home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
Night Owl 9
/
Night Owl CD-ROM (NOPV9) (Night Owl Publisher) (1993).ISO
/
032a
/
lnn0109.zip
/
LNN1.009
Wrap
Text File
|
1993-06-08
|
59KB
|
1,248 lines
▒▒▄ ▒▒▒▒▒▒▄ ▒▒▒▒▒▒▄ ▒▒▒▒▒▒▄ ▒▒▄ ▒▒▒▄▄ ▒▒▄ ▒▒▒▒▒▒▄ ▒▒▒▒▒▒▄
▒▒█ ▒▒█▀▀▀▀ ▒▒█▀▀▀▀ ▒▒█▀▒▒█ ▒▒█ ▒▒█▒▒█▒▒█ ▒▒█▀▀▀▀ ▀▒▒█▀▀
▒▒█ ▒▒▒▒▒▄ ▒▒█▒▒▒▄ ▒▒▒▒▒▒█ ▒▒█ ▒▒█ ▀▒▒▒█ ▒▒▒▒▒▄ ▒▒█
▒▒█ ▒▒█▀▀▀ ▒▒█ ▒▒█ ▒▒█ ▒▒█ ▒▒█ ▒▒█ ▒▒█ ▒▒█▀▀▀ ▒▒█
▒▒▒▒▒▒▄ ▒▒▒▒▒▒▄ ▒▒▒▒▒▒█ ▒▒█ ▒▒█ ▒▒▒▒▒▒▄ ▒▒█ ▒▒█ ▒▒▒▒▒▒▄ ▒▒█
▀▀▀▀▀▀ ▀▀▀▀▀▀ ▀▀▀▀▀▀ ▀▀ ▀▀ ▀▀▀▀▀▀ ▀▀ ▀▀ ▀▀▀▀▀▀ ▀▀
▒▒▒▄▄ ▒▒▄ ▒▒▒▒▒▒▄ ▒▒▄ ▒▒▄ ▒▒▒▒▒▒▄
▒▒█▒▒█▒▒█ ▒▒█▀▀▀▀ ▒▒█ ▒▒█ ▒▒█▀▀▀▀
▒▒█ ▀▒▒▒█ ▒▒▒▒▒▄ ▒▒█ ▒▒█ ▒▒▒▒▒▒▄
▒▒█ ▒▒█ ▒▒█▀▀▀ ▒▒█▒▒▄▒▒█ ▀▀▀▒▒█
▒▒█ ▒▒█ ▒▒▒▒▒▒▄ ▀▒▒▒▒█▀▀ ▒▒▒▒▒▒█
▀▀ ▀▀ ▀▀▀▀▀▀ ▀▀▀▀ ▀▀▀▀▀▀
Legal Net Newsletter
Volume 1, Issue 9 -- June 8, 1993
Legal Net Newsletter is dedicated to providing information
on the legal issues of computing and networking in the 1990's
and into the future.
The information contained in this newsletter is not to be
misconstrued as a bona fide legal document, nor is it to be taken
as an advocacy forum for topics discussed and presented herein.
The information contained within this newsletter has been
collected from several governmental institutions, computer
professionals and third party sources. Opinion and ideological
excerpts have been collected from many sources with prior approval.
"Legal Net News", "Legal Net Newsletter"
and the Legal Net News logo are
Copyright (c) 1993 Paul Ferguson -- All rights reserved.
This newsletter may be freely copied and distributed in its entirety.
Singular items contained within this newsletter may also be
freely copied and distributed, with the exception of
individual copyrighted items which appear with
the prior approval of the originating author.
Legal Net News can be found at the following locations:
Publicly Accessible BBS's
-------------------------
The SENTRY Net BBS Arlington Software Exchange
Centreville, Virginia USA Arlington, Virginia USA
+1-703-815-3244 +1-703-532-7143
To 9,600 bps To 9,600 bps
The Internet
------------
tstc.edu (161.109.128.2) Directory: /pub/legal-net-news
Login as ANONYMOUS and use your net ID (for example: fergp@sytex.com)
as the password. Or send e-mail to
postmaster@tstc.edu
E-mail submissions, comments and editorials to: fergp@sytex.com
- --
In this issue -
o LNN Topic Coverage -- An Editorial Explanation
o NIST Crypto resolutions
o SPA renews call for liberalizing export controls
o "US Data Decoding Plan Delayed," excerpt from the Washington Post
o "Fed officials pan ban of old encryption specs," excerpt from
ComputerWorld
o Issues and Questions concerning the Clipper Chip proposal
o "IS managers assail data encryption rule," excerpt from INFOWorld
- --
May 8, 1993
I have received a couple of e-mails recently asking, basically "Why
the heck are you paying so much attention to this 'Clipper' thing?
Does this have some legally-related analogy that I'm missing?"
Good question.
The introduction of the "Clipper initiative" has complex
underpinnings. In my own opinion, it's development went hand-in-hand
with the earlier introduction of the FBI's "Digital Telephony" Bill,
which never made it past discussion on Capitol Hill. Under terms of the
Digital Telephony proposal, the government would have implemented
legislation to force telecommunications providers to allow a
"backdoor" means for law enforcement agencies to monitor
communications traffic. The privacy implications of this proposal are
clear, and the proposed bill was killed.
The Clipper chip/initiative was announced on April 16, 1993. Clipper is
designed for voice communications; a follow-on development chip called
"Capstone" is geared towards data communications. Both utilize a
secret algorithm dubbed "Skipjack;" the technology for all of these
buzzwords was developed by the National Security Agency. Legal Net
News has attempted to cover this topic since its announcement, so
back-issues contain further historical references to Clipper/Capstone
and Skipjack.
