September 29, 1994 Talk on Clipper at MIT Notice: These are notes by Simson Garfinkel, that were made during the panel. There may be omissions and errors, since these notes were not made from a recorded transcript. The notes here should NOT be considered the verbatim comments of members of the panel or questioners. About 100 people present. Panelists: Dorothy Denning, Dept. of Computer Science, Georgetown University Robert Holleyman, Business Software Alliance Michael D. Gilmore, Supervisory Special Agent, FBI (instead of Kallstrom) Ronald Rivest, Dept. of Electrical Engineering and computer Science, MIT Moderator: Stephen Kent, Chief Scientist for Security Technology, BBN Part of the MIT Center for Technology, Policy and Industrial Development, Communications Forum. Kent: Four speakers, each one representing a different side of the debate. Each one will spend 15 minutes giving a position presentation. After we have done that, we will go to questions from panel members. After that, we will move to questions from the audience. Lineup: Denning, Holleyman, Gilmore, Rivest. Denning is currently working on policy and technical issues for encryption. She also served as a reviewer on the Government's Clipper program. Denning:: What I would like to do is talk about what I think the goals of encryption, are, and to give you my assessment of how well the clipper chip meets those goals. The first goal for cryptography is strong security, or information protection. If you are not going to provide good information protection and cryptography, you might not as well bother. That was a major goal of the clipper/capstone project. To put a good encryption algorithm in there. Steve mentioned that I was a member of the outside review panel. Steve was also on that panel. a lot of you saw our report -- we thought the algorithm was very good, we couldn't find any problems. When you get into clipper, you get not just into cryptography, but key escrow. One of the questions people have is if key escrow will be a source of weakness for the whole thing. In my assessment, again, enough safeguards are going into that key escrow system that I view the possibility of a compromise of a key or the disclosure of a key extremely remote. That doesn't mean that it is 100% sure, because nothing in this game is 100% sure, but I consider the risk to be negligible. Lots of safeguards are going into it, the same safeguards that go into protecting the country's most sensitive information, nuclear secrets. One of the things that goes in is two-person control. one of the things that goes in immediately is that the keys are split between two agents.... Even at an individual escrow agent, it takes two people to unlock the safe, and two people from separate escrow agencies to bring the keys together. I think that there will be a high level of assurance that the keys will not be abused. If afterwards the keys were not used properly, that would show up in the audit. The audit is in all steps, from when the keys are programmed into the chips to when they are used by law enforcement. Illegal intercepts will be virtually impossible. Another thing with cryptography is that it be affordable. For many of us, if we cannot download it for free over the internet, we are not going to bother with using it. Turning to clipper, clipper chips are estimated to be costing under $10 in large quantities. The price is dropping, and I think that part of the cost alone is not prohibitive. When you get into the capstone chip, used in the PCMCIA card, now card Fortessa, used to be called tessera, there the cost is higher. It is around $80, but don't quote me on that figure, because I don't remember what it was exactly. You end up with a solution with clipper and capstone that is not as cheap as nothing, and not as cheap as software, but it is not prohibitive for certain solutions, where you might want to have a PCMCIA card anyway, so you get the added security you get with the hardware approach. A lot of the weakness with cryptographic systems comes with the way they are used. software, protocols. By having part of it encased in tamper- resistant hardware provides the extra level of assurance. A third criteria is that it be user friendly and ready at hand. I do not think that most people are going to bother using cryptography unless they can just push a button and get it. You cannot look at the algorithm, you have to look at the products that incorporate it. Right now, clipper chips are in these AT&T phone products, and that is literally push-button security. You push a button and the conversation goes into an encrypted mode. When it comes down to using the chip with the Fortessa card, that depends on how well it is integrated into the application. A hardware product can be more limiting. Generally, anything in software is more easily integrated. Fourth requirement is that it be safe for organizations and individuals. I do not encrypt anything. I am afraid that, like my passwords, I will forget my keys. it is always more important for me to get access to the information than to guard against potential threats I do not have . Something that is a growing concern and has held back the spread of cryptography is that a lot of people share that concern. Organizations are worried that keys could be lost, keys could be held for ransom, they could run into the long term, any cryptography adopted by industry is going to have to have a key escrow that would allow organizations to protect their data. That doesn't