which:
 
1. I ask recipients to be sparse in their requesting further info 
from me or asking for comments on specific questions. By
this posting I apologize for any messages I am unable to
respond to. (I already spend too much time answering too much
e-mail and am particularly overloaded this week with other
responsibilities.) 
 
2. I note a probably correction sent to me by Dorothy Denning.
She met with the person from NSA that
I talked with by phone, so her understanding is likely to
better than mine on this point: Where I said the transmitted
info is  E{ E[M; K], E[K; UK], serial number;  SK}
she says the message is not double encrypted. The system
key (or family key as she was told it is called) only encrypts
the serial number or the serial number and the encrypted
unit key. This is not a major difference, but I thought it
should be mentioned and thank her for bringing it to
my attention. It makes more sense since it cuts down
on encryption computation overhead.



Message #54: Fighting the Clipper Initiative

Ctrl-S to Stop/Ctrl-Q to Restart.
[=--=--=--=--=--=--=--=--=--=--=--=--=]

Msg Left By: WILLY ELECTRIX
Date Posted: Tue Apr 20 00:57:45 1993

Newsgroups: sci.crypt,alt.security.pgp
From: prz@sage.cgd.ucar.edu (Philip Zimmermann)
Subject: Fighting the Clipper Initiative
Message-ID: <1993Apr19.003710.20736@ncar.ucar.edu>
Summary: Ways to fight it 
Sender: news@ncar.ucar.edu (USENET Maintenance)
Organization: Climate and Global Dynamics Division/NCAR, Boulder, CO
Date: Mon, 19 Apr 1993 00:37:10 GMT
Lines: 71
 
Here are some ideas for those of you who want to oppose the White
House Clipper chip crypto initiative.  I think this is going to be a
tough measure to fight, since the Government has invested a lot of
resources in developing this high-profile initiative.  They are
serious about it now.  It won't be as easy as it was defeating Senate
Bill 266 in 1991.
 
Possible actions to take in response:
 
1)  Mobilize your friends to to all the things on this list, and
more.
 
2)  Work the Press.  Talk with your local newspaper's science and
technology reporter.  Write to your favorite trade rags.  Better yet,
write some articles yourself for your favorite magazines or
newspapers.  Explain why the Clipper chip initiative is a bad idea. 
Remember to tailor it to your audience.  The general public may be
slow to grasp why it's a bad idea, since it seems so technical and
arcane and innocent sounding.  Try not to come across as a flaming
libertarian paranoid extremist, even if you are one. 
 
3)  Lobby Congress.  Write letters and make phone calls to your
Member of Congress in your own district, as well as your two US
Senators.  Many Members of Congress have aides that advise them of
technology issues.  Talk to those aides.
 
4)  Involve your local political parties.  The Libertarian party
would certainly be interested.  There are also libertarian wings of
the Democrat and Republican parties.  The right to privacy has a
surprisingly broad appeal, spanning all parts of the political
spectrum.  We have many natural allies.  The ACLU.  The NRA.  Other
activist groups that may someday find themselves facing a government
that can suppress them much more efficiently if these trends play
themselves out.  But you must articulate our arguments well if you
want to draw in people who are not familiar with these issues.
 
4)  Contribute money to the Electronic Frontier Foundation (EFF) and
Computer Professionals for Social Responsibility (CPSR), assuming
these groups will fight this initiative.  They need money for legal
expenses and lobbying.
 
5)  Mobilize opposition in industry.  Companies that will presumably
develop products that will incorporate the Clipper chip should be
lobbied against it, from within and from without.  If you work for a
telecommunications equipment vendor, first enlist the aid of your
coworkers and fellow engineers against this initiative, and then
present your company's management with a united front of engineering
talent against this initiative.  Write persuasive memos to your
management, with your name and your colleagues' names on it.  Hold
meetings on it.
 
6)  Publicize, deploy and entrench as much guerrilla
techno-monkeywrenching apparatus as you can.  That means PGP,
anonymous mail forwarding systems based on PGP, PGP key servers,
etc.  The widespread availability of this kind of technology might
also be used as an argument that it can't be effectively suppressed
by Government action.  I will also be working to develop new useful
tools for these purposes. 
 
7)  Be prepared to engage in an impending public policy debate on
this topic.  We don't know yet how tough this fight will be, so we
may have to compromise to get most of what we want.  If we can't
outright defeat it, we may have to live with a modified version of
this Clipper chip plan in the end.  So we'd better be prepared to
analyze the Government's plan, and articulate how we want it
modified.
 
 
-Philip Zimmermann

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH