TUCoPS :: Privacy :: priv_214.txt

Privacy Digest 2.14 4/22/93

PRIVACY Forum Digest     Thursday, 22 April 1993     Volume 02 :
Issue 14

          Moderated by Lauren Weinstein (lauren@vortex.com)
                Vortex Technology, Topanga, CA, U.S.A.
                     ===== PRIVACY FORUM =====

       The PRIVACY Forum digest is supported in part by the 
           ACM Committee on Computers and Public Policy.

     Thoughts on Clipper (Lauren Weinstein; PRIVACY Forum
     The Clipper Chip: A Technical Summary (Dorothy Denning)
     Slide presented at White House briefing on Clipper Chip
        (Clipper Chip Announcement) 
     Clipper Chip questions (John R. Levine)
     Clipper Chip Encryption (Bob Leone)
     Clipper Chip Announcement (F.Baube[tm])
     Clipper Chips (USC ?) (A. Padgett Peterson)
     Re: Which countries outlaw encryption? (Tom Zmudzinski)
     Clipper announcement and asset seizure (Steve Piehler)
     Re: Clipper Key announcement (Chuck Stern)
     Clipper and Who Holds Crypto Keys (Lance J. Hoffman)

 *** Please include a RELEVANT "Subject:" line on all submissions!
            *** Submissions without them may be ignored! ***

The PRIVACY Forum is a moderated digest for the discussion and
analysis of
issues relating to the general topic of privacy (both personal and
collective) in the "information age" of the 1990's and beyond.  The
moderator will choose submissions for inclusion based on their
relevance and
content.  Submissions will not be routinely acknowledged.

ALL submissions should be addressed to "privacy@vortex.com" and
must have
RELEVANT "Subject:" lines.  Submissions without appropriate and
"Subject:" lines may be ignored.  Subscriptions are by an automatic
"listserv" system; for subscription information, please send a
consisting of the word "help" (quotes not included) in the BODY of
a message
to: "privacy-request@vortex.com".  Mailing list problems should be
reported to "list-maint@vortex.com".  All submissions included in
digest represent the views of the individual authors and all
will be considered to be distributable without limitations. 

The PRIVACY Forum archive, including all issues of the digest and
related materials, is available via anonymous FTP from site
in the "/privacy" directory.  Use the FTP login "ftp" or
"anonymous", and
enter your e-mail address as the password.  The typical "README"
and "INDEX"
files are available to guide you through the files available for
access.  PRIVACY Forum materials may also be obtained automatically
e-mail through the listserv system.  Please follow the instructions
for getting the listserv "help" information, which includes details
regarding the "index" and "get" listserv commands, which are used
to access
the PRIVACY Forum archive.  All PRIVACY Forum materials are also
available through the Internet Gopher system via a gopher server on
site "gopher.vortex.com".

For information regarding the availability of this digest via FAX,
send an inquiry to privacy-fax@vortex.com, call (310) 455-9300, or
to (310) 455-2364.


   Quote for the day:

     "Don't panic."

          -- "Hitch Hiker's Guide to the Galaxy", preface (1979)
              Douglas Adams (1952- )

Date:    Thu, 22 Apr 93 10:53 PDT
From:    lauren@vortex.com (Lauren Weinstein; PRIVACY Forum
Subject: Thoughts on Clipper

Greetings.  Well, as you might imagine, considerable mail has been
into PRIVACY Forum regarding the Clipper chip announcement and
materials.  A number of persons have asked me for my thoughts
regarding the
announcement and its possible implications for privacy-related
issues.  What
follows is purely my individual, personal opinion.  I apologize in
for its length.

I'm not a cryptography expert.  I'm not the right person to judge
algorithmic strengths or weaknesses of a given encryption system. 
It is
possible that a "team of experts" may determine that the Clipper
chip is a
powerful encryption mechanism, free (as far as can be determined)
significant algorithmic weaknesses which would impact its
usefulness for the
classes of applications and level of security for which it is

It could be argued that proper analysis of such a cryptographic
system could
only be conducted in an "open" environment, and that many
experts may be unwilling to participate in a "classified" analysis
either out
of general principles or concerns about possible impacts on their
ability to publish other cryptographic works.  However, those are
not the
points that directly impact privacy, and I'll leave them for others
explore.  For the sake of the argument, let's assume Clipper uses
a strong
algorithm, free from surprise "back-doors" or other weaknesses.

