LAN Magazine volume 9, number 8 August 1994 Is it 1984? by Ted Bunker The security of data over networks has risen to debate in Congress. Does the clipper chip ensure security or violate citizens' rights? FBI Director Louis Freeh is worried. The bad guys are beginning to see the light, and it is digital. Freeh fears some pretty nasty folks have discovered they can commit highway robbery and more, without even leaving home. Worse, to Freeh and other top cops, by using some pretty basic technologies, savvy criminals can do their crimes without worrying about doing time. Some crooks, spies, drug traffickers, terrorists and frauds already use the tools of the information age to outfox law enforcement officers. Hackers use PBXs to hide their tracks as they rip off phone companies and poke around in other people's files. Reprogrammed cellular phones give cops fits. Even simpler technologies can ruin an FBI agent's day. For instance, last year routine telephone services such as call forwarding thwarted investigators trying to tap lines 29 times. To Freeh and other law enforcement officials, things are bound to get worse. As digital telecommunications technologies and powerful, portable computers spread, they threaten to undermine the investigative tools of electronic surveillance that the FBI says have helped put tens of thousands of criminals behind bars in the past 25 years and saved billions of dollars and thousands of lives, No one disputes this assessment. But many Americans consider the Clinton administration's proposed solutions to be worse than the problems Freeh and other law enforcement officials confront. Embodied by the much-maligned Clipper chip key escrow encryption system and the FBI's Digital Telephony proposal, the solutions put forward by the Clinton Administration have raised a rare mix of opponents: Civil libertarians, conservatives, and technology gurus have all lined up against the government's plans. Some vehemently oppose these plans as serious threats to individual rights. Others say they could prove ruinous to a leading U.S. industry at a time when the worldwide market for telecommunications and computers is growing at an explosive rate. Underlying all the objections is one common thread. Do you trust your government? "Basically, the issue is, 'Do you trust your government?'" observed David Farber, a telecommunications professional at the University of Pennsylvania in Philadelphia. Farber, testifying before a House subcommittee on the issue last May, said one of his 23-year-old students replied that to him and others of his generation, the phrase "trust government" is meaningless. Lack of trust in government is understandable. After all, those who are old enough can remember Communist witch hunts in the 1940s and 1950s, the Army's pursuit of anti-Vietnam War activists in the 1960s, and of course, watergate and the downfall of President Nixon. All were, to some measure, abuses of the public trust. Add to that historical conditioning the potent mix of technologies involved in digital communications systems and cryptography, and its not hard to open up deep-seated veins of skepticism and mistrust. In the words of Rep. Dan Glickman, D-KS, today's digital systems are "scarier" when it comes to wiretapping and other surveillance capabilities, "because it's kind of inherently in the machinery itself." Gone are the people -- the linemen, the switchboard operators, the central office switch personnel -- who might exercise their judgement and question a request to tap a line or record the numbers someone dials. Today's chips and switching systems can be programmed to do it all automatically. "If they had the right software package," Freeh told one joint House- Senate subcommittee hearing last March, phone company staff "could be home sleeping at night and we could have the access we need." With the right software and hardware combinations and just a few keystrokes, the government could listen in on just about anyone. In the digital age, even a computer could do the listening, alerting a law-enforcement agent only when certain key words or numbers are uttered. That's exactly what worries civil libertarians such as Jerry Berman, executive director of the Electronic Frontier Foundation and a spokesman for the public-policy interest group Digital Privacy and Security Working Group, both based in Washington, D.C. "In short, the [Digital Telephony] bill lays the groundwork for turning the National Information Infrastructure into a nationwide surveillance system, to be used by law enforcement with few technical or legal safeguards," Berman told the House subcommittee in May. "Although the FBI suggests that the bill is primarily designed to maintain the status quo wiretap capability in the face of technological changes, in fact, it seeks vast new surveillance and monitoring tools." Strong language, to be sure. But then, the FBI's Digital Telephony proposal is such strong medicine that some people think it could poison a critical industry and seriously retard the development of the national information infrastructure. Similar criticisms have been leveled against the