Date: Wed, 09 Feb 1994 17:23:28 -0500 (EST) From: denning@cs.cosc.georgetown.edu (Dorothy Denning) Subject: Re: Campaign and Petition Against Clipper CPSR has announced a petition campaign to oppose the Clipper initiative. I would like to caution people about signing the petition. The issues are extremely complex and difficult. The Clipper initiative is the result of considerable deliberation by many intelligent people who appreciate and understand the concerns that have been expressed and who worked hard to accommodate the conflicting interests. The decisions that have been made were not made lightly. I would like to respond to some of the statements that CPSR has made about Clipper in their campaign and petition letters: The Clipper proposal, developed in secret by the National Security Agency, is a technical standard that will make it easier for government agents to wiretap the emerging data highway. The standard (FIPS 185) is not a standard for the Internet or any other high speed computer network. It is for the telephone system. Quoting from FIPS 185: "Data for purposes of this standard includes voice, facsimile and computer information communicated in a telephone system. A telephone system for purposes of this standard is limited to a system which is circuit switched and operating at data rates of standard commercial modems over analog voice circuits or which uses basic-rate ISDN or a similar grade wireless service." The standard will not make it any easier to tap phones, let alone computer networks. All it will do is make it technically possible to decrypt communications that are encrypted with the standard, assuming the communications are not superencrypted with something else. Law enforcers still need to get a court order just to intercept the communications in the first place, and advances in technology have made interception itself more difficult. The standard will make it much harder for anyone to conduct illegal taps, including the government. The purpose of the standard is to provide a very strong encryption algorithm - something much stronger than DES - and to do so in a way that does not thwart law enforcement and national security objectives. Keys are escrowed so that if someone uses this technology, they cannot use it against national interests. Industry groups, professional associations and civil liberties organizations have expressed almost unanimous opposition to the plan since it was first proposed in April 1993. "The public does not like Clipper and will not accept it ..." The private sector and the public have expressed nearly unanimous opposition to Clipper. As near as I know, neither CPSR nor any other group has conducted any systematic poll of industry, professional societies, or the public. While many people have voiced opposition, there are many more organizations and people who have been silent on this issue. The ACM is in the process of conducting a study on encryption. CPSR is a member of the study group, as am I. Steve Kent is chair. Our goal is a report that will articulate the issues, not a public statement either for or against. The International Association for Cryptologic Research has not to my knowledge made any official statement about Clipper. The Administration ignored the overwhelming opposition of the general public. When the Commerce Department solicited public comments on the proposal last fall, hundreds of people opposed the plan while only a few expressed support. Hundreds of people is hardly overwhelming in a population of 250 million, especially when most of the letters were the same and came in through the net following a sample letter that was sent out. The technical standard is subject to misuse and compromise. It would provide government agents with copies of the keys that protect electronic communications. "It is a nightmare for computer security." I have been one of the reviewers of the standard. We have completed our review of the encryption algorithm, SKIPJACK, and concluded it was very strong. While we have not completed our review of the key escrow system, from what I have seen so far, I anticipate that it will provide an extremely high level of security for the escrowed keys. The underlying technology was developed in secret by the NSA, an intelligence agency responsible for electronic eavesdropping, not privacy protection. Congressional investigations in the 1970s disclosed widespread NSA abuses, including the illegal interception of millions of cables sent by American citizens. NSA is also responsible for the development of cryptographic codes to protect the nation's most sensitive classified information. They have an excellent track record in conducting this mission. I do not believe that our requirements for protecting private information are greater than those for protecting classified information. I do not know the facts of the 1970s incident that is referred to here, but it sounds like it occurred before passage of the 1978 Foreign Intelligence Surveillance Act. This act requires intelligence agencies to get a court order in order to intercept communications of American citizens. I am not aware of any recent evidence that the NSA is engaging in illegal intercepts of Americans. Computer security experts question the integrity of the technology. Clipper was developed in secret and its specifications are classified. The 5 of us who reviewed the algorithm unanimously agreed that it was very strong. We will publish a final report when we complete or full evaluation. Nothing can be concluded from a statement questioning the technology by someone who has not seen it regardless of whether that person is an expert in security. NSA overstepped its legal authority in developing the standard. A 1987 law explicitly limits the intelligence agency's power to set standards for the nation's communications network. The 1987 Computer Security Act states that NIST "shall draw on the technical advice and assistance (including work products) of the National Security Agency." There is no evidence to support law enforcement's claims that new technologies are hampering criminal investigations. CPSR recently forced the release of FBI documents that show no such problems. CPSR obtained some documents from a few FBI field offices. Those offices reported no problems. CPSR did not get reports from all field offices and did not get reports from local law enforcement agencies. I can tell you that it is a fact that new communications technologies, including encryption, have hampered criminal investigations. I personally commend law enforcement for trying to get out in front of this problem. If the plan goes forward, commercial firms that hope to develop new products will face extensive government obstacles. Cryptographers who wish to develop new privacy enhancing technologies will be discouraged. The standard is voluntary -- even for the government. Mr. Rotenberg said "We want the public to understand the full implications of this plan. Today it is only a few experts and industry groups that understand the proposal. I support this objective. Unfortunately, it is not possible for most of us to be fully informed of the national security implications of uncontrolled encryption. For very legitimate reasons, these cannot be fully discussed and debated in a public forum. It is even difficult to talk about the full implications of encryption on law enforcement. This is why it is important that the President and Vice-President be fully informed on all the issues, and for the decisions to be made at that level. The Feb. 4 decision was made following an inter-agency policy review, headed by the National Security Council, that examined these issues using considerable input from industry, CPSR, EFF, and individuals as well as from law enforcement and intelligence agencies. In the absence of understanding the national security issues, I believe we need to exercise some caution in believing that we can understand the full implications of encryption on society. As part of the Feb. 4 announcement, the Administration announced the establishment of an Interagency Working Group on Encryption and Telecommunications, chaired by the White House Office of Science and Technology Policy and National Security Council, with representatives from Commerce, Justice, State, Treasury, FBI, NSA, OMB, and the National Economic Council. The group is to work with industry and public interest groups to develop new encryption technologies and to review and refine encryption policy. The NRC's Computer Science and Telecommunications Board will also be conducting a study of encryption policy. These comments may be distributed. Dorothy Denning, Georgetown University