Briefly, these technologies were introduced to allow a standard for
encryption at the device (hardware) level. An encryption system
designed to allow the secret keys to be "escrowed," or placed with two
separately designated escrow agencies in order to provide some form of
misappropriation. When a law enforcement agency needed to place a
wiretap on communications encrypted with Clipper, it would have to
obtain a court order and subsequently obtain both keys from the escrow
agencies before placing the wiretap and deciphering the
communications.
I first heard of this plan on the evening on April 16th when the
announcement was posted to the Internet. My first reaction was that
something was fishy about the whole scheme and I couldn't help but
think back to the Digital Telephony fiasco. "Until I know more about
it, however," I thought, "I shouldn't jump the gun."
There were a lot of unanswered questions. Why was this developed
behind the scenes? Why was the algorithm secret? I wanted to know
every detail about this "Clipper" chip, the key-escrow scheme and this
mystery company, Mykotronx, who was developing the chips for the
the government. I also wanted to know why AT&T released a statement
the same day announcing that they were going to immediately start
integrating this technology into their secure products. Sound like
some sort of collusion to me, being the eternal cynic that I am.
Well, there are still a lot of unanswered questions. In fact, a group
of software manufacturers presented the National Institute of
Standards and Technology a list of well over one hundred questions
that they wanted answered concerning this entire proposal. I've
included that list in this issue.
The fourth amendment to the Constitution of the United States reads,
"The right of the people to be secure in their persons, houses,
papers, and effects, against unreasonable searches and seizures, shall
not be violated, and no Warrants shall issue, but upon probable cause,
supported by Oath or affirmation, and particularly describing the place
to be searched, and the persons or things to be seized."
This amendment was added to ensure our right, as citizens, to personal
privacy. Without trying to liberally interpret this passage, it can
also be applied to our right to private communications and the right
not to be monitored by our government under the guise of proactive law
enforcement without just cause.
The right privacy is about being able to conduct yourself without
scrutiny. It is not about being monitored in case you may commit a
crime in the future, or may have committed one during the course of
your casual communications, unless law enforcement can convince a
court that you might or may have.
This is a sensitive topic. What the government has tried to do is
implement a technology which has the potential to usurp privacy from
personal communications. For the time being, its been put on the back
burner. In any case, the public needs to know about this topic, in
order to make an informed decision concerning a technologically-enabled,
"Big Brother" topic that might eventually become the de facto standard
for secure communications in this country.
If I sound like an alarmist, then think again. Remember Nixon and his
"enemies" list? Remember McCarthy and his effort to expose and
prosecute Communists within the United States? They may sound
far-fetched as well, but they happened. And with intelligence
communities looking for work since the apparent demise of the "Iron
Curtain," it is highly likely that they will turn their intelligence
gathering powers inward on their own borders in the name of "The War
on Drugs" or "Industrial Espionage" or "Organized Crime" or
"Terrorism" or whatever happens to be politically correct at the time.
The bottom line is that you, as a private citizen, may be the ultimate
loser in the privacy game.
- Paul
fergp@sytex.com
- --
Date: Fri, 4 Jun 1993 20:46:59 EST
Sender: Computer Professionals for Social Responsibility
<uunet!VTVM2.CC.VT.EDU!CPSR%GWUVM.BITNET>
From: Dave Banisar <uunet!washofc.cpsr.org!banisar>
Organization: CPSR Civil Liberties and Computing Project
Subject: NIST CSSPAB 6/4/93 Resolutions
NIST CSSPAB 6/4/93 Resolutions
NIST Crypto Resolutions
Computer System Security and Privacy Advisory Board
June 4, 1993
Resolution #1
At Mr. Kammer's request we have conducted two days of
hearings. The clear message of the majority of input
was that there are serious concerns regarding the Key
Escrow Initiative and the Board concurs with these
concerns. Many of these issues are still to be fully
understood and more time is needed to achieving that
understanding.
Accordingly, this Board resolves to have an additional
meeting in July 1993 in order to more completely respond
to Mr. Kammer's request and to fulfill its statutory
obligations under P.L. 100-235. The Board recommends
that the inter-agency review take note of our input
collected, our preliminary finding, and adjust the
timetable to allow for resolution of the significant
issues and problems raised.
Attached to this resolution is a preliminary
distillation of the serious concerns and problems.
Resolution #2
Key escrowing encryption technology represents a
dramatic change in the nation's information
infrastructure. The full implications of this
encryption technique are not fully understood at this
time. Therefore, the Board recommends that key
escrowing encryption technology not be deployed beyond
current implementations planned within the Executive
Branch, until the significant public policy and
technical issues inherent with this encryption technique
are fully understood.
[Attachment to Resolution #1]]
- A convincing statement of the problem that Clipper
attempts to solve has not been provided.
- Export and important controls over cryptographic
products must be reviewed. Based upon data compiled
from U.S. and international vendors, current controls
are negatively impacting U.S. competitiveness in the
world market and are not inhibiting the foreign
production and use of cryptography (DES and RSA)
- The Clipper/Capstone proposal does not address the
needs of the software industry, which is a critical and
significant component of the National Information
Infrastructure and the U.S. economy.
- Additional DES encryption alternatives and key
management alternatives should be considered since there
is a significant installed base.
- The individuals reviewing the Skipjack algorithm and
key management system must be given an appropriate time
period and environment in which to perform a thorough
review. This review must address the escrow protocol
and chip implementation as well as the algorithm itself.
- Sufficient information must be provided on the
proposed key escrow scheme to allow it to be fully
understood by the general public. It does not appear to
be clearly defined at this time and, since it is an
integral part of the security of the system, it appears
to require further development and consideration of
alternatives to the key escrow scheme (e.g., three
"escrow" entities, one of which is a non-government
agency, and a software based solution).
- The economic implications for the Clipper/Capstone
proposal have not been examined. These costs go beyond
the vendor cost of the chip and include such factors as
customer installation, maintenance, administration, chip
replacement, integration and interfacing, government
escrow systems costs, etc.
- Legal issues raised by the proposal must be reviewed.
