San Jose Mercury News, Front Page June 2, 1994 SCIENTIST FINDS FLAW IN CODE TECHNOLOGY New York Times A computer scientist at AT&T Bell Laboratories has discovered a basic flaw in the technology that the Clinton administration has been promoting to allow law-enforcement officials to eavesdrop on electronically scrambled telephone and computer conversations. Someone with sufficient computer skills can defeat the government's technology by using it to encode messages so that not event the government can crack them, according to the Bell Labs researcher, Matthew Blaze. For more than a year, the Clinton administration has been advocating the encoding technology as the best way to ensure the privacy of telephone and computer conversations while retaining the traditional right of law- enforcement officials to use court-authorized wiretaps to eavesdrop on the conversations of suspected criminals or terrorists. The technology, based on what is known as the Clipper chip, has been widely criticized by communications executives and privacy-rights advocates, who fear its Big Brother potential. The industry also fears foreign customers might shun equipment if Washington keeps a set of electronic keys. But now, Blaze, as a result of his independent testing of Clipper, is putting forth perhaps the most compelling criticism yet: The technology simply does not work as advertised. Blaze spelled out his findings in a draft report that has been quietly circulated among computer researchers and federal agencies in recent weeks. "The government is fighting an uphill battle," said Martin Hellman, a Stanford University computer scientist who has read Blaze's paper and is an expert in data encryption, as the field is known. "People who want to work around Clipper will be able to do it." But the National Security Agency, the government's electronic spying agency, which played a lead role in developing the technology, said Wednesday that Clipper remained useful, despite the flaw uncovered by Blaze. Agency officials do not dispute the flaw's existence. "Anyone interested in circumventing law-enforcement access would most likely choose simpler alternatives," Micheal A. Smith, the agency's director of policy, said in a written statement. "More difficult and time-consuming efforts, like those discussed in the Blaze paper, are very unlikely to be employed." A necessary compromise? Since announcing the Clipper coding technology 13 months ago, White House and Justice Department officials have argued forcefully that it is a necessary information-age compromise between the constitutional right to privacy and the traditional powers of law-enforcement officials. The Clinton administration intends to use Clipper, which it is trying to promote as an industry standard, for the government's sensitive non-military communications. The federal government is the nation's largest purchaser of information technology. But industry executives have resisted adopting Clipper's electronic "backdoor," which is designed for legal wiretapping of communications, could make it subject to abuse by the government or unscrupulous civilian computer experts, who might eavesdrop without first obtaining a court order and the electronic "keys" that are to be held in escrow by two government agencies. Privacy-rights advocates have cited similar concerns. Industry executives also have worried that making Clipper a federal government standard would be a first step toward prescribing the technology for private industry or requiring that it be included in sophisticated computing and communications that are to be exported. Secret conversations Blaze said that the flaw he discovered in the Clipper design would not permit a third party to break a coded computer conversation. But it would enable two people to have a secret conversation that law-enforcement officials could not unscramble. And that could render Clipper no more useful to the government than encryption technology already on the market to which it does not hold the mathematical keys. "Nothing I've found affects the security of the Clipper system from the point of view of people who might want to break the system," Blaze said Wednesday. "This does quite the opposite, Somebody can use it to circumvent the law-enforcement surveillance mechanism." Blaze said that several simple changes to the Clipper design could correct the flaw but that they might be difficult to adopt because they would require the government to start over in the designing of Clipper. The government has already begun ordering telephones containing the Clipper chip for use by federal agencies, and it is designing another Clipper-based device, called the Tessera card, for use in personal computers. Hellman at Stanford said that the government was counting on most crooks and terrorists not to go to the trouble of modifying the Clipper design or otherwise seeking to disable it - fi they used it at all. System not subverted One computer scientist who has been a proponent of the Clipper plan and who is familiar with Blaze's paper said that the flaw would not immediately subvert the system. "I don't think this undermines the Clipper," said Dorthy Denning, a computer scientist at Georgetown University and part of a team chosen by the government to evaluate the technology. "But it's good to know what the vulnerabilities are." Clipper was designed by researchers at the National Security Agency in cooperation with computer scientists at the National Institute of Standards and Technology, a civilian agency that is responsible for setting computer standards for non-military government applications. The Clipper chip is known as an "escrowed encryption system." It is designed so that law-enforcement officials wishing to eavesdrop on Clipper-encoded communications must present a court warrant and a special number - or key - generated by a Clipper chip to two separate government agencies. Each of the agencies would hold portions of a special number, which can be used together to decode the conversation.