Clipper chip plan. "If we are to maintain our leading position in the information marketplace, we must give our full support to the development of open international security standards that protect the interests of all parties fairly," said Whitfield Diffie, one of the inventors of the public-key encryption concept and now a distinguished engineer with Sun Microsystems (Mountain View, CA). "A standard based on a secret American technology and designed to give American intelligence access to the communications it protects seems an unlikely candidate for widespread acceptance." How did we get here? The first formal attempts to address the challenges posed by digital communications systems began during the Bush Administration. Meetings between Justice department and telephone company officials started in 1990 and continued into early 1992, when a formal industry group, the Alliance for Telecommunications Industry Solutions (Washington, D.C.), set up its Electronics Communications Service Providers committee. But the group holds no authority over the estimated 2,000 providers of telecommunications services operating in the country. And in any case, in the view of the FBI, it came up with no workable solutions to the problems posed by new technology. So, in 1992, the FBI made its first attempt to push through legislation, meeting with a withering assault by civil libertarians and industry figures who said it overreaching, intrusive, and without adequate justification. A few months after President Clinton took office, he ordered a National Security Council (NSC) review of the problem. Eight months later, the NSC panel offered several policy options. "As a result of their review of the options, it was unanimously decided that comprehensive legislation was the only effective way to deal with the digital telephony problem," Freeh testified at the March House-Senate hearing. The resulting proposal, he added, neither enlarges nor reduces current authority for government access to communications content or call setup information, such as numbers dialed or the locations of phones. In his written testimony, Freeh went on to sum up the proposal's main elements: It would require common carriers to supply the capability and necessary capacity to enable government to conduct lawfully authorized electronic surveillance. Phone companies would have to provide assistance for all wiretap, trace, and "pen register" dialing records "expeditiously and simultaneously," Freeh wrote. (Law-enforcement officials can obtain a warrant to place a pen register on a phone line to record what numbers were dialed and from where they were dialed.) Phone companies would also have to comply regardless of system features used or the mobility of the target. Phone companies would also be required to give authorities access in unobtrusive ways, and be able to supply the content and other information to remote locations. Failure to comply could result in fines of up to $10,000 per day. "The essence of the legislation is to clarify and more fully define the nature and extent of the service provider's 'assistance' requirement that was enacted by Congress in 1970, which Congress imposed so that court orders would not be frustrated due to a provider's failure to furnish needed technological assistance and facilities," explained James Kallstrom, special agent in charge of the FBI's Special Operations division in its New York field office. Kallstrom, like Freeh and others before him at other hearings, stressed that failure to adopt the measures sought by the FBI could expose the nation to the predations of sophisticated criminals. Rather than pitting government against the First and Fourth Amendment rights of law-abiding Americans, Kallstrom told a congressional committee, "I see this as a balance of power between the government and the criminals." The cost of compliance Critics remain unconvinced, however, and not just on civil liberties grounds. While he said the proposal is "overly broad," Ron Neel, president of the United States Telephone Association (Washington, D.C.), added, it "does not cover all of the technologies and systems that should be covered by any rules that are put in place." The USTA is a lobbying group representing about 1,100 local telephone companies. Ultimately, Neel told congressional inquisitors, the FBI bill could prompt greater use of such advanced telecommunications systems as special mobile radio and personal communications services, which aren't considered common carriers. "It makes unreasonable and perhaps impossible demands on those it does not cover," Neel continued, adding: "It is unnecessarily punitive, and it is economically unfair and impractical." To assure access at any given time, all telephone companies will have to post someone to a law-enforcement liaison role at all times, or risk a $10,000 a day fine or being shut down entirely, Neel says. The cost of this and other aspects of the FBI's plan could be staggering. Just to make sure wiretaps could be placed on calls that are automatically forwarded to another number could cost $1.8 billion, Neel says. Others estimate compliance will