- Congress, as well as the Administration, should play a
role in the conduct and approval of the results of the
review.
=======================================================
NIST Resolutions on Key Escrow Issues and Clipper
provided by
CPSR Washington office
666 Pennsylvania Ave., SE Suite 303
Washington, DC 20003
rotenberg@washofc.cpsr.org
=======================================================
- --
Date: Sun, 6 Jun 1993 12:09:08 -0400
From: uunet!crc.monroecc.edu!mulivor
To: toad.com!cypherpunks
Subject: SPA Press Release
I recently received this press release from the Software Publishers
Association. It gets better as it goes on.
--Phil Mulivor
mulivor@orion.crc.monroecc.edu
----------------------------------------------------------------
06/04 1018 SPA RENEWS CALL FOR LIBERALIZING EXPORT CONTROLS
WASHINGTON (JUNE 4) IDG PR SERVICE - At a National Institute of
Standards and Technology (NIST) hearing Thursday on national
cryptographic policies, the Software Publishers Association (SPA)
explained how continued "munitions" export controls of mass market
software with encryption capabilities were seriously harming the
American software industry and renewed its call for significant export
liberalization of mass market software using DES or other encryption
algorithms such as RC2/RC4 at comparable strengths.
SPA also warned that the Administration's recent announcement of
its "Clipper Chip" initiative did not address the software industry's
concerns and should not be an excuse to delay export liberalization.
The SPA announced the preliminary results of its recent research
which reveal a robust and rapidly expanding foreign market in
encryption programs and products. "Unilateral US export controls do
not make any sense given the widespread legal availability of foreign
encryption programs," testified Ilene Rosenthal, SPA's general
counsel. "Foreign companies will buy foreign encryption products if
they cannot buy from American companies and in turn become ex-US
customers. As a result, the U.S. Government will only succeed in
crippling an American industry's exporting ability."
The SPA research team preliminary concluded that:
- The US no longer dominates the encryption field. In fact, the
SPA has identified to date more foreign than domestic encryption
programs and products (143 vs. 133).
- There clearly are many foreign options for strong encryption,
contrary to assertions by the U.S. government. SPA has preliminarily
identified to date 80 foreign software, hardware, and combination
hardware/software products for text, data, and file encryption from
companies in 13 foreign countries. Forty-eight of these employ DES,
which is nearly impossible to export from the U.S. in other than very
rare circumstances. Sixty-three additional foreign encryption
programs and products have been identified (including those from an
additional five countries) but have yet to be investigated. However,
SPA believes many of these also will be found to employ DES or other
comparable strength encryption algorithms.
- Fifteen foreign mass market encryption software programs and kits
are available that employ the DES algorithm. These are published by
companies in Germany, Israel, the United Kingdom, Denmark, Canada,
Belgium, and Australia. These software programs are installed by the
user inserting a diskette; the kits enable encryption capabilities to
be easily programmed into a variety of applications.
- Foreign companies increasingly recognize and are responding to
the need to provide software only encryption solutions. Although the
foreign encryption market is still heavily weighted towards encryption
hardware and hardware/software combinations, the market trend is going
to software.
The SPA noted that in addition to these commercially available
programs and products, any analysis of the availability of foreign
encryption alternatives must consider programs available on the
Internet, which is the largest global network connecting millions of
users throughout the world.
- DES is widely available on the Internet, including
implementations that can be simply down-loaded and used.
- A recently popularized encryption program entitled Pretty Good
Privacy (PGP) also is widely available throughout the world. PGP
implements the International Data Encryption Algorithm (IDEA), which
provides protection comparable to DES. The program is intended for
electronic mail, but also is ideal for encrypting files. It is
available for free, may be used legally throughout Europe, whether in
a business or at home, comes with easy-to-read instructions, is
trivial to install, and simple to use.
"Some government officials routinely assert that even if the
Government prohibits America's software publishers from offering
encryption features demanded by their customers abroad, we should not
be concerned because there are foreign programs and products
available," said Ken Wasch, SPA's executive director. "Our research
shows that such an assertion is erroneous. In fact, there are a very
large number of such programs and products available on the market
today. The result is lost sales for American business without any
improvement in national security."
The Software Publishers Association is the principal trade
association of the PC software industry. Its more than 1000 members
represent the leading publishers in the business, consumer, and
education markets. The SPA has offices in Washington and Paris,
France.
CONTACT: Software Publishers Association, Washington
Terri Childs, 202/452-1600
- --
Date: Tue, 8 Jun 93 08:55:48 EST
From: "Pat Farrell" <uunet!cs.gmu.edu!pfarrell>
Subject: Tuesday's Washington Post
In Tuesday June 8 Final edition of the Washington Post, Page A12
US Data Decoding Plan Delayed
Business and Legal Objections Reviewed
by John Schwartz
The Federal initiative to establish a new standard for scrambling electronic
communications will be slowed until its ramifications can be more fully
studied, the official in charge of implementing the program said yesterday.
The government's proposed "Clipper Chip" plan, announced on April 16, would
create a new national standard for data encryption that would make possible
the decoding and wiretaps by law enforcement and national security
agencies.
The plan has met with criticism from high-technology industries that argue
that the new requirements would be expensive and hurt the competitiveness of
their products. Civil liberties advocates see it as a threat to privacy.
Raymond Kammer, acting director of the National Institute of Standards and
Technology (NIST) - which developed the Clipper proposal with the National
Security Agency and is charged with implementing it within the government-
delivered the news to a Washington conference attended largely by critics of
the Clipper plan.
In an interview afterward, Kammer said that the entire Clipper plan was
still being discussed, and if the review revealed unresolvable problems,
"maybe we won't continue in the direction we started out."
Criticism was sharp at the cryptography and privacy conference sponsored by
the Washington office of the Computer Professionals for Social
Responsibility, a public interest group concerned with high-tech issues.
