Cyphernomicon Top
Cyphernomicon 9.18

Policy: Clipper,Key Escrow, and Digital Telephony:
Concerns


   9.18.1. Constitutional Issues
           - 4th Amend
           - privacy of attorney-client, etc.
           + Feds can get access without public hearings, records
             - secret intelligence courts
             -
             + "It is uncontested (so far as I have read) that under
                certain circum-
               - stances, the Federal intelligence community wil be
                  permitted to
               - obtain Clipper keys without any court order on public
                  record.  Only
               - internal, classified proceedings will protect our
                  privacy." <Steve Waldman, steve@vesheu.sar.usf.edu,
                  sci.crypt, 4-13-94>
   9.18.2. "What are some dangers of Clipper, if it is widely adopted?"
           + sender/receiver ID are accessible without going to the key
              escrow
             - this makes traffic analysis, contact lists, easy to
                generate
           + distortions of markets ("chilling effects") as a plan by
              government
             - make alternatives expensive, hard to export, grounds for
                suspicion
             - use of ITAR to thwart alternatives (would be helped if
                Cantwell bill to liberalize export controls on
                cryptography  (HR 3627) passes)
             + VHDL implementations possible
               - speculates Lew Glendenning, sci.crypt, 4-13-94
               - and recall MIPS connection (be careful here)
   9.18.3. Market Isssues
   9.18.4. "What are the weaknesses in Clipper?"
           + Carl Ellison analyzed it this way:
             - "It amuses the gallows-humor bone in me to see people
                busily debating the quality of Skipjack as an algorithm
                and the quality of the review of its strength.
                
                Someone proposes to dangle you over the Grand Canyon
                using
                
                        sewing thread
                tied to
                        steel chain
                tied to
                        knitting yarn
                
                and you're debating whether the steel chain has been X-
                rayed properly to see if there are flaws in the metal.
                
                "Key generation, chip fabrication, court orders,
                distribution of keys once acquired from escrow agencies
                and safety of keys within escrow agencies are some of the
                real weaknesses.  Once those are as strong as my use of
                1024-bit RSA and truly random session keys in keeping
                keys on the two sides of a conversation with no one in
                the middle able to get the key, then we need to look at
                the steel chain in the middle: Skipjack itself."  [Carl
                Ellison, 1993-08-02]
             + Date: Mon, 2 Aug 93 17:29:54 EDT
                From: cme@ellisun.sw.stratus.com (Carl Ellison)
                To: cypherpunks@toad.com
                Subject: cross-post
                Status: OR
                
                Path: transfer.stratus.com!ellisun.sw.stratus.com!cme
                From: cme@ellisun.sw.stratus.com (Carl Ellison)
                Newsgroups: sci.crypt
                Subject: Skipjack review as a side-track
                Date: 2 Aug 1993 21:25:11 GMT
                Organization: Stratus Computer, Marlboro MA
                Lines: 28
                Message-ID: <23k0nn$8gk@transfer.stratus.com>
                NNTP-Posting-Host: ellisun.sw.stratus.com
                
                
                It amuses the gallows-humor bone in me to see people
                busily debating the
                quality of Skipjack as an algorithm and the quality of
                the review of its
                strength.
                
                Someone proposes to dangle you over the Grand Canyon
                using
                
                        sewing thread
                tied to
                        steel chain
                tied to
                        knitting yarn
                
                and you're debating whether the steel chain has been X-
                rayed properly
                to see if there are flaws in the metal.
                
                Key generation, chip fabrication, court orders,
                distribution of keys once
                acquired from escrow agencies and safety of keys within
                escrow agencies are
                some of the real weaknesses.  Once those are as strong as
                my use of
                1024-bit RSA and truly random session keys in keeping
                keys on the two sides
                of a conversation with no one in the middle able to get
                the key, then we
                need to look at the steel chain in the middle: Skipjack
                itself.
                
               - "Key generation, chip fabrication, court orders,
                  distribution of keys once acquired from escrow agencies
                  and safety of keys within escrow agencies are some of
                  the real weaknesses.  Once those are as strong as my
                  use of 1024-bit RSA and truly random session keys in
                  keeping keys on the two sides of a conversation with no
                  one in the middle able to get the key, then we need to
                  look at the steel chain in the middle: Skipjack
                  itself."
   9.18.5. What it Means for the Future
   9.18.6. Skipjack
   9.18.7. National security exceptions
           - grep Gilmore's FOIA for mention that national security
              people will have direct access and that this will not be
              mentioned to the public
           + "The "National Security" exception built into the Clipper
              proposal
             - leaves an extraordinarily weak link in the chain of
                procedures designed
             - to protect user privacy.  To place awesome powers of
                surveillance
             - technologically within the reach of a few, hoping that so
                weak a chain
             - will bind them, would amount to dangerous folly.  It
                flies in the face
             - of history. <Steve Waldman, steve@vesheu.sar.usf.edu, 4-
                14-94, talk.politics.crypto>
   9.18.8. In my view, any focus on the details of Clipper instead of
            the overall concept of key escrow plays into their hands.
            This is not to say that the work of Blaze and others is
            misguided....in fact, it's very fine work. But a general
            focus on the _details_ of Skipjack does nothing to allay my
            concerns about the _principle_ of government-mandated crypto.
            
            If it were "house key escrow" and there were missing details
            about the number of teeth allowed on the keys, would be then
            all breathe a sigh of relief if the details of the teeth were
            clarified? Of course not. Me, I will never use a key escrow
            system, even if a blue ribbon panel of hackers and
            Cypherpunks studies the design and declares it to be
            cryptographically sound.
   9.18.9. Concern about Clipper
           - allows past communications to be read
           + authorities could--maybe--read a lot of stuff, even
              illegally, then use this for other investigations (the old
              "we had an anonymous tip" ploy)
             - "The problem with Clipper is that it provides police
                agencies with dramatically enhanced target acquistion.
                There is nothing to prevent NSA, ATF, FBI (or the Special
                Projects division of the Justice Department) from
                reviewing all internet traffic, as long as they are
                willing to forsake using it in a criminal prosecution."
                [dgard@netcom.com, alt.privacy.clipper, 1994-07-05]
  9.18.10. Some wags have suggested that the new escrow agencies be
            chosen from groups like Amnesty International and the ACLU.
            Most of us are opposed to the "very idea" of key escrow
            (think of being told to escrow family photos, diaries, or
            house keys) and hence even these kinds of skeptical groups
            are unacceptable as escrow agents.
 

Next Page: 9.19 Loose Ends
Previous Page: 9.17 Legal Issues with Escrowed Encryption and Clipper

By Tim May, see README

HTML by Jonathan Rochkind