cost several billion dollars each year, a cost that Neel says would undoubtedly be passed on to consumers. While the proposal calls for agencies to compensate phone companies for their costs, he notes that collection can be time-consuming, and that, in any case, it is left to the government to decide how much to pay. FBI and other administration officials remain unfazed by such cost-conscious criticisms. "Today will be the cheapest day on which Congress could fix this thing," Kallstrom said. "Two years from now, it will be geometrically more expensive." Freeh contends that the government isn't trying to dictate technical standards or tell industry what technology to use or to avoid. But, because of the vagueness of the requirements, Neel and others say the the proposed law will stifle development of new technology. "This legislation would make the Attorney General the arbiter of whatever technologies and equipment can be deployed in the public telecommunications network," Neel said. "Our nation cannot be held hostage to inexpert analysis of telecommunications technology as we move into the information age," he asserted, adding that the FBI proposal "creates an enormous speed bump in the information superhighway." Others outside the industry agree with Neel's assessment. "The Digital Telephony proposal presents a major drag," said Farber, the Penn professor. "Whenever a new feature is being considered for implementation and marketing, one very important issue will be how much it will cost to implement it." Farber says compliance could easily cost the industry more than #3 billion a year, and adds the modifications it could require might disrupt the nation's communications networks. Ultimately, he says the Digital Telephony and Clipper plans could diminish American competitiveness in developing markets, such as Eastern Europe or Southeast Asia. That is a frightening prospect to some in the industry, and for good reason. Global telecommunications demand is growing fast, and combined with the computer and entertainment industries, it is expected to reach $3.5 trillion by the end of the decade, according to the International Telecommunications Union. The ITU expects the computer, communications, and entertainment industries to have merged completely by then. "Telecommunications is becoming the world's biggest economic sector, growing faster than anything else, being the real engine for growth in almost all economies," said Pekka Tarjanne, the ITU's secretary-general, at an ITU trade fair in Cairo earlier this year. "The overall growth rate of the sector is continuing to accelerate in spite of worldwide recession." To prevent erosion of America's leading position as a telecommunications equipment and service provider to the world, Neel said, "It is extremely important that the public maintain confidence in the privacy of the telephone system." Freeh may not want certain types of information, Neel said, but it's "extremely difficult to ferret out the kind of information he doesn't want." And in so doing, Neel concluded, "It forces the phone company to become an agent of law enforcement." Freeh counters by stressing that the FBI wants only to preserve its present authority. "Law enforcement is not seeking to build 'back doors' to sneak into common carrier's systems," Freeh said. "The proposed legislation is not some dreaded Orwellian prophecy come true." Besides, Freeh asserted, telecommunications industry officials "have bluntly told law enforcement that the existing telecommunications systems and networks will thwart court-authorized intercepts." Freeh said in recent years several hundred authorized surveillance efforts have failed partly or entirely because of "technological impediments." He said last year alone, 91 intercepts ran into technological problems, most involving either cellular telephones or call-forwarding features. But Congress remains unconvinced. "We are inching closer and closer to 1984, aren't we?" observed Sen. William S. Cohen, R-ME, during one of the several congressional hearings. He blamed "increasingly intrusive technology" for this trend. Yet, he recognized the FBI's need to guard against criminal activity and terrorist attack. There is a "constant tension" between the need for privacy and the need for protection, he added. "We do have some very serious privacy concerns," said Sen. Patrick Leahy, D-VT, the chairman of the Judiciary committee's technology subcommittee. "That's one of the underlying questions in this whole thing." It's a matter of privacy Concerns about privacy and the potential for abuse are not without foundation, as even some lawmakers can attest. Rep. Don Edwards, D-CA, chairman of the civil rights subcommittee of the House Judiciary committee, recalled that in his short service as an FBI agent in the days before legal authority for wiretaps existed, the agency used the technology anyway. Today, this kind of abuse is frightening indeed. Freeh's proposal, Berman said, "will tell you what movies you may be watching, what newspapers you're reading, what doctor you're seeing... This is NCIC squared." NCIC is a national computerized