The privacy concerns regarding Clipper focus directly on its
aspects and the implications of a cryptographic system specifically
to allow access by third parties to "private" communications. 

If Clipper remains purely a choice to be freely accepted or
rejected by the
marketplace, and individual users, the primary question revolves
whether or not potential users of the system are fully informed
all aspects of the system (including both the relative strength of
algorithm itself and the existence of the key-escrow mechanism) and
to use the system after being so informed.  To the extent that
choose to use the system in mass-market products, the ability of
users to
select other systems may be impacted, but that's an issue that
market forces
can help rectify.

There's a more ominous potential problem, however.  Reading
"between the
lines" of the Clipper announcement, at least the possibility of
legislation being proposed to ban powerful non-key-escrow systems
quite real.  If such legislation became law, the negative impact on
privacy rights could be serious.  If such legislation were combined
with the
passage of concepts embodied in the FBI Digital Telephony Proposal,
potential negative impact could be quite dramatic.

Would people put up with being told that from now on they had to
send copies
of their house keys to outside entities who would hold them in case
they were
needed by law enforcement?  Pretty doubtful.  Or would they go
along with
the idea that cameras would be mounted throughout their homes but
would only
be activated under court order?  Not very likely.  We're permitted
to speak
to each other in person using whatever languages (or codes,
presumably) that
we like--even though this could presumably limit the effectiveness
court-ordered bugs on a premises.  We can write letters (or send
using whatever symbolic systems we might wish.  Is there something
significantly different about a phone call which should subject it
completely different privacy rules?  That's a core question in this

Properly authorized wiretaps can of course have significant law
value.  But law enforcement *using* authorized surveillance
techniques is
one thing; *requiring* that technology be designed in such a way as
to make
surveillance simpler (or for that matter, possible in a given
situation) is
something entirely different.

As technology evolves, techniques of law enforcement, like those of
war, are
subject to change.  Centuries ago, a suit of full body armor was
against most of the weapons of the era.  With the introduction of
in Europe, armor rapidly became obsolete--upsetting both the
who had invested heavily in armor and those who made the armor! 
This is an
imperfect analogy of course, but the point is that no particular
can be expected to be equally useful forever, and that attempts to
back" other aspects of technology to "protect" the usefulness of
part are wasteful and usually doomed to ultimate failure.

This is especially true now with computer-oriented technologies,
software-based techniques of immense power are within the grasp of
with a personal computer.  The genie of powerful software-based
systems is out of the bottle--it's doubtful that he can be
forced back in.  

Of course, the more convenient a particular encryption technology
is to use,
the more likely it is to *get* used.  Theoretically "perfect"
systems have
long existed (such as one-time pads) but they have generally been
inconvenient to manage logistically (modern computer technology,
however, is
changing even this). 

Does concern about key-escrow systems imply a distrust of those
organizations or agencies who would be currently holding those
keys?  No,
not necessarily.  But organizations and governments change.  The
entities you trust at one time may abuse their powers later.  Given
access to a Clipper key-escrow pair would give the ability to
decode all
future *and* all previously recorded past transmissions between
units, we're talking about a power that must at least be carefully
scrutinized before being handed over.

Perhaps this is all largely academic.  Maybe there's not going to
any push for the limitation or banning of powerful non-key-escrow 
encryption systems.  In that case, this has all been an interesting
intellectual exercise.  But since the crystal ball is unclear,
it is to our benefits to carefully consider all the aspects of
technologies now, before they become widely entrenched.

One final point.  I've heard considerable numbers of persons
referring to
Clipper as a "Clinton" plan.  I think it's fairly clear that
Clipper must
have been in development for years, going back for at least one
and perhaps even farther.  It seems likely that the Clinton
was presented with an essentially complete program, and made the 
announcement based on the briefings and information made available
them at that time.

Since the project apparently proceeded with only very limited input
from the
outside cryptography or computer science communities, it seems
likely that the
Clinton administration may not have heard a range of viewpoints
the technology and its implications before the announcement.  The
release announcing Clipper said that there is a desire to enter
into a
dialogue regarding these technologies.  So if you have opinions
Clipper or similar systems, either positive or negative, I'd urge
you to
make them known, in writing, to the administration and to other
representatives as you see fit.