One panelist compared Kammer's appearance at the conference to "having a
target painted on your chest." Kammer said: "We're not going to close off
the process while there's still productive conversation. And its' obvious
from the meeting today that there's still plenty of productive conversation."
Pressure has been building on NIST since the White House announcement in
April. Critics of the plan have flooded the administration with lengthy
lists of questions about the new plan, voicing concerns that the proposal
might make American products more expensive, less secure, and less
competitive overseas while not hindering criminals.
Last Friday, NIST's advisory panel on privacy issues concluded two days of
heated hearings concerning the Clipper proposal with a resolution expressing
"serious concerns" sparked by the administrations's proposal. "Things are
going too fast." said William Ware, chairman of the Computer System Security
and Privacy Advisory Board, a body created under the Computer Security Act
of 1987. The NIST panel reported that the government had not convincingly
explained the nature of law enforcement problems that would be solved by the
Clipper plan, and cited damage the proposal was likely to do to the American
software industry.
Later that day, White House officials overseeing the Clipper plan met with
representatives of industry and civil liberties groups, including the
high-tech policy group Electronic Frontier Foundation as well as the
American Civil Liberties Union. Administration officials said that the
Clipper review would be extended into the fall and that the government would
not move beyond its initial plans to buy about 10,000 Clipper-equipped
telephones until the review was completed.
John Podesta, assistance to the President, said that meeting was part of a
continuing dialog with the private sector. "It's time to start ot get
answers instead of the endless quest for questions, Podesta said."
- --
ComputerWorld
June 7, 1993
Vol. 27, No. 23
page 21
Fed officials pan ban of old encryption specs
by Gary H. Anthes
Gaithersburg, MD
Federal officials responsible for shaping information security
policy said last week that legislation mandating use of the
government's recently proposed encryption technology -- and
banning the use of older but popular techniques -- is neither
wise nor legal.
In April, the White House said it intended to establish as a
federal standard an approach to encryption called "key-escrow."
This method would require that the keys needed to unlock a coded
conversation be kept by government-approved agencies and
retrieved only for court-ordered wiretaps.
Dubbed "Clipper" for voice communications and "Capstone" for
data, the approach is intended to balance the conflicting
objectives of users -- who demand absolute security and privacy
-- and law enforcement agencies, which are looking for a legal
"backdoor" into coded criminal communications.
Protecting rights to privacy
But the idea has been challenged by civil libertarians who fear
abuses by a technologically empowered Big Brother, and by some
users, especially those such as banks that have made large
investments in cryptography based on the older Data Encryption
Standard (DES), which some fear could be banned by the
government.
Protesters so far include the Computer and Business Equipment
Manufacturers Association, Information Technology Association of
America, Computer Professionals for Social Responsibility,
Electronic Frontier Foundation, Business Software Alliance,
Software Publishers Association and Information Systems Security
Association.
Raymond Kammer, acting director of the National Institute of
Standards and Technology (NIST), acknowledged that a ban on
existing techniques would be considered. "But my personal opinion
is, I can't see doing anything that would take away any freedoms
we now enjoy," Kammer said.
"We tried to come up with a technique that would not require
legislation," said Clint Brooks, advisor to the director of the
National Security Agency, which developed and now strongly
supports the key-escrow approach.
Brooks predicted it would be years before criminal use of DES
would be wide-spread enough to present obstacles to law
enforcement agencies, which cannot crack DES codes. "Let's wait
and see if legislation is needed," he said.
While the majority of those attending a public hearing at the
NIST last week spoke out against the government's proposal, a few
strongly defended it saying criticisms are either misdirected or
deal with fixable flaws.
Donald Alvarez, national defense science and engineering graduate
fellow at Princeton University, outlined six ways that Clipper
could be breached but finished by saying, "I definitely believe
it is possible to address the needs of both [users and law
enforcers], even with the Clipper and Capstone chip sets."
8<---------- End of Article -------------
In a small, corner-page, footnote box on the same page --
"Keyed up
In a statement filed with the Computer System and Privacy
Advisory Board, Citicorp raised the following concerns about
Clipper:
o The private sector was not adequately consulted.
o The algorithm used in Clipper/Capstone is not compatible with
other commonly used encryption methods and will only cause
costly disruptions for businesses.
o The algorithm -- which is to be secret but will be examined by
a handful of government-chosen experts -- "will undergo
inadequate scrutiny and hurried review."
o The databases and access systems associated with Clipper may be
flawed and insecure."
- --
... The Digital Privacy and Security Working Group, coordinated by
the Electronic Frontier Foundation, sent the following questions to the
White House, the Department of Commerce, and key members of Congress.
Digital Privacy and Security Working Group
666 Pennsylvania Ave, SE
Suite 303
Washington, DC 20003
Jerry Berman or Daniel J. Weitzner 202/544-9237
Leah Gurowitz 202/544-6909
ISSUES AND QUESTIONS
REGARDING THE ADMINISTRATION'S CLIPPER CHIP PROPOSAL
A. Process by Which the Proposal Was Developed
1. Why the secrecy in which the encryption code scheme was developed?
Were any members of the computer, communications, or security industries
consulted? Were any privacy experts consulted? Has the Justice Department
or the White House Office of Legal Counsel considered the constitutional
implications?
2. The Administration's announcement implies that a policy review on
encryption has been commenced; but at the same time, it appears that a
decision has already been reached to support the Clipper proposal or some
other key-escrow scheme. Is any review of the Clipper chip itself now
underway? What progress has been made? When will this expedited review be
complete?
3. What role has the National Security Agency played in the
development and selection of the Clipper Chip and key escrow system? What
will NSA's role be in the deployment and evaluation of the system? Are
these roles consistent with the principle of civilian control of computer
security, as required by the Computer Security Act of 1987?
4. What efforts are underway to improve the government's ability to
decrypt non-Clipper algorithms which are likely to be used by criminals?