criminal records system operated by the Justice department. "I don't want anybody to go nose around in all that, anymore than I'd want somebody to open my mail," Leahy said. But Freeh claimed that such transactional information is not covered by the proposal, and is adequately protected under existing laws. Besides those with concerns about preserving civil liberties, some members of Congress worry that the FBI proposal and the Clipper chip plan would put government in a position to shape a huge and rapidly evolving sector of the nation's economy. Plenty of lawmakers share Leahy's appreciation of just how technologically backward the government can be, especially when it comes to computers and communications systems. So when Freeh stood in front of lawmakers in a Senate hearing room last march to say that Americans "want to have a cop" on the digital information highway, he was met with considerable skepticism. "I am not prepared to support a government veto on technology advances," Leahy told Freeh. "I'm frustrated by that idea." He added, "If we do that, then you'll find people going to Sweden and Germany to buy their phone systems, because we'll fall behind." Noting the government's "outrageous" track record when it comes to deploying telecommunications and computer technology, Leahy said if the Justice Department had to sign off on any telecommunications advances before they could be deployed, "We'd still be back in rotary telephones." He has a point. After all, the White House employed telephone operators on an old-fashioned switchboard system until last year. And during the Persian Gulf War, off-the-shelf cellular telephone systems turned out to work better than expensive military communications gear. Science and Art But when it comes to cryptography, the mathematical science of encoding and decoding, U.S. government employees are among the best in the world. And many of them work for the Pentagon's National Security Agency, or NSA, an electronic cloak-and-dagger operation charged with collecting "signals intelligence" against foreign targets. NSA is also charged with maintaining computer systems security for the U.S. government, which is why it designed the key escrow encryption system of which the Clipper and lesser-known Capstone chips are part. Unofficially, NSA is thought to have prompted the Clipper plan in order to head off the commercial success of strong encoding technologies developed outside the government. That view fits with NSA's historic role in making available the current widely used encoding system called Data Encryption Standard, or DES. Under Adm. Bobby Ray Inman, NSA made DES available for use within the United States in the 1970's. Earlier this year, the Clinton administration announced it would implement the Clipper chip system as a "voluntary" standard suitable for all non-classified government communications. The action makes it possible for all government agencies to require the use of Clipper-enabled communications devices for any sensitive work, either by staff or outside contractors. With the government's tremendous buying power, the White House's action could crowd out competing cryptographic technologies, making Clipper the de facto standard. And some outside the government ask why is that necessary. To date, law-enforcement officials have not been "significantly frustrated by voice encryption," according to Assistant Attorney General Jo Ann Harris, chief of the Justice department's criminal division. In pursuing the Clipper plan, she told Sen. Leahy in May, "We are trying to anticipate, to get ahead of the curve." Clipper refers to a chip that encodes communications as they pass through it. It is designed to be embedded in telephones, fax machines, and modems. While Clipper systems make calls indecipherable to anyone eavesdropping, the Clipper chip has a "trap door" that the government can open, giving investigators access to decrypted or "clear" calls. The key to this door, unique to each chip, would be split into two pieces and held separately in "escrow" by Treasury and Commerce department officials. To many people outside government, Clipper's accessibility, however closely guarded, opens the door to abuse. Earlier this year, some 45,000 people signed an electronic petition against Clipper circulated over the Internet. One oft-cited poll in March found 80 percent of those asked objected to the Clipper plan. Still, the White House, led by Vice President Al Gore, plows ahead with Clipper. "There is an inherent balancing test which has to be applied," Gore told a group of reporters in a private meeting in late February. "The law enforcement and national security interests are of the first order of magnitude and extremely important." He asserted that Clipper strikes the right balance between national security interests and the privacy rights of the individuals and firms. "We have no intention of supporting some system that will create a de facto ease of entry into the information superhighway for law-enforcement officials without proper legal proceedings," Gore said. Critics fear that's just what Clipper ultimately will allow. "Many