MacNeil-Lehrer - Clipper Segment - Thurs 07APR94 OPEN SESAME MacN: Next tonight, law enforcement vs privacy on the information highway. A tiny piece of silicon, the clipper chip, has raised questions about how to balance individual privacy rights with the needs of law enforcement agencies in the computer age. Time Magazine technology editor, Philip Elmer-Dewitt, reports. PE-D: Today's high tech information highway has a major drawback. For some people it's not private enough. Many of the routine transactions conducted by computer and over phone lines leave a trail of digital fingerprints, messages recording the time and date and nature of the transaction. These are stored on computer disks and can be easily traced. Some consumers simply need absolute security, the assurance that confidential phone calls, faxes, or financial transactions cannot be intercepted. [Two AT&T employees using an AT&T Secure Phone] [Woman] "Good morning, AT&T." [Man] "Good morning, Miss Bishop, this is Mr. McGovern." PE-D: "To keep transactions private, computer experts advise people to talk in code, as these representatives from AT&T demonstrate." [Man] "I'd like to go secure, if we could, please. I'll come to you." PE-D: "They're scrambling their telephone call, just like spies do." [LCD screen on man's set displays, 'secure dE05'] [Man] "Would you please give me the first two numbers, and I will give you the second two." [Woman] "OK, the first two numbers are 'dE'." [Man] "Fine, we're secure now. And now I'd like to discuss some company information with you." [Nerd at keyboard, clicking check box labeled 'DES Encrypt' on screen labeled 'DSS Options Menu']: "OK. I can choose this option to do both signature and encryption." PE-D: "Cryptography is the science of making and breaking codes, of turning plain text into coded text, or cipher. Nerd: "OK. This is our old 1040 form." PE-D: "Like taking this 1040 tax form and changing it into unreadable ciphertext." Nerd: "This is your actual encrypted text of the 1040 form." [Ciphertext scrolls up screen.] Marc Rotenberg [of CPSR] 'Computer Privacy Advocate': "Cryptography is the way you make communication networks secure. It's the way you protect privacy. It's the way you make it possible for banks to send financial information, for businesses to send trade secrets, for individuals to send personal records, medical records, financial data. All of this happens because cryptography is the basic technology of privacy." PE-D: "All modern encryption systems are variations on the secret codes school children use to jumble words. The simplest kind of code is a straight forward letter for letter substitution, for example where A stands for D, B stands for E, C stands for F, and so forth down the alphabet." [WFW screen showing the simple ROT3 substitution cipher mentioned.] "These simple codes have evolved into mathematical formulas of such extraordinary complexity that they're virtually unbreakable. [Scene of a hand pushing a card into a Datakey reader.] In the past few years, a new generation of very powerful encryption tools have entered the marketplace. They are easy to use and easy to get by just about anybody. And they are a matter of concern to law enforcement and national security experts who rely on information gathered from wire taps to do their jobs. [Scene of technician wiring a phone board.] Geoffrey Greiveldinger is Special Counsel for the Justice Department." GG: "There has become available, and there has certainly become available in larger numbers and greater variety, very effective, very user friendly, very high voice quality encryption. And suddenly the prospect of encryption being used regularly in the private sector is one that law enforcement recognizes that it's going to have to grapple with. That really is what brought us up short." PE-D: "Lynn McNulty is with the National Institute of Standards and Technology." LMcN: "Encryption is a double-edged sword. It can be used to protect law abiding citizens and it can also be used to shield criminal activities and also activities that can affect the security of this country." [Aerial shot of Ft. Meade on a workday --- acres and acres of employees' cars.] PE-D: "Secret codes and national security are the bailiwick of the NSA, the top secret branch of government that sucks up international communications traffic like a giant vacuum cleaner in the sky, using the most powerful decryption technology available to tease out its secrets." [Shots of NSA sign and main building entrance.] [Interior shot of NSA museum, with Enigma Machine and Cray in background.] "Cryptographers used to use mechanical devices like this World War II era Enigma Machine, to make and break secret codes. Now they use supercomputers, like this Cray XMP. A cipher from one of these [Enigma] machines could be broken in a matter of minutes. Supercomputers can design secret codes so complex that it would take another supercomputer centuries to crack it. And that's a problem for the National Security Agency which gathers foreign intelligence for the US and runs this cryptologic museum in Ft. Meade, Maryland. The NSA has never met a secret code it couldn't crack. And it wants to keep it that way." [Hand holding Clipper Chip.] "So the NSA developed a new code called 'Skipjack' and put it in this silicon chip, smaller than a fingernail. This is the Clipper Chip, the focus of a fierce technological policy debate among privacy advocates, law enforcement, and the business community. The Clipper Chip [graphic of chip labeled 'MYK78A'] combines a powerful encryption scheme with a back door [skeleton keyhole appears on Clipper graphic], a master key that unlocks the code [Yale key slides into skeleton keyhole] and lets authorized law enforcement agents intercept --- and understand --- coded messages. The NSA wants the National Institute of Standards & Technology and all other government agencies to use Clipper, and only Clipper, when they want to be sure that their phone calls, faxes, and electronic mail can't be intercepted. To encourage its use in business, the US guarantees that the Clipper code is uncrackable and that the master keys that can unlock it are safely stored away. In a plan devised by the NSA and approved by the White House, that master key will be split into two pieces, one held in