Date: Wed, 21 Apr 93 19:21:48 EDT
From: denning@cs.cosc.georgetown.edu (Dorothy Denning)

     [ This item was extracted from the RISKS digest. -- MODERATOR

                               Dorothy Denning
                           Revised, April 21, 1993


On April 16, the President announced a new initiative that will
together the Federal Government and industry in a voluntary program
to provide secure communications while meeting the legitimate needs
law enforcement.  At the heart of the plan is a new tamper-proof
chip called the "Clipper Chip" together with a split-key approach
escrowing keys.  Two escrow agencies are used, and the key parts
both are needed to reconstruct a key.


The Clipper Chip contains a classified single-key 64-bit block
encryption algorithm called "Skipjack."  The algorithm uses 80 bit
(compared with 56 for the DES) and has 32 rounds of scrambling
(compared with 16 for the DES).  It supports all 4 DES modes of
operation.  The algorithm takes 32 clock ticks, and in Electronic
Codebook (ECB) mode runs at 12 Mbits per second.

Each chip includes the following components:

   the Skipjack encryption algorithm
   F, an 80-bit family key that is common to all chips
   N, a 30-bit serial number (this length is subject to change)
   U, an 80-bit secret key that unlocks all messages encrypted with
the chip

The chips are programmed by Mykotronx, Inc., which calls them the
"MYK-78."  The silicon is supplied by VLSI Technology Inc.  They
implemented in 1 micron technology and will initially sell for
$30 each in quantities of 10,000 or more.  The price should drop as
technology is shrunk to .8 micron.


To see how the chip is used, imagine that it is embedded in the
telephone security device (as it will be).  Suppose I call someone
we both have such a device.  After pushing a button to start a
conversation, my security device will negotiate an 80-bit session
key K
with the device at the other end.  This key negotiation takes place
without the Clipper Chip.  In general, any method of key exchange
be used such as the Diffie-Hellman public-key distribution method.

Once the session key K is established, the Clipper Chip is used to
encrypt the conversation or message stream M (digitized voice). 
telephone security device feeds K and M into the chip to produce

   E[M; K], the encrypted message stream, and 
   E[E[K; U] + N; F], a law enforcement field , 

which are transmitted over the telephone line.  The law enforcement
field thus contains the session key K encrypted under the unit key
concatenated with the serial number N, all encrypted under the
key F.  The law enforcement field is decrypted by law enforcement
an authorized wiretap has been installed.

The ciphertext E[M; K] is decrypted by the receiver's device using
session key:

   D[E[M; K]; K] = M .


All Clipper Chips are programmed inside a SCIF (Secure
Information Facility), which is essentially a vault.  The SCIF
a laptop computer and equipment to program the chips.  About 300
are programmed during a single session.  The SCIF is located at

At the beginning of a session, a trusted agent from each of the two
escrow agencies enters the vault.  Agent 1 enters a secret, random
80-bit value S1 into the laptop and agent 2 enters a secret, random
80-bit value S2. These random values serve as seeds to generate
keys for a sequence of serial numbers.  Thus, the unit keys are a
function of 160 secret, random bits, where each agent knows only
To generate the unit key for a serial number N, the 30-bit value N
first padded with a fixed 34-bit block to produce a 64-bit block
S1 and S2 are then used as keys to triple-encrypt N1, producing a
64-bit block R1:

        R1 = E[D[E[N1; S1]; S2]; S1] .

Similarly, N is padded with two other 34-bit blocks to produce N2
N3, and two additional 64-bit blocks R2 and R3 are computed:  

        R2 = E[D[E[N2; S1]; S2]; S1] 
        R3 = E[D[E[N3; S1]; S2]; S1] .

R1, R2, and R3 are then concatenated together, giving 192 bits. The
first 80 bits are assigned to U1 and the second 80 bits to U2.  The
rest are discarded.  The unit key U is the XOR of U1 and U2.  U1
and U2
are the key parts that are separately escrowed with the two escrow

As a sequence of values for U1, U2, and U are generated, they are
written onto three separate floppy disks.  The first disk contains
file for each serial number that contains the corresponding key
U1.  The second disk is similar but contains the U2 values.  The
disk contains the unit keys U.  Agent 1 takes the first disk and
2 takes the second disk.  Thus each agent walks away knowing
an 80-bit seed and the 80-bit key parts.  However, the agent does
know the other 80 bits used to generate the keys or the other
key parts.  