worry that such an escrow system could be vulnerable to misuse by a future administration or overzealous law-enforcement organizations," Farber told the House subcommittee. "The position of the administration worries many in the technical community, since they feel it is but the first step to the banning of any form of encryption except that approved and escrowed by the government." "The Clinton administration says 'not on our watch,' and I believe them," Farber added. "However, our grandchildren will not have them on watch when they grow up. So we need a lasting and effective solution to this problem, not a quick fix that is technologically unsound and unwise as a matter of public policy." Clipper's defenders say it is the fairest, most effective way to ensure the preservation of the law-enforcement agency's current authority, while at the same time providing society with a very strong method of protecting communications. For instance, Clipper is 16 million times harder to break using a "brute force" approach than DES. From Adm Michael McConnell, the director of NSA, to FBI agents such as Kallstrom, Clipper supporters claim much of the opposition to the plan stems from misinformation. Opponents say one reason for that is that much of the Clipper system remains shrouded in secrecy, including the algorithm, known as Skipjack, used to encrypt communications as they pass through the Clipper chips. Dorothy Denning, a cryptographer who heads Georgetown University's computer science department, was among a handful of outsiders allowed to examine the classified Skipjack algorithm. After trying to break it, she and others determined that "there was no significant risk that Skipjack could be broken by any short-cut method of attack." Moreover, she testified, it would be 36 years before a brute force approach -- trying every possible combination of keys -- would be economically feasible. But the details of how the escrow bureaucracy would work and how authorized agents would obtain and use the keys, then destroy them, have yet to be worked out. At one point, the Justice department's Harris said she believed the Clipper keys, once issued, would "self-destruct after a certain period of time." Opponents remain unconvinced. Some, like University of Pennsylvania's Farber, suggest placing the keys under the control of nonexecutive branch agencies, or even in the custody of some private-sector organization. Clipper is a non-starter as long as the government controls the keys, say executives in banking, computer services, and other industries. Comments by Les Alberthal, chairman and chief executive of General Motors' EDS (Dallas) unit, reflect the discomfort felt by many business people when they consider Clipper and its implications. "I can understand what the government is trying to do," Alberthal says. "I shudder a little bit at the potential of that sort of eavesdropping on normal business and normal people's lives. "We criticized Russia for years for doing that, and yet we're turning around and trying to do the same thing. Somehow or other, we're going to have to figure out some process, whereby the illegal kind of activities, the courts can get at to deal with," Alberthal notes, adding: "But I do not believe a blanket ability to enter into, watch, monitor, or pull information out of normal processes or business cycles is really going to work." An American disadvantage While the U.S. government meddles with the market for encryption, causing major purchasers to delay acquisitions, it gives foreign competitive advantages over its suppliers, in the view of Martin Hellman, a Stanford University electrical engineering professor who studied the issue for the Business Software Alliance (Washington, D.C.). Government meddling risks slowing the development of America's information structure, he adds, pointing out that it may also lead to the creation of incompatible infrastructures in other parts of the world, where encryption technology is not restricted. Hellman and others say that for any network to gain widespread acceptance as a medium for commerce, it must be trusted to deliver communications with absolute privacy and integrity. "Just as people do not use post cards for most of their mail, prudent users will refuse to trust most information to an insecure NII," Hellman writes in a study of the issue. Absent that level of security, the American information superhighway could become a monumental white elephant. "Local area networks are, in reality, spy networks in which each node watches all the information flowing over the shared cable and picks out only those messages with its address. It would take only a minor modification to create phantom nodes that watch all information flowing over the cable and pick out only those intended for someone else on the network," Hellman writes. "Because such phantom nodes look like normal nodes, it would be hard to detect their existence." E-mail messages, for instance, often pass through "supernodes" en route to their final destination, and thus could easily be picked off and copied or altered along the way, hellman notes. He says the NSA, aware of the