Can the government decrypt all commercially available hardware sold
domestically and abroad? If not, wouldn't it be a better policy to direct
U.S. resources in that direction instead of the Clipper approach?
5. What percentage of the 800 to 900 annual Title III interceptions
encounter encrypted communications? What percentage of law enforcement
encountered encryption is estimated to be Clipper as opposed to the other
encryption schemes? Is this a solution in search of a problem?
6. Did the government consider commercially-available encryption
schemes and reject them? If so, why were they rejected, and is that
analysis available? If not, why not?
7. Capstone is the successor to Clipper with the addition of public
key exchange and digital signature capabilities. Is Clipper just an
intermediate step before Capstone is released? Why did the White House
press release not mention Capstone?
8. How will this relate to the FBI's Digital Telephony Proposal? Has
the Administration committed to supporting, discarding or reintroducing the
proposal in a new form?
9. What is the history of the proposal? How long has this been under
consideration?
10. How long has the Clipper Chip and escrow concept been in
development? Which agency originated these concepts?
B. Secrecy of the Algorithm
11. Will the Clipper proposal have the same degree of public review
that other NIST standards, such as DSS have gone through?
12. How can the public trust the security and reliability of an
algorithm that is kept classified?
13. If American firms are not able to have their encryption experts
examine the algorithm, how can they be sure that there is no "trap door"
that would allow any Clipper Chip security system to be overridden? Dr.
Kammer of NIST has said that "respected experts from outside the government
will be offered access" to the algorithm. How do interested parties go
about obtaining this access to the classified material about the Clipper
algorithm and participate in the analysis of the design to search for trap
doors and other weaknesses? What specific reports from this process will
serve to reassure users regarding the integrity of the Clipper Chip?
14. What will be the consequence if the algorithm is published? Will it
become less secure? If publication (i.e., de-classification) would make it
less secure, how secure can it be?
15. If the Clipper Chip is too weak to protect classified government
communications, why should it be used for sensitive proprietary private
sector communications?
16. Executive Order 12356 has procedures on classification and
declassification of information. Is the algorithm being classified under
the framework of this order? What agency is in charge of classification/
declassification?
17. How much effort has the government put into the design and
cryptoanalysis of the Clipper Chip as compared to the public analysis of
the Data Encryption Standard during the last 16 years?
18. Is the Skipjack algorithm being used by the Clipper Chip derived
from codes used in the management of our nuclear arsenal? Is this why the
algorithm is being kept secret? If this is so, why are we using this
secret system for a dubious commercial standard? If there is a national
security justification to avoid having this encryption technique revealed,
why risk compromising it by integrating it into publicly distributed
products?
19. If the algorithm is classified, how will it be legal to distribute
the chips to users not qualified to handle classified encryption equipment?
This seems contrary to Facility Security Clearance procedures and the
Personal Security Clearance requirements of DoD 5220.222-M, Industrial
Security Manual for Safeguarding Classified Information.
20. Is it illegal to reverse engineer the Clipper Chip? If it were
reverse engineered, would it then be illegal to reveal the algorithm?
C. Voluntariness of Clipper System
21. Will this system be truly voluntary? If so, won't criminals and
terrorists just use some other type of encryption?
22. If the use of the Clipper Chip is "voluntary," why would any party
desiring privacy or secrecy of communications use it, knowing that the US.
government has a process to allow decryption? If the Administration's
ultimate goal is to ban other forms of encryption for use domestically,
what is the legal basis for such an approach?
23. Isn't the Administration doing more than "encouraging" use of
Clipper? (E.g., discontinuing DES at the end of the current certification
cycle, directing NIST to adopt Clipper as a Federal standard, and
maintaining export restrictions on hardware/software using different
algorithms?)
24. Does the government have any plans to campaign for the
implementation of the Clipper Chip as a standard for data cryptography?
25. What impact will the introduction of Clipper have on the market for
other encryption technologies? Will the government otherwise try to
discourage other cryptographic mechanisms from being marketed domestically
and abroad?
26. Isn't the government dictating the design of technology into
commercial products rather than allowing market demand to dictate?
27. What prevents a sender of information from encrypting with secure,
easy to obtain software using DES or RSA algorithms before sending data
through a channel encrypted with the Clipper system?
28. Would the Administration ever consider making the Clipper Chip or
other key escrow system mandatory?
D. Key Escrow System
29. How can the government assure us that the keys held in escrow are
not compromised? What public or private agencies have sufficient integrity
and public trust to serve as escrow agents?
30. How can the public be sure that keys will only be revealed upon
proper warrant? Will there be clerks who actually operate the equipment
who could get anyone's keys? Or will judges have personal keys, which
would be directly authenticated to the escrow agents' equipment that
protects the users' keys?
31. Once the keys are obtained from the escrow holders, is it
envisioned that electronic surveillance can be done "real-time," or will
recording and post-processing be required?
32. To hear both sides of a conversation, does law enforcement need the
keys of both participants?
33. After law enforcement has properly obtained a pair of unit keys
from the escrow agents and conducted a wiretap, will the keys be "returned"
to the agents? What safeguards exist to prevent law enforcement from
re-using the keys without authorization in the future?
34. Once in possession of the unit keys, can the government pretend to
be ("spoof") the original unit owner?
35. What is the smallest number of people who would be in a position to
compromise the security of the system?
36. Can an escrow agent exercise discretion in the release of key
information? E.g., can they refuse an inappropriate request? (Phone
companies ensure that court orders are facially valid.) Can they publicize
an inappropriate request? Can they tell the person whose communications
were intended to be violated?
37. Who will be responsible for auditing the escrow process and the use
of revealed keys?
38. How will the government ensure that unanticipated uses of the
escrow database are prevented in the long term? (E.g., the Census database
was supposed to stay confidential for 75 years, but was released during
World War Two to allow Japanese-Americans to be imprisoned without cause.
What protections are in place to make sure that this never happens again?