mean that the government would hold the keys, but there would be some form of key escrow. How well does clipper meet that goal? An individual cannot go up to the escrow agents and say I lost my key, can you give me the key to my clipper chip? You cannot do that, and for good reason. Clipper by itself doesn't meet that object. That wouldn't rule out using it in the content of a private- sector key escrow system. A fifth objective is that it be safe for society. Wiretaps have been good for society. It would be a mistake for society to give that up. OJ Simpson - police were able to follow that car, and to see inside it, and make some intelligent decisions. If we turn our telecommunications system into something effectively the police cannot travel, they are not only going to be able to see what is going on when there is probably cause of criminal activity, but they won't be able to gain intelligence to make decisions. I am also not convinced that if we turn the telecommunications infrastructure into something that is absolutely inaccessible to law enforcement, that we would have greater privacy. First, not many people are targeted by intercept. And also, they are going to do something else. I would rather have a tap on my line than to have several bugs scattered through my home and office. Next requirement, #6, is that encryption meet national security goals. Communications intelligence throughout history has played an important role, especially in war time. Many assessments are that WW2 would have gone on for another year had it not been for our ability to crack the codes of the Germans. A lot of battles would have gone other directions. A lot of lives would have been lost. Government having the ability to get communications intelligence meets that needs. Since NSA developed it, adopted it and endorsed it, of all the options available, this one came the closest. Finally, marketability. An encryption product won't be useful unless somebody wants to buy it. The question comes up as to whether the private sector will want to buy it. Some people have objected to the fact that it is a private algorithm, it is a secret or the government holds the keys. In the international arena, there is a concern that other countries would not be interested. Let me say that there is a lot of activity taking place. The government has started an international key escrow decision. A lot of alternatives on software key escrow. A corporate key escrow that could meet the needs of corporations. If there is any time later on, I can provide you with more information. ------------------------ Robert Hollyman, president of BSA: I would like to address two things. The market factors involved in data security, and some of the public policy arguments that have been occurring in Washington and the nation as a whole, regarding export controls on software with encryption capabilities. Most of you have followed the debate over clipper chip and the interplay between clipper and software with encryption capabilities. I represent through BSA leading publishers of software for PCs. Our companies are the household companies in the US and the world. Lotus development, Microsoft, Novel, Apple computer, the leading PC publishers. They develop pioneering products. They have seen market opportunities, and as a result of their efforts, all of us are more productive in our business and education. I think that it is important to remember how rapid the evolution of the PC software has been. Lotus 1-2-3 had its first commercial release in 1983, barely more than a decade ago. It went from a small company to a world- wide provider of software and communications products. One of the flagship current products for Lotus is Lotus Notes. As 1-2-3 and other programs were initially used on freestanding personal computers, we have seen an evolution over the past couple of years to the use of networks, network technology, and to new products that enhance communication like Lotus Notes. For all of these products, the types of products that will be marketed in the future, encryption capabilities, data security, are essential to the functioning of these programs. Absent of these security features, customers will not use them, business will not trust their corporate security, and individuals will not trust the privacy of their data. Unfortunately, we are faced today with an untenable situation. Lotus Notes, and other products employing strong encryption algorithms, can be sold readily and widely every day of the week in the US. But for Lotus or any other company to market their product outside he US, they are 1) treated as falling inside a munitions capability, as through it were a weapon or a bomb or any other munitions. The same mass-market software that you or I can buy off the shelf any day of the week, if we go to sell outside the US, it falls in a munitions category. And currently, companies like Lotus are restricted in selling the products abroad, to a maximum of a 40 bit key length. In the US, DES, 56 bits is the standard used. But to ship abroad, they can only ship a 40-bit product. From a market perspective, foreign purchasers of software are no less sophisticated than American purchases, nor are foreign purchasers any less concerned with their security than American ones. Many companies have to market a crypto lite version for what they sell abroad. The PC software industry has grown enormously in the past decade. Packaged software companies from the US has 74% of the world market for PC