potential problems this could cause, "prohibits its own confidential information from being sent over the Internet. Instead, the agency uses its own secure e-mail network and is extremely careful to prevent any connection between the two." Additionally, Hellman observes that America's allies -- as well as its old opponents -- continue to pry into the affairs of U.S. businesses, particularly those with proprietary technology. Government officials in the U.S. and Canada have testified recently concerning the activities of French, Japanese, Chinese, and Russian services spying on U.S. corporations. So those that operate without the benefit of data encryption and other security measures are at risk. Reluctant acceptance Data security and integrity is a vital issue to many people in business. One survey, conducted among Fortune 500 companies by Forest & Sullivan last year, found 92 percent of the 151 respondents felt information security was important. Data encryption was counted as an important tool to that end by 46 percent. Datapro, a McGraw Hill research unit based in Delran, NJ, found that 29 percent of the 1,153 respondents in a 1992 survey used end-to-end encryption systems to guard their communications. Yet for all that interest, AT&T, the only maker of Clipper telephone systems, counts the FBI as its biggest customer. Earlier this year, the agency ordered 9,000 of the Clipper units, which retail at a cost of $1,090 each. Stephen Walker, founder and president of Trusted Information Systems (Glenwood, MD), a long-time NSA cryptographer, argues that the Clipper plan is hopelessly flawed from an economic standpoint. Citing market estimates that there are 250,000 voice encryption systems in use today, Walker told a Senate hearing that the $14 million Clipper setup costs and its $16 million annual budget would mean that the cost of intercepting Clipper encrypted calls could run as high as $6.4 million each, given that only an estimated 2.5 Clipper-encoded calls would be intercepted each year. He derived those numbers based on the estimated 500 million phones in use in the United States, the number of wiretaps likely in a year (5,000), and the statistical likelihood that a target line would be encrypted, assuming that all encryption would be with Clipper systems. Besides those impractical economics, Walker points out that by doubling up DES encryption -- running a communication through two different devices -- someone who wants to frustrate a wiretap could have a code that is stronger than Clipper, and for which there would be no escrowed key. Besides, he and others note, there are literally hundreds of other encryption systems available today, including many that use DES and some that use "public key" methods that make encoded electronic mail unbreakable. Based on his analysis, Walker added, "I'm convinced that five years from now they'll say 'This isn't working,' so we'll have to change the rules." Then, he predicted, Clipper will be made mandatory for all encoded communications. One way in which Clipper could be made acceptable, Walker says, is to make the judiciary system act as the escrow agent. That way it would at least be independent of the executive branch, and would reinforce the traditional American method of balancing governmental power among its different branches. But Diffie, the Sun engineer, contended that any escrowed system is hopelessly flawed when it comes to communications encryption security. Good security practice in communications, he observed, means keeping the decoded keys around far as short a time as necessary, then destroying them. Today, secure phones use keys that exist only for as long as a single encrypted call lasts, and once destroyed can never be recreated. "A key escrow proposal surrenders this advantage," he said, "by creating a new set of escrowed keys that are stored indefinitely and can always be used to read earlier traffic." Stored data that is encrypted is useless without a key, Diffie noted. For that reason, the user has to keep a copy of the key somewhere, and that makes it obtainable by traditional methods like those that are used to retrieve paper records today. Finally, Diffie noted, "The reason there is so much disagreement is that there is so little evidence of a problem." No one has claimed, after all, that the bad guys are using voice encryption technology today. Even master spy Aldrich Ames, the renegade CIA officer turned Soviet mole, used clear lines to plot his misdeeds. With the rapid advances in computing and communications technologies, Diffie asserted, "If allowing or even encouraging wide dissemination of high-grade cryptography proves to be a mistake, it is likely to be a correctable mistake." "If, on the other hand, we set the precedent of building government surveillance capabilities into our security equipment, we risk entrenching a bureaucracy that will not easily surrender that power this gives." -------------------------------------------------------------------- Ted Bunker is a freelance journalist who covers technology policy issues. He is based in Washington, D.C. and can be reached at tbunker@aol.com.