39. What happens when one discovers that the keys have been captured
through theft? How difficult would it be to change keys? What is done in
the meanwhile? How difficult is it to reprogram the chip, or do you need a
replacement?
40. If the chip can be reprogrammed, how do you prevent covert changes
that will not be discovered until authorization to tap is received and
execution of the warrant is forestalled?
41. It appears that once a given chip has been compromised due to use
of the escrowed keys, the chip and the equipment it is used in are
vulnerable forever. Is there any mechanism or program to re-key or replace
compromised hardware? Is there any method for a potential acquiring party
to verify whether the keys on a given chip have been compromised? Who
should bear the cost of replacement or re-keying of compromised hardware?
42. What safeguards will be used when transporting the escrow keys?
43. What are the national security implications of widespread
deployment of Clipper? Does it make our communications more susceptible to
disruption or jamming?
44. Doesn't the two-escrowee approach make these locations targets of
opportunity for any party or foreign government that wants to gain access
to sensitive US. information? If an escrow location is compromised, all
chip data contained there is compromised. Wouldn't these locations also
become targets of opportunity for any criminal or terrorist organization
that wanted to disrupt US. law enforcement? What back-up or physical
security measures are envisioned? If multiple copies are kept, doesn't
this increase the threat of compromise?
E. Choice of Agents for the Keys
45. Who will be the agents for the keys? How secure will they be from
the outside and from the inside? What is the cost of maintaining the
escrow system? Who will pay? Who will profit?
46. When will the escrow agents be announced? Will there be a process
to allow input into the selection of these individuals/agencies?
47. Although it has been reported that the escrow holders will not be
the FBI, DoD, CIA or NSA, is it envisioned that one or both of the escrow
locations will be non-government entities? Can one or both be private
parties? What will the process be to determine what private party will be
awarded the contract for key holder?
48. Can the set of escrow agents be changed after the initial
selection? How can the government be prevented from moving the escrow
contract to a more pliable escrow agent, if one of the agents stands up
against the government for the rights of the people whose keys they are
protecting?
49. Will escrow agents be immune from prosecution during their term of
office, like Members of Congress, the President, and Justices of the
Supreme Court? If not, what will prevent the government from harassing the
agents during a dispute with the Justice Department?
50. Will there be a mechanism for particular people to keep their keys
out of the key escrow database, or to obtain Clipper Chips with keys that
have not been escrowed? (E.g. Judges, law enforcement officers, NSA
officials, the President, etc.)
F. Level of Security of Clipper Chip Encryption
51. How will the government assure American businesses that their
proprietary information is not compromised? Given the extremely
competitive nature of the high-tech industries, and the importance of
intellectual property, how can American firms be adequately protected?
52. How will the government assure American citizens that the privacy
of their electronic communications and the security of personal information
that is transmitted in electronic form will all be secure under the Clipper
Chip?
53. f the Administration is so confident about the level of security of
the Clipper Chip scheme, why will classified information not be encrypted
with it?
54. What warranty is the US. government prepared to make regarding the
security of the Clipper Chip compared to other algorithms, and indemnity
for failures for breaches of the algorithm, chips that are compromised due
to failures in the security of the escrow system, or other failures in the
Clipper approach?
55. What effect does Clipper have on other NSA and DOD programs aimed
at encryption and authentication of unclassified messages (e.g., MOSAIC)?
56. If Clipper is not approved for classified traffic, what government
agencies will be utilizing Clipper, and for what applications?
57. Normal security procedures involve changing cryptography keys
periodically, in case one has been compromised. But the family and unit
keys cannot be changed by the user. If these keys are compromised, it won't
matter how frequently the user changed their session keys. Doesn't the long
use of the same family and unit keys increase the likelihood that these
keys will be compromised while they are still in use? Doesn't this also
eliminate a significant degree of the user's control of the level of
security that their his or her system provides?
58. If the government discovered that the algorithm or family key had
been discovered by a foreign government or private individuals, would it
tell the public that the system had been compromised? Are there plans to
restore privacy and authentication if the algorithm is compromised?
59. How secure is the Clipper algorithm if it is attacked by a person
with half the key?
G. Level of Privacy Protection
60. Given the dramatic growth in transmission and storage of personal
information in electronic form, does the Administration recognize that
private individuals, as well as large organizations, need access to
affordable, robust encryption systems?
61. Is law enforcement permitted to identify the specific piece of
communications equipment without obtaining a warrant? If encrypted
communications include the serial number ("chip family key"), will law
enforcement be able to keep track of communications traffic and track
private citizens without even securing the keys from the escrow agents?
62. Does the Administration believe that all household phones are going
to be replaced with secure versions over some period of time? At what
cost?
63. It has been impossible to keep any large collection of information
completely private, including Social Security records, tax information,
police files, motor vehicle records, medical records, video rentals, highly
classified military information, and information on abuses of power. How
will users be able to tell when this happens to the key escrow information?
H. Constitutional/Legal Implications
64. Has the Administration fully considered the constitutional
implications of the Clipper Chip and other key escrow systems?
65. Does forcing someone to disclose a key for future law enforcement
access infringe the fundamental right against self incrimination embodied
in the Fifth Amendment?
66. Does requiring key disclosure in conjunction with a particular
technology violate users' right to free speech under the First Amendment?
Courts frown most severely on any government attempts to compel a
particular form of speech.
67. Does the escrow system violate the letter or the spirit of the
Fourth Amendment protections which safeguard citizens against intrusive law
enforcement practices?
68. When the Administration says "nor is the U.S. saying that 'every
American, as a matter of right, is entitled to an unbreakable commercial
encryption product,'" are they therefore saying the inverse, that every
American is not allowed to have an unbreakable commercial encryption
product?
69. Does the Administration see the need for any new legislation to
implement its Clipper Chip proposal? If so, specifically identify.
70. In the event that one or more escrow keys are obtained through
unauthorized means, what liability, if any, might the equipment
manufacturer have to bear?