The third disk is used to program the chips.  After the chips are
programmed, all information is discarded from the vault and the
leave.  The laptop may be destroyed for additional assurance that
information is left behind.
The protocol may be changed slightly so that four people are in the
room instead of two.  The first two would provide the seeds S1 and
and the second two (the escrow agents) would take the disks back to
the escrow agencies. 

The escrow agencies have as yet to be determined, but they will not
be the NSA, CIA, FBI, or any other law enforcement agency.  One or
both may be independent from the government.


When law enforcement has been authorized to tap an encrypted line,
will first take the warrant to the service provider in order to get
access to the communications line.  Let us assume that the tap is
place and that they have determined that the line is encrypted with
Clipper Chip.  The law enforcement field is first decrypted with
family key F, giving E[K; U] + N.  Documentation certifying that a
has been authorized for the party associated with serial number N
then sent (e.g., via secure FAX) to each of the key escrow agents,
return (e.g., also via secure FAX) U1 and U2.  U1 and U2 are XORed
together to produce the unit key U, and E[K; U] is decrypted to get
session key K.  Finally the message stream is decrypted.  All this
be accomplished through a special black box decoder.


A successor to the Clipper Chip, called "Capstone" by the
and "MYK-80" by Mykotronx, has already been developed.  It will
the Skipjack algorithm, the Digital Signature Standard (DSS), the
Secure Hash Algorithm (SHA), a method of key exchange, a fast
exponentiator, and a randomizer.  A prototoype will be available
testing on April 22, and the chips are expected to be ready for
delivery in June or July.

information provided by NSA, NIST, FBI, and Mykotronx.  Permission
distribute this document is granted.


Date:    Mon, 19 Apr 93 9:21:53 EDT
From:    Clipper Chip Announcement <clipper@first.org>
Subject: Slide presented at White House briefing on Clipper Chip

Note:     The following material was handed out a press briefing on
          Clipper Chip on 4/16.

                              Chip Operation

User's Message      +----------------------+
------------------> |                      |      1.  Message
                    | Encryption Algorithm |          with user's
                    |                      |
                    | Serial #             |      2.  User's key
                    |                      |-->       with chip
unique key
                    | Chip Unique Key      |
User's Encryption   |                      |      3.  Serial #
Key                 | Chip Family Key      |          with chip
family key
------------------> |                      |
                    |                      |


              For Law Enforcement to Read a Suspect's Message

1.  Need to obtain court authorized warrant to tap the suspect's

2.  Record encrypted message

3.  Use chip family key to decrypt chip serial number

4.  Take this serial number *and* court order to custodians 
    of disks A and B

5.  Add the A and B components for that serial number = the chip
    unique key for the suspect user

6.  Use this key to decrypt the user's message key for 
    this recorded message

7.  Finally, use this message key to decrypt the recorded message.


Date:    Fri, 16 Apr 93 22:44:32 EDT
From:    John R. Levine <johnl@iecc.cambridge.ma.us>
Subject: Clipper Chip questions

Leaving aside the fundamental bogosity of the proposal, I have some
technical questions:

-- Evidently each chip has its own pair of keys, or else each group
chips does (the latter meaning that the scheme would only be useful
closed networks that only talk to themselves, e.g. ATMs and a
central computer.)  Lacking physical access to the tappee's
equipment, how
do the cops know which pair of keys they need?  Presumably the chip
broadcasts its serial number from time to time.  Hmmn.

-- The Q and A says that they're keeping the algorithm secret to
the security of the key escrow, which is a most peculiar claim. 
The most
plausible reasons I can think of to keep the scheme secret are A)
they use
a new super-duper scheme invented by the NSA and want to keep it
from the
rest of the world, B) they use a known bad scheme and want to shut
up the
people who would point that out, C) they use a technically
scheme but believe in security through obscurity.  I'm completely
in the
dark about what this has to do with the key escrow, though.

-- Is there any precedent for classifying the workings of a device
that is
sold to the public?  My impression is that classification has been
heretofore reserved for information related to the armed services
and to
foreign policy.  If I managed to reverse engineer the device
access to secret information and published my results, would that
any laws?  (Compare to the Princeton student who developed a
design for an atomic bomb quite legally using non-classified

-- Who is this outfit Mykotronx who is making the chip?  And where
they fabricating it?