software. But they have done that because they have innovative programs that meet consumer demand. What we are seeing now is that programs like Lotus Notes are the programs that consumers are demanding. But if US companies cannot market abroad programs that meet demands in the 1990s, we are convinced that we will lose those markets just as quickly as we have gained them in the past decade. What we are seeking is an effort by the Clinton administration, which they could do on their own without legislation, to lift the current export controls which limited the ability of these companies to sell their products abroad. Two, we are seeking legislation that would force the Clinton administration to allow these companies to sell their products abroad. Unfortunately, what we have seen the Clinton administration buy into is the clipper chip, and the extension of the clipper clip to data, as a way of controlling. Unfortunately, clipper has been widely balked by the marketplace. What we have done is work with members of congress. Key member - Maria Cantwell -- Washington state. Who has been fighting a valiant fight against export controls, and a fight against a mandated extension of clipper to data. I must say, in the years that I have worked on Capitol hill, I have never seen another freshmen member of congress work as hard to achieve a cause. There are in the back of the room a couple of handouts. One of those is a letter to representative Cantwell from Vice President Gore, that he sent to her on the eve of a debate that was anticipated in the House of Representatives on this issue. In this he made a bunch of statements. One, he clarified that clipper chip, while it is an approved standard for telephone communications, it is not so for data networks and video networks. Secondly, he pledged that in studies on the economic impact on the software industry, the two agencies in the US government with responsibility for economic security, would be involved -- Dept. of Commerce and the Economic Council. Previously, studies were done only by the NSA. It doesn't have any expertise on economic security issues. Third, the VP promised to representative Cantwell, that he would conduct a renewed effort to develop a more versatile, less expensive system, such a key-escrow system would be implementable in software, firmware, hardware, or any combination thereof, would not rely on a classified algorithm, would be voluntary, and would be exportable. With this, we feel there is a basis to work together to find an alternative to the extension and expansion of Clipper to include data. We have committed to work with the administration to find an alliterative. I must stress that every day that we wait, US companies are losing sale. We can only sell products abroad with a 40-bit key length. We believe that a 40-bit key length will not be accepted by consumers abroad. US sales will be rapidly replaced abroad. Studies have shown that there are as many as 200 foreign producers which have a strong market. Nearly half of those involve DES. US companies cannot compete in those markets. It is a fallacy to suggest that by stopping US companies from selling products abroad that we will stop the export. * leaving the country with a laptop * using the internet * using a modem. It stop the flow of technology, it will just stop the markets. Paper by Martin Hellman in back. We cannot currently meet the market demand outside the US. We feel that US companies are at risk of rapidly losing markets. That is why we have been involved with a policy effort with the Hill. That is why we have said that consumers will not accept clipper to an alternative to software- implementable security. ============= Michael D. Gilmore 4 years in the field. Now in engineering unit BS CMU, in biological and electrical engineering. What I am presenting today is law enforcement's viewpoints. The issue that comes down with law enforcement is wiretapping. I am not going to approach the debate as to whether or not wiretapping should or should not be allowed in the US. That has already been decided. But the 4th amendment does allow people to be secure in their persons, houses, and effects, and that is to be secure from unreasonable searches and seizures. The key concept is reasonable. Law enforcement has to bring out that probable cause prior to their getting the wiretap. Key concept- description - when a wiretap or order is put out, it is particular to where the search is going to be conducted, and what is being looked for - the evidence that will be found when that wiretap is put into place. Title 3 statute: Enacted in 1968, part of the omnibus crime control and safe streets act, amended in 1986 by ECPA. That amendment just included electronic communication in the wiretap statute, what is referred to as Title III. It was there to prevent unlawful wiretapping. To make it very unlikely that illegal wiretapping would exist. As you are probably aware of there are cases, very rare, where some law enforcement agencies have been involved in that activity, , and they have been brought to justice. It also allowed electronic surveillance to be conducted under very stringent guidelines. You need sufficient evidence to warrant the court order. That is the probable cause. All of the court actions are presented to a judge for a signature. You have to show that other investigative techniques have been exhausted or prove too dangerous to be conducted. This is a last resort technique, although it is very important. It is