71. What will be the relationship between Federal and state law
enforcement? Will the policy pre-empt state law? How will state law
enforcement access the "key" system?
72. What is the statutory authority for regulation of domestic
encryption? Are any of these statutes cold war relics? Should the
efficacy of all statutes that effect civilian encryption be reviewed?
73. What protections do we have against blackmailing by escrow agents,
or by others who have gained possession of escrowed keys? Is there civil
or criminal liability for escrow agents who reveal keys illegally?
74. What is the impact on society if the right to hold a truly private
conversation is withdrawn?
75. Is strong encryption technology important for protecting
intellectual property in a digital network environment?
I. Logistics of Chip Development and Manufacture
76. Why weren't other Chip manufacturers given the chance to bid on the
chip production process? Why was the choice made to have only one
manufacturer?
77. Since the Clipper Chip design data will need to be released to
manufacturers, how will we be assured that this information, in itself,
will not allow the user systems to be compromised?
78. What assurances will there be that the manufacturer is not keeping
a record of all keys issued?
79. We have read Dorothy Denning's explanation of how the two 80-bit
keys will be created in the SCIF. Is this description accurate? If not,
how would this process occur? If so, is the system feasible? What will the
cost be for this process and for the increased security of the involved
government agents?
80. The chips will be programmed in a Secure Compartmented Information
Facility (SCIF). Does this suggest that the chips should at some point be
classified Secret or Top Secret? What is the classification of the Clipper
and Capstone chips and the Skipjack algorithm? How will these chips be
declassified once leaving the SCIF?
81. Some of the press reports imply that AT&T has had access to this
information in order to incorporate Clipper into some of its equipment
designs. Is that implication accurate?
82. Can this scheme be implemented in software? If so, why haven't we
seen information on that software? If not, were issues of how this
hardware solution would affect continued use of software encryption
adequately evaluated? Were the comparative costs of software and hardware
encryption schemes evaluated? Is this evaluation available for analysis?
83. Current high speed DES processors have encryption rates of
approximately 200 megabits per second, while the Clipper Chip has a
throughput of 12.5 megabits per second. Within two to five years, 100 Mbs+
technologies, such as Fast Ethernet, FDDI and ATM, will become commonplace.
How will the Clipper technology be used in environments where data is sent
at 100 Mbs or faster?
J. Feasibility/Implementation
84. What testing has been done to verify the ability of Clipper to work
across the panoply of new emerging technologies? If the underlying digital
transport protocol drops a bit or two, will that interfere with Clipper
operation? How critical is synchronization of the bit stream for Clipper
operation? Has this technology been tested with ISDN, TDMA, Cellular, CDMA
Cellular, ATM, SONET, SMDS, etc. and other emerging technologies? What
effect does Clipper have on the Cellular Authentication and Voice
Encryption (CAVE) algorithm? Are these differences for key generation,
authentication, or voice privacy?
85. Does the Administration seek to extend the Clipper Chip proposal to
the TDMA and CDMA digital cellular standards?
86. When will the government publish the various Modes of Operation and
other documents for Clipper, together with a physical implementation
standard (similar to the old FS-1027)?
87. Will the government consider the development of alternate sources
for the chip or will vendors be limited to a single, monopoly supplier?
88. Initially, the Clipper Chip is being proposed for telephone
technology, but the White House specifically mentions that the technology
will be used for electronic data transmission. What is the timetable for
implementing this?
89. What is the scope that the Administration envisions for the Clipper
Chip's algorithm use? What about Capstone? Is it limited to choice, or
does it encompass electronic mail, network encryption, security modems,
long-haul bulk encryptors, video applications, computer password
protection, Intelligent Vehicle Highway Systems ("IVHS"), satellite
communications -- both transport and control, electronic funds transfers,
etc.?
90. What is the Administration's policy on other security mechanisms
beyond privacy, such as message authentication codes for banking and EFT,
and for integrity and digital signatures for sender authentication and
non-repudiation? What is the impact on international standards such as
X.500 and X.509?
91. Since Clipper, as currently defined, cannot be implemented in
software, what options are available to those who can benefit from
cryptography in software? Was a study of the impact on these vendors or of
the potential cost to the software industry conducted?
92. What is are the success criterion for the Clipper initiative?
Would the government abandon its initiative if the Clipper is shown to be
unsuccessful beyond government use?
93. What is the expected useful lifetime of the Clipper technology?
What do you expect will render it useless at some point?
94. Is it true that the name "Clipper Chip" is the intellectual
property of another company?
K. Impact on American Competitiveness
95. As the key-escrow approach is designed to ensure the ability of the
American government to access confidential data, do NIST and NSA expect
overseas customers (who do not have the protection of due process) to
purchase the chip for data protection?
96. In testimony before the House Telecommunications Subcommittee, Mr.
Kammer of NIST indicated that if he were a foreign customer, he would not
purchase devices that included the Clipper Chip. Doesn't this raise serious
balance-of-trade problems?
97. Will the technology, or the Chip itself, be shared with other
allied governments (e.g., the UK), or will US. producers of data security
products, forced by government standards to develop clipper-based products
for the US. market, be permanently closed out of the overseas security
market?
98. If Clipper won't be commercially accepted abroad, and export
controls continue to prohibit the exportation of other encryption schemes,
isn't the US. government limiting American companies to a US. market?
99. Given the restrictions on who can build Clipper devices, how will
Clipper keep up with advances in semiconductor speed, power, capacity and
integration? Openly available devices, such as Intel-compatible
microprocessors, have seen dramatic gains, but only because everyone was
free to try to build a better version.
100. Will the Clipper Chip be used nationally and internationally? How
will multinational operations accommodate this new system?
101. Banking and finance are truly global today. Most European financial
institutions use technology described in standards such as ISO 9796. Many
innovative new financial products and services will employ the reversible
cryptography described in these standards. Clipper does not comply with
these standards. Will US. financial institutions be able to export Clipper?