John Levine, johnl@iecc.cambridge.ma.us,


Date:    Sat, 17 Apr 1993 13:07:22 -0400
From:    Bob Leone <leone@gandalf.ssw.com>
Subject: clipper chip encryption

regarding use of "clipper" chip to encrypt telephone transmissions
(but not
in such a way as to stop the feds from snooping when they so

This is one of the silliest ideas to come out of Washington in a
long while.
"Terrorists, drug dealers, and other criminals" will not bother
using the
system. With the advent of cheap-but-powerful notebook computers,
with integrated modems, voice digitization, etc, very soon it will
possible for anyone desiring secure communication (secure even from
to have a laptop which will digitize, encrypt, and digitally
his voice to another laptop (which would do the inverse
Given the rate of technological advance, and the rate that
technology is being incorporated in PCs, I would expect that
technology will be deployed much sooner than the clipper chip will

Does the govt really believe that drug dealers doing a
business will be unable to easily afford defeating technology? Or
they would communicate using equipment that everyone knows is
tailored for govt monitoring?

Bob Leone


Date:    Sat, 17 Apr 93 22:12:57 EET
From:    flb@flb.optiplan.fi (F.Baube[tm])
Reply-To: baube@optiplan.fi
Subject: Clipper Chip Announcement

Some thoughts on the suitability of the White House proposal for
the stated ends, and a possible outcome.

Let us say that I and some correspondents of mine have purchased
abroad one supposes) special-purpose encryption units that
implement an
algorithm not break- able by the authorities.  Let us call these
units PIP,
for Pretty Impregnable Privacy.

I use this PIP unit surreptitiously when communicating with my
correspondents.  I have prudently also purchased a
Clipper unit, so that I can of course communicate with other normal
units, but *also* so that a "casual eavesdropper" would detect
nothing amiss
on my line: since I possess said Clipper unit, one of course
*expects* my
communications to be encrypted.

If the government holds true to its word, not assembling the key
except with
a court's permission, then under ordinary circumstances, no-one in
enforcement need know that I sometimes use this special PIP unit. 
using the completed Clipper key, the authorities cannot distin-
guish a data
stream generated by my PIP unit from a data stream generated by my
legal Clipper unit.

The poser comes if it should come to pass that law enforce- ment
does obtain
a warrant, assembles the key halves, and finds they cannot decrypt
communications.  What do they do now ?

IF the law states that ownership and use of superior encryption is
illegal, then do they have grounds to raid my premises and
confiscate my
PIP unit, along with anything else that supports their
investigation ?
Because if they cannot simply raid my premises, and instead must go
less intru- sive procedures to stop my using my PIP unit, then of
course I
*know* I am under surveillance; *if* I have been using it for
purposes, I can act accordingly, to avoid being "caught with the

Whereas on the other hand, if use of superior encryption equipment
is NOT
prohibited, its use might well become wide spread.  Consider: if
super-crypto is outlawed, only outlaws will have super-crypto; but
if it is
legal and affordable, and purched by any American valuing his or
privacy, this will over time severely dent the authorities' ability
conduct wiretap surveillance.

This argument would seem to point inexorably towards prohi bition
of the use
of superior encryption, and a government right of search and
seizure if its
use is detected.  But to restate: if I and my correspondents do use
anyways, for whatever reasons known only to us (we're not telling
!), then
does this make us subject to search and seizure on these grounds
possession of a particular technical capability whose main effect
is to
enhance our privacy ?  Am I to be an outlaw, merely for having
outlaw-quality crypto ?

With PIP in my den, I and my correspondents, perhaps acti- vists
for a
liberal cause out of favor with the authorities, have fewer fears
of being
the target of a COINTELPRO-style program.  Nor need we fear
development of
Clipper-cracking technology by other parties.  And when the
technology comes
into being for real-time comprehension of the spoken word, I do not
need to
worry about having the contents of my every phone call added to a
data bank
somewhere, no matter what the prevailing political mood is, and no
what degree of lawbreaking there is by the guardians of the law.  

And there certainly seems to have been plenty of *that* in the last
25 years.

* Fred Baube (tm)         *  In times of intellectual ferment,
* baube@optiplan.fi       * advantage to him with the intellect
* #include <disclaimer.h> * most fermented !
* May '68, Paris: It's Retrospective Time !!  


Date:    Sun, 18 Apr 93 09:44:41 -0400
From:    padgett@tccslr.dnet.mmc.com (A. Padgett Peterson)
Subject: Clipper Chips (USC ?)