approved by senior officials within DOJ and, in my example, FBI. It is then presented to a US district court judge for signature and approval. Once that approval is granted, then there are very specific procedures for how law enforcement goes about putting that wiretap into place. One of the provisions for the law provides for cooperation by law enforcement providers. One of the reason Mr. Kallstrom could not be here today is he is on the Hill with debates on the digital telephony bill. Digital telephony points right to that issue, for the services provided by the service providers. In the application, the identity of the law enforcement officer is set forth, the probable cause, the identity of the targets, description of the communications sought, location of the communication entities .... description why the other techniques are not thought of, or are too dangerous. Time period,. And also the requirement to identify other applications that have been submitted for the subject, facility, or the occasion. One of the things that people may not be aware of, we find this when we go out and speak, one of the requirements is for law enforcement to minimize. whenever we are intercepting a communication, any communication that is not pertinent to the crime that we are looking for is minimized - not recorded, not listened to. The law agent, when a conversation starts, if that communication is not pertinent to a crime , all of the equipment is turned off. There is no recording, no listening. There is periodic sampling. The equipment is turned back on. If you are still talking to your grandmother, and you are not talking about kilos of cocaine, the equipment is turned off. That is a very important requirement which I think a lot of people in the public sector do not know exists. If the law enforcement people decide that they are not going to record, they are just going to listen --- first of all, the equipment they use makes that very difficult. and if they do that, they are in volition of the law. Law enforcement has discovered that cooperation from the providers is no longer being met, or will not longer be met, if the things continue to develop as they are. We are not seeking to expand our authority. It is often said that in God we trust, and everyone else we monitor. that is not true. 1993 - I believe total state, local and federal - was a little over 900, that was across the nation. 900 orders, applications for wiretap orders. We are not talking about a lot of surveillance going on in the telecommunications. But what we are talking about going on is that when these provisions are put in place, they list very specific cases. Violent crime, serious criminal activity, terrorist acts, drug trafficking those are the nature of the cases that are approved for wiretap. With all of that, and the specific crimes that are used to justify the wiretap, the amount of investigation gone on before hand, the limited number, although it is a small number, it is a very important technique. If you can imagine if the wiretap capability did not exist for those types of crime, the individuals doing those crimes would not be brought to justice. Not only is there money at stake, there are lives at stake in those particular crimes. Now we get to encryption. Both the digital telephony and encryption are access issues for law enforcement. It is a matter of gaining access to those communications, which we are legally entitled to get. As I said, there is a large debate as to whether that (title II) should even exist, but it does. As far as the Clipper initiative, the Clipper initiative for us, right now, it applies to the voice communications of a telephone. The only device out there is the AT&T device. It is a voice application. If we gain access to the communication through the technology and the assistance of the service providers, but we cannot understand what is on there, the wiretap becomes useless. There was an informal study done by the FBI in spring of 1994. It was found over the past couple years, there were 183 incidents, across federal, state and local, where title II laws were hampered, because of technology that exists today. That comes down to an issue of public safety. Whether you call it digital telephony, whether you call it encryption, it is a public safety issue. the question is this: do we want that public safety or not? From my experience with the FBI, it is a very important technique, it is used in limited circumstances and it is watched very closely. In the past 10 years, there were 22,000 convictions from wiretaps. Clipper is one technique that is out there. We have begun discussions with the business community to find out what other options are out there for key escrow. Key escrow seems to be a technique which provides the balance for the privacy of the escrow plus law enforcement to conduct surveillance. ======================= Ron Rivest. Associate director of Lab for Computer Science at MIT. Bachelors Yale. Doctor in CS from Stanford. At MIT since 1974. * What is gong on? The government is attempting to systematically deny Americans the ability to have conversations or records that the government cannot access. We are asked to trust the government with all of our most intimate communications. I think that access is the critical question. The adoption of a DSS which has no key management capability. DES that has a short key.. We are being asked to trust the government with our most intimate communications. Everything that we call or say is