If so, will their overseas customers find Clipper acceptable?
102. If overseas companies provide systems based on algorithms that do
not have key escrow schemes that encrypt faster and more securely, how will
we compete internationally? We are market leaders in applications software
and operating systems. our world leadership in operating systems is
dependent on integrating security in internationally distributed systems.
103. Internet Privacy Enhanced Mail (PEM) is becoming an internationally
recognized system for encrypting Electronic Mail. Would Skipjack encryption
become a US. standard for encrypting electronic mail while the rest of the
world used PEM? How would E-mail traffic between the US. and other
countries be encrypted?
L. Effect on Export Control Policy
104. In light of the Clipper initiative, will export restrictions on
hardware and software encryption regimes using DES and RSA algorithms
(which are widely available abroad) remain in place?
105. Will American firms be allowed to sell devices containing the
Clipper Chip abroad? Under which governmental regulatory regime would
exports of devices containing the Clipper Chip fall? What conditions would
be applied to exports of devices containing the Clipper Chip? (E.g., would
American firms be allowed to export devices to non-US. customers without
the escrow requirement? If not, who would hold the keys?)
106. What governmental regulations will apply to imports of devices
containing the Clipper Chip? Given that most US. companies source most
customer premise equipment (e.g., telephones, fax machines, etc.) offshore,
how will the logistics be handled for the export of the Clipper Chip as a
component, and the subsequent import of the device containing the chip?
Will the US. permit non-US. manufacturers to have the Clipper algorithm? If
not, how will the Administration justify this trade barrier?
107. If the Clipper Chip cannot be reverse-engineered, and if the US.
government is capable of decrypting, why would there be any reason to limit
Clipper products from being exported?
108. If Clipper is allowed to be exported, does the US. government
foresee a problem with other governments? Would the US. government's access
to escrow keys be viewed as an exercise of extraterritorial jurisdiction?
M. Implications for Installed-Base/Existing Products
109. What are the implications of NSA/NIST withdrawing the certification
of DES? Although it may -- at some point in the future -- no longer be used
for government purposes, that is not going to effect commercial or private
users' applications of DES. What about the embedded base of DES hardware?
110. Will existing systems need to be replaced?
111. What efforts were spent to make the new encryption approach
compatible with the embedded base of equipment? If DES was becoming weak
(vulnerable), wouldn't merely extending the DES key length to 80 bits have
solved that problem?
112. There are a number of companies that employ non-escrowed
cryptography in their products today. These products range from secure
voice, data, and fax, to secure e-mail, electronic forms, and software
distribution, to name but a few. With over a million such products in use
today, what does the Clipper scheme foretell for these products and the
many corporations and individuals that are invested in them and use them?
Will the investment made by the vendors in encryption-enhanced products be
protected? If so, how? Is it envisioned that they will add escrow
features to their products or be asked to employ Clipper?
N. Process by which Input Will Be Received from Industry/Public Interest Groups
113. If the outcome of the policy review is not pre-ordained, then the
process to analyze the issues and arrive at solutions would seem to need a
great deal of definition. What roles have been identified for Congress, the
private sector, and other interested parties? Who is coordinating the
process?
114. Why does the Presidential directive on the review process remain
classified?
- --
INFOWorld
June 7, 1993
Volume 15, Issue 23
pages 1, 103
IS managers assail data encryption rule
'Clipper chip would allow snooping
by Scott Mace
And Shawn Willett
GAITHERSBURG, Md. -- IS managers and computer vendors last week
blasted the Clinton administration's plans to mandate use of the
"Clipper" data encryption chip.
During hearings hosted by the U.S. Commerce Department here last
week and in interviews, many IS managers and vendors said they
fear the encryption standard could make their operations
vulnerable not only to snooping by the government, but by
criminals as well.
IS managers and consultants from Bankers Trust Co. of New York
and Deloitte &Touche voiced these concerns at the hearing and
chided the government for shrouding the process in secrecy.
"The secret process up until now has been destructive to public
trust," said William Murray, IS consultant at Deloitte & Touche,
in Wilton, Conn.
"It is only a matter of time before hackers figure out a back
door to de-crypt it," said Sheldon Laube, national director of
information and technology at Price Waterhouse, in Menlo Park,
Calif.
Laube echoed the concerns of other corporate data managers.
"If the government can de-encrypt it, we have to assume
competitors can as well," said Bob Holmes, computer technology
research analyst at Southern California Gas, in Los Angeles.
The chip, which would be installed in data communications
devices, including computers, modems, fax machines, and phones,
encrypts data so outsiders cannot listen in or steal sensitive
data. But government agencies, such as the FBI, could ask for a
court order to obtain the "keys" to decode the data.
No one would be forced to implement the chip, but the
administration proposal could mandate government agencies to buy
it, effectively forcing its widespread adoption.
The Clipper chip, jointly developed by the National Security
Agency and the national Institute of Standards and Technology
(NIST) was also assailed by computer vendors.
Oliver Smoot, vice president of the Computer and Business
Equipment Manufacturers Association (CBEMA), testified that its
members would have to develop separate product lines for the
United States and overseas because a few foreign governments
would want to give the U.S. government the capability to decode
their data transmissions. This, along with the inclusion of the
chip in every computer, would mean higher prices, Smoot said.
CBEMA members include Apple Computer Inc., Compaq Computer Corp.,
IBM, and Hewlett-Packard Co.
The plan has also been hotly contested by computer industry civil
libertarians, such as the Electronic Frontier Foundation, which
urged that the Constitution's prohibition of illegal search and
seizure be applied.
NIST and other government agencies countered that the chip is
very resistant to tampering. It uses a key escrow system, where
two or more government agencies will hold parts of a decryption
key, for use by law enforcement with a valid court order.
The FBI expects organized crime and terrorists to begin encoding
information.
- --
End of Legal Net News, v1i9