safe keeping at the Commerce Department, the other at Treasury [the Yale key splits in two on either side of the Clipper Chip]. Law enforcement agencies will need a court order before they can get access to the keys. Unauthorized use of Clipper keys will be a felony, punishable by up to 5 years in jail. LMcN: "There will be no vulnerability there that can be exploited by, say, a rogue law enforcement agency or by a hostile outsider, to compromise the keys that will be ... that will allow authorized people to unlock the key escrow encryption cryptography." PE-D: "But privacy advocates aren't so sure. Like Marc Rotenberg of Computer Scientists [sic] for Social Responsibility, they see Clipper as an attempt by the NSA to block people from using cryptography to keep their affairs to themselves. They're asking people to register their objections by computer." [Screen displaying graph with sharply increasing number of responses (c.38k).] MR: "Here we have on the screen a letter to the President. And we ask them to simply send a message with the words 'I oppose Clipper.'" "Basically, it's a proposal for surveillance. It's a way to make it easier to wiretap the network. And the reason it's such a bad idea is what we need right now is privacy protection. We need more secure networks, not more vulnerable networks." PE-D: "On these networks, people are logging on to argue the pros and cons of the Clipper proposal. David Banisar, one of Rotenberg's colleagues, has been tracking that debate. DB, 'Computer Privacy Advocate': "On the Internet, which is the international network of computers, there's been an incredible amount of discussion. There's been thousands of messages posted, hundreds per day. And it goes on almost forever. [Screen showing message list of alt.privacy.clipper.] The public is going to reject this because, basically, we want a national information infrastructure where people can communicate. We don't want a national surveillance infrastructure, where the main purpose is for the government to be able to control and watch over what we're doing all the time." PE-D: "It may sound like spies vs nerds. But at the heart of the Clipper debate is a fundamental question of Constitutional rights. One side thinks that people have a basic right to use the most powerful encryption tools they can get their hands on to keep their affairs private. The other thinks that that right must be superseded by the legitimate needs of law enforcement. There are cryptographers on both sides of the debate." Dorothy Denning, Georgetown University: "I think it would be folly to let the capability to do electronic surveillance be completely overridden by technology, so that we couldn't do that. I think it's a much safer bet to put it into the system so that we can do it, to make sure that we have good procedural checks and laws and so on to govern the use of that so it's checked. And if it's misused, to make sure that it's properly dealt with." Whitfield Diffie, Sun Microsystems: "If you say to people that they, as a matter of fact, can't protect their conversations, and in particular their political conversations, I think you take a long step toward making a transition from a free society to a totalitarian society." PE-D: "Meanwhile, the Clipper Chip is moving full speed ahead." [Shot of three prototype Clipper chips: (1) (white patch on black) MYK78A MYKOTRONX, INC. #100004A (2) (gold) VLSI 9745TS 383511 VM06222-6 MYKO-MYK78PROTO PROTO A USA (3) (black) VLSI 9312AS401944 VM05413-1 MYKOTRONX MYK78A PROTO ] PE-D: "A company called Mykotronx is making the chips and AT&T is selling a variety of telephones with the chips built in, including this device which it is producing for the government to protect the privacy of phone calls within the Justice Department [shot of AT&T Surity Telephone Device 3600 (crypto brick)]. But it's not at all clear that the devices will find a market outside the government. Some of Clipper's most vocal opponents are the very computer and telecommunications firms the government hopes will adopt it. [The following Logos appear: Apple, IBM, Microsoft, Prodigy, Sun, HP, Digital, Lotus, Oracle]. Their gripe centers on the US export laws that make it illegal to sell encryption systems abroad. To encourage US companies to use the government's system, the administration has lifted those export controls for Clipper, but only for Clipper." Jerry Berman, Electronic Frontier Foundation: "You're going to thwart our foreign markets, because no foreign country and no foreign person is going to use a device that's made by NSA and where the keys are held by a US government agency." PE-D: "As the lines are strung to carry the traffic of the emerging information highway, the greatest fear of privacy advocates is that Clipper may be only the first step down a path that leads to more and more government snooping. They point to a new bill the Administration is circulating on Capitol Hill --- the so-called 'Digital Telephony Bill' --- that would require phone and cable companies to provide the government with systemwide access to even more information." MR: "It is absolutely clear, if you look over the last three to four years of the FBI's proposals and the proposals from the National Security Agency, that there is a plan --- in steps --- to restrict the use of cryptography in the United States. There's a plan to ensure that communication networks are designed to facilitate wire surveillance. And there's every reason to believe after Clipper goes forward, after the Digital Telephony proposal goes forward, that the next step will be to restrict non-compliant cryptography." PE-D: "In real life --- or 'RL', as computer buffs call it --- it's often not clear where to draw the line between the rights of the individual and the needs of society. [Telephoto sidewalk shot showing masses of humanity.] It's no different in cyberspace --- that world of interconnected computers, where messages fly back and forth on video screens [Screens showing US West Community Link Service, Minitel, Medline, American Interactive Technologies, PC Flowers, and Arcade]. Experts say that the new information super highway will have to have some rules of the road. The hard part is deciding where and how to draw them." Dat, dah, de-la, dat, dah! ----- Transcribed by Lois & Duncan Frissell