becoming electronic. You say things over cellular phones that previously might only have been said in bedrooms. everything is becoming electronic. Everything is digitized, stored, and available for access. * Isn't clipper voluntary? * A voluntary system is useless for law enforcement or national security, because the smart crooks and foreign bad guys are not going to use something that has a key escrow system in it. I find that argument hard to deal with. Why should we be dealing with a volunteer system? The proponents of the system are either insincere about wanting it to be voluntary, or unrealistic about its benefits. I think they are insincere - they don't want to see it voluntary. Given the choice, industry will go elsewhere. I think we are seeing that in the market. * Won't this help the FBI do its job? Maybe. However, isn't it shocking that the FBI has just asked for a five-year delay to respond to the FOIA request regarding justification for the wiretap bill. It has a number of FOIA requests. It has not responded within the time period required by law. the FBI has been breaking the law. Many of the people at the FBI have good intentions, but the road to hell is paved with good intentions. One needs to figure o t what the long-term, global impact is, rather than just the near term battles with some of the particular bad guys. And not everything that helps law enforcement is good for the country. One might propose that we all have dog collars with dog tags and microphones on them that can be turned on remotely. We are not that far from it, if everyone has a PDA which is remotely monitorable, we are not far from that. * What is the deal? We are asked to think about -- you get some assistance to law enforcement and national security, and the amount of assistance that will provide is a matter of debate, by giving he government the keys to all your most intimate conversations and records. *Don't you trust the government? I think that it is a traditional American principle to trust the government as little as necessary. It is good principle of military cryptography too. Recall CIA/Aldrich Ames, was a person appointed with high responsibility for maintaining secrets. Recently the IRS(??) has disciplined hundreds of people for abusing the privacy of individuals. President Nixon, Watergate, he was our highest elected official. The FBI taped Martin Luther King's conversations in a way that was political motivated. The old statement - power corrupts. The fundamental question: should American citizens have the right and ability to have communications and records that the government can not access, even when properly authorized? [ ] Yes ? or [ ] no? Everything flows from that. if you don't believe that people have the right to have truly private records, we can go down the path of clipper. If you believe that people ultimately have the right to some privacy, then we can proceed with cryptography as it is now proceeding the private sector, that are clearly motivated by the other answer to this question. *Conclusion In view of the ongoing changes in the information infrastructure, where everything is becoming digital and subject to access, the clipper wiretap proposal represents a qualitative change in the relationship between the government and the people I think that it proposes an unacceptable risk of abuse, and that these proposals should be rejected. ==== Kent- observations: I have been involved in various aspects of the debate for some time. Assembling the panel for ACM. Chairing the panel. There is an observation I came away with, which I would like to put forth to the audience: the nature of the arguments that we hear on both side have a characteristic in that they are anticipatory: If we look at this from a law enforcement perspective, I haven't seen documented significant use of cryptography for telephonic security by people who were targets of wiretaps, or by people in general. That is not to say it does not happen, but that it happens rarely. Despite what Bob said earlier, about people demanding cryptography, having been in the business of trying to sell people cryptography, I found incredible apathy on the part of the user population out there. it is not that we couldn't imagine that life would be much better if the software we had made intelligent use of technology, but it does not seem to have stopped people from selling billions and billions of copies of software that is woefully inadequate from a standpoint of cryptography. On the other hand, when we look at the arguments for encryption, if it is escrowed, the government has tried various voluntary initiatives - in which the government tries to influence the marketplace, which have been notoriously unsuccessful. It was in the 1980s when the NSA introduced what is called Type 2 cryptography - a government classified algorithm intended for use in protecting unclassified data. there was a significant effort by NSA to get companies to introduce the technology to their products. Almost no one made money on it. On a larger scale, the government has worked for a decade on what is called gossip, to convince everyone on the part of the government and commercial sector to use OSI protocols, rather than TCP/IP The marketplace clearly decided, and OSI was not the winner. When people argue about what might happen, it clearly speculative. It is not that criminals are running around using crypto. It is not as though everybody is putting off their next purchase of software until it has