Clipper Chip (shades of 1812 - first Mil-Std-1815 and now this 8*)

As you may know, for some years I have been pushing for a
based encryption system for session as well as password encryption
& this
IMHO answers many questions posed by the CC.

I suspect from the wording is that the prime use of the "Baltimore
will be for cellular telephony. Already there is enormous pressure,
primarily resulting from the very high levels of toll faud, to
cellular phone communications. Today you have essentially three
in cell phone use: a) don't, b) in the clear, or c) STU-III. This
provide a fourth choice. In this case the double key is acceptable
does raise the question of how well are the telco's going to
protect them ?
(no more roaming ?)

The field of digital computer communications is as different as Jib
Genoa - the concept is the same but the requirements are entirely

1: Instead of having to reveal the keys to a single telco, it will
have to
   be revealed to multiple sites (single sign-on will help but not
   the problem).

2: If the key is lost, does the device become worthless ? If field
   programmable, what will stop someone from doing so ? The
   would not find out until they obtained the court order & the
keys and
   found that they still could not decrypt it. Then what ?

Since I have been thinking about this for quite some time, I do
have some
thoughts however since the government chose not to ask, I doubt
that they
could be incorporated into the existing Clipper. However I would
like to
present them for your consideration:

a) Each Clipper II is programmed with a subset of a very complex
code: say of
   a key and algorithm matrix (the two pieces) capable of 2^112
   each chip uses a subset capable of 2^20 (1 million)
combinations, each of
   more than DES strength (I know, these are big numbers but
computers are 
   good at that & this is just for thought - actual numbers could
be firmed 
   up later.

b) A program is included that will pick a unique key/algorithm
   for each communications path. With a million possible
combinations, it
   is doubtful that anyone would run out.

c) Since the GOV would have the full key/algorithm set for that
   decoding would merely be a matter of a 2^20 search, a few
seconds & made
   simpler if the initial handshake & synch were defined. To a
holder of a
   single key, the set of required searches would be much larger
(2^112 or
   double DES). If a key is disclosed, that using pair simply
selects a
   different one without having to change the others.

Thoughts ? To me the biggest problem is: How would two Clipper
Chips, one
on each end be able to interpret each other - would you use two
pairs, one for each direction ? The chip might be built with a
send and a programmable receive. Still simple, just several

For that matter, it might be possible for each transmission use a 
combination of the keyset used at *both ends*. Either would provide
additional protection in that a wiretap order would apply only
to specific sites/conversations and would need both keys. More food



Date:    Mon, 19 Apr 93 10:06:38 EDT
From:    Tom Zmudzinski <zmudzint@CC.ims.disa.mil>
Subject: Re: Which countries outlaw encryption? [Privacy #13]

  So spake: "Dave Bakken" <bakken@cs.arizona.edu> 16 Apr 1993 14:51

>   Friday's announcement about the new Clipper Chip
>   mentioned in passing that some countries have effectively
>   outlawed encryption.  Where can one find a list of such
>   or a paper discussing this?  Thanks!

  I can share only partial information (but I do have it on the
  authority -- personal experience):  FRANCE and ENGLAND do not
  private use of encryption (specific details vary -- this is
  Can anyone else add to the list?


  Copyright (c) 1993 by Thomas E. Zmudzinski.  All Rights Reserved.
  Permission granted to PRIVACY FORUM for posting, and ELECTRONIC
  is permitted in its ENTIRETY, with this notice intact.  Printed
  copy may only be made for personal (non-profit) use.  The author
  all rights to the material herein.  Otherwise bad karma may


Date:    Mon, 19 Apr 93 13:28:56 EDT
From:    sep24@cas.org (Steve Piehler)
Subject: Clipper announcement and asset seizure

The Public Encryption Management Fact Sheet contains this tidbit:

> [paragraph deleted]
> The Attorney General will procure and utilize encryption devices
> the extent needed to preserve the government's ability to conduct
> lawful electronic surveillance and to fulfill the need for secure
> law enforcement communications.  Further, the Attorney General
> shall utilize funds from the Department of Justice Asset
> Super Surplus Fund to effect this purchase.