high-quality encryption. All of the sides are arguing about what might happen, and that gives it a characteristic flavor. That really tends to be a consistent quality. The concerns are that if these things come to pass, it is too late to pull it back. If there turn out to be hundreds of thousands of non-escrowed telephones out there, it is too late to go around and say please turn them in. And similarly, when Bob talked about the amount of money that people might lose software sales outside the US. Today we have a commanding lead. He would not like to see some Hungarian programmers produce a version of Lotus notes that has high-quality encryption in it, which massively outsells Lotus notes. Each stakeholder doesn't want to take a chance that these possible outcomes come to pass. Question from American Privacy Foundation: We have spent 18 years investigating wiretapping. We do not see putting a make-do bucket under a leaky roof. We say fix the leak. Mike Dertouzos, head of LCS, testified in Feb of 1980 on being able to control wiretapping. Currently, wiretapping is technically undetectable. He proposed making it detectable by having audit trails. Current use of Caller ID by England and this country is an application that is somewhat similar. if you were to take the readout you have on your subscriber's phone, and transfer it to the telephone exchange, you would have ability to punch on a paper tape the unerasable record of the prolonged connections that you suspect to be wiretapped. The question that I would ask Mr. Gilmore, two questions, the FBI has the right to investigate wiretap complaints. How many do you know that have come out within 1993 and 1992? How many wiretaps have they uncovered? Gilmore: Personally, I am not aware of those statistics. Q: I went to the field office and I asked how many wiretaps have you uncovered, and what percentage of your wiretapping squad is spent on investigating wiretaps. Their response was all this is privileged information May I ask you another questions? During Watergate, we all knew that the wiretapping center for the FBI was at the old post office. Did you know that? Gilmore: I wasn't on board back then. Q: But you are onboard today? Where is the wiretapping center today? Gilmore: they are in law enforcement controlled facilities. Q:; Where? Gilmore: That again is sensitive information that the FBI is not allowed to give out. ------ Q: I would like to second what Rivest said, and add Kissinger bugging the phones of people on NSC. Morten Halburn, who was subsequently not given the position that was prepared for him, and got another spot that did not require congressional approval. I am not enamored with he term "law enforcement." I do not believe that everybody in law enforcement feels what you laid out. But , as Ron Rivest pointed out, there is good reason, and it is not just Speculation. It is far from speculation that there have been persistent abuses by the government on a matter of areas. I have a specific question regarding the politics of this. We do not have the kind of influence over the government policies that I think we should have. It has been a real fight to derail the clipper chip as far as we have. I wonder if what is going on is a trade-off. We will pass you a bone on the computer stuff, in terms of the clipper chip, in terms of your consent on digital telephony. Recently there was a story in the papers about a telecommunications sweep of Haiti. And conversions of Aristide had been picked up in this sweep. I wonder to what extent that national security wiretaps, the tapes mentioned in those stories, in communication involving foreign countries, but including people in the US, to what extent do they involve Title III? Gilmore: Title III covers criminal activity. There is another statue out there, the foreign intelligence surveillance act, which covers the national security aspects of a wiretap. To what extent there were sweeps, on the criminal Title III, there are no sweeps. Every court order is signed by a judge. It is logged. There is an audit trail. All of that information is available. Wexelblat: Dr. Denning, in your opening presentation, you described what is your extreme confidence in key escrow. You said that key escrow would be a valuable component. My question in, that given that the escrow agencies have not been determined in detail .....(???) Denning: There is a paper, that I put out in IEEE that describes key escrow. This thing is like an onion. You can describe more, but there is still a lot that is not in the paper. My confidence comes from looking at it and seeing all the safeguars that go in. My confidence is not 100%, nothing is in this game. I am looking to other approaches to key escrow where the government may not be holding the keys. I see the possibility for private sector key escrow agents. Not only meet the needs to private agencies and individuals to protect their privacy needs, but the hard question is whether that would also meet the national security aims. I think that there are a lot of approaches to this that are not at the extreme of clipper. I think that Ron was looking at the extreme of clipper, where the government has the keys. Perhaps the government would have to take their warrant to the private sector. Rivest: What I said was do individuals have the right to protect their communication from access. Wexelblatt: it actually comes to that point. We have talked in this debate about privacy. Mr. Hollyman represents a group of businesses. Does