Is this Asset Forteiture Super Surplus Fund the place where, for
example, cash
seized in drug busts goes?  After reading several horror stories of
assets being
seized with no charges filed and speculation that some busts occur
mainly to
acquire cash and property, I hope this Clipper announcement does
not give law
enforcement officials more incentive to conduct raids. 
(Administrator to field
officers:  "We need a secure phone.  Who can we bust that will have
$199.95 on


Date:    Tue, 20 Apr 1993 10:41:47 -0400
From:    cstern@novus.com (Chuck Stern)
Subject: Re: Clipper Key announcement

>Subject: text of White House announcement and Q&As on clipper chip

[ the MODERATOR sez: ]
>     A few general thoughts do seem appropriate, though.  There
>     clearly several different aspects of this announcement that
>     need to be carefuly considered.  
>     Another aspect revolves around how this technology and its
>     would relate to current and future wiretap law and the actual
>     interception of communications, regardless of whether or not
>     intercepted data were immediately decoded.
>     Finally, there's the whole issue of "public trust" as it
>     relates to the concept of the proposed "key escrow" system
>     the conditions under which those split keys would be
>     and utilized.

A debate here is whether such a system will maintain the status quo
wiretaps and electronic surveillance.  I think that this scheme
will do so
(although I'm leery of the NSA proposing something for use by

The question is whether the status quo effectively guarantees a
rights against unauthorized or illegal surveillance by the

The numbers (of authorized wiretaps) are not the telling part of
statistics.  If I remember correctly, the various units of local
and federal
government have gotten on the order of 2 000 wiretap authorizations
over the
past year.  This is a vanishingly small number as a percentage of
telephone and data circuits in the US system.  The danger is not
authorized wiretaps, but from unauthorized ones.

The FBI, especially under Hoover, conducted unauthorized wiretaps
on citizens
of the US, not because of suspected criminal behavior, but because
of their
political beliefs.  Because of the revelations about these wiretaps
(and the
death of Hoover), the FBI had been put on somewhat of a shorter

At the risk of sounding like Chicken Little (for non-US readers,
Little was hit on the head by an acorn but created a Crisis in
Farmland by
saying that the "sky is falling") (where was I? oh yes) our civil
are quickly being eroded by the current court's contraction of the
exclusionary rule.  The exclusionary rule says in short that any
that is gained as a direct result of illegal conduct by the police
cannot be
considered as evidence in a criminal proceeding.  This had been
expanded to
the "fruit of a poisoned tree" doctrine: for example, the evidence
via a legally obtained search warrant, if the 'probable cause' for
the search
warrant was obtained via an illegal wiretap, should be excluded. 
Under the
current court, however, the exclusionary rule has been relaxed: if
the police
were 'acting in good faith,' then the evidence obtained via an
illegally or
improperly executed search warrant (for example) is admissable.

All of this leads me to my conclusion that the given the current
court makeup
and the "War on Drugs", the current wiretap laws do not offer
guarantees of our civil rights to justify maintaining the status
quo.  With
that, I come to the further conclusion that a key that is
breakable, or one
whose constituent parts are held by two different governmental
agencies, does
nothing except further the government's encroachment into our

I am not proposing that we hamper law enforcement agencies from
doing their
legitimate jobs of 1) upholding the law of the land and 2)
citizens from having their rights trampled by other citizens.  I am
that we make it harder for agencies of the government to illegally
information on its citizens.  I do not trust the government to not
expand its
power to, ultimately, pass a law that will make useless
encryption schemes, and I think that this split-key proposal is the
step in this direction.

     Chuck Stern


Date:    Wed, 21 Apr 93 16:54:14 EDT
From:    "Lance J. Hoffman" <hoffman@seas.gwu.edu>
Subject: Clipper and Who Holds Crypto Keys

In the light of the recent Clipper announcement, forum readers may
to revisit the discussions of "Who Holds the Keys?".  A good place
start, in addition to some of the material in CACM of March 1993
relates mainly to the FBI's digital telephony initiative), is
of the 2nd Conference on Computers, Freedom, and Privacy (order no.
from ACM Press, 1515 Broadway, New York NY 10036.  The same
discussion is
available on audiotape from Audio Archives International, 800
747-8069 and
on videotape from Sweet Pea Productions, 800 235-4922

Professor Lance J. Hoffman
Department of Electrical Engineering and Computer Science
The George Washington University
Washington, D. C. 20052

(202) 994-4955
fax: (202) 994-0227


End of PRIVACY Forum Digest 02.14

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2023 AOH