your group have a position on escrow encryption. Holleyman: In a corporation, some customers are saying that they are concerned about their employees leaving and taking sensitive data that is important to the corporate well-being, and preventing others from accessing that when they leave. Some companies that are purchasing things like Notes would want something like private key escrow. Nick Papadakis: The question - Directed to Mr. Gilmore and Dr. Denning: Are you certain that the NSA is covered by the fact which you mention? It is my understanding that they are not. It covers the CIA and a large number of other entities, but my understanding is that it does not cover the NSA. Denning: There are other laws that apply to NSA that restrict what they can do. Some of them are mentioned in the ACM report. Kent: Rent the movie Sneakers. There is a very short banter between the people purporting to represent NSA which is extremely concise. Q: I wanted to pursue the issue that Rivest made. If I were to come up and say How much money did you make last year, and how many minor children do you have at home? I would expect you to say "none of you business." However, if you do not give that information to the federal government, you are committing a crime. When you travel around in the US, you can carry things with you. But if you leave the country and return, they can search everything. Q: Howard Reinhold: Dr. Rivest's position, in my opinion, is furthering the cause of the security apparatus. The status quo is that everything is open. I think that to a large extent, the interest of the security agencies is to maintain that status quo as long as possible by preventing the wide spread of cryptographic applications, they have prevented a market demand for those applications from emerging. They are pretty much lab curiosities. This ongoing debate, is it voluntary, how can they be serious, how can you be sincere about voluntary, That debate is really preventing applications from emerging which would create a demand, create a public interest in secure communications which right now is an eye-glaze over situation for the masses. In a world where all telephone communications were encrypted with the clipper technology, it would be much more difficult to detect somebody who was superencrypting, such as using PGP, .if somebody tried to ban it. Right now, if somebody is using PGP, it is very easy to detect it. I am not trying to be confrontational, but right now this debate is keeping a from market from developing. Denning: DES is old technology. the government really needs to put out \ a new standard. In putting out a new standard, they did not feel it would be responsible for them to put out a really good strong encryption algorithm that would prevent government access. They felt that in putting out a new standard they had to do that. And it makes a lot of sense to me. That is very consistent with the voluntary nature of the whole program. The cryptographic scene in Europe is very interesting. What they are doing is going to GSM - global system for mobile. What it does is protect all over- the-air communications. They end up with a system that is very secure, but it is overall ---- it is basically link encryption. The government can get access through the switches. Jeff Schiller: I am the IETF area director for security. Professor Denning, I appreciate your position, and appreciate the position that the government has in not wanting to offer a crypto standard, but what that does is tell me that the government has no business offering encryption standards. I can imagine a previous world where we had horses that go from point-to-point. and along comes the automobile. and the government would say that with the automobile, people could rob a bank, and be in the next state in hours. and they would say that police should have automobiles, but everybody else should have horse and buggies. We are in a changing world. Gilmore: Living in the real world, my answer is no, because I realize a balance has to be struck. Kent: How many people here believe in absolute privacy? How many people here have cordless telephones? Last question: I agree that the government needs a way to keep the bad guys down. It seems to me that the Bill of Rights, ... when I went to law school, the people who wrote these things down had gone through a totalitarian government and were afraid of it. His comment about coming into the US, yes, they can go through your briefcase. But they cannot do it without a warrant as you go down the street. and they cannot kick the door off your home. In Chicago, because there was crime in the Chicago housing, they could do what the British did to ensure the collection of taxes. The OJ Simpson trial proves that there are abuses. While many of us grew up thinking that the FBI could be supported completely, it seems to me that this is just a fishing trip for them. I started off practicing tax law. and the IRS commissioner said that they didn't want compliance to drop below 90%. They didn't want Americans to feel the way that the Europeans do, that the government and the IRS is their enemy. Do you want it so that people can pick up the phone and call the FBI and say, by the way, I noticed this. You might want to look into it. Do you really think that your wiretaps are more effective than a couple hundred million people who are on your side? Denning - By the way, as I understand it, some of the informants are using these clipper devices to speak with the FBI.