THE METAPHOR IS THE KEY: CRYPTOGRAPHY,
THE CLIPPER CHIP, AND THE CONSTITUTION

A. Michael Froomkin

Document information and copyright notice


To table of contents

Notes for introduction

1. Kim L. Scheppele, Legal Secrets 302 (1988) (footnote omitted). Back to text

2. "Secrecy" refers to the intentional concealment of information so as to prevent others from "possessing it, making use of it, or revealing it" to third parties. Sissela Bok, Secrets: On the Ethics of Concealment and Revelation 6 (1982). It also refers to "the methods used to conceal [information], such as codes or disguises." Id. Back to text

3. Privacy is "that portion of human experience for which secrecy is regarded as most indispensable." Id. at 7. Secrecy and privacy are not identical, however. See id. at 10. Privacy is "the condition of being protected from unwanted access by others--either physical access, personal information, or attention. Claims to privacy are claims to control access to what one takes . . . to be one's personal domain." Id. at 10-11. Back to text

4. In this sense, "the right to privacy has everything to do with delineating the legitimate limits of governmental power." Jed Rubenfeld, The Right of Privacy, 102[Page 713]Harv. L. Rev. 737, 737 (1989). Of course, true privacy also requires delineating the limits of the power of private parties, including detectives, credit bureaus, and others. Back to text

5. Cryptography cuts across the law in many interesting ways. Most of the statutory issues, however, are outside the scope of this Article. In particular, this Article does not discuss cryptography as it relates to intellectual property law. Back to text

6. Cryptology is the study of cryptography and cryptanalysis. See David Kahn, The Codebreakers at xvi (1967). Back to text

7. See id. at xiii-xvi; see also Horst Feistel, Cryptography and Computer Privacy, Sci. Am., May 1973, at 15, 15 (drawing a distinction between codes and ciphers). Back to text

8. Henry W. Longfellow, The Landlord's Tale: Paul Revere's Ride, in 4 The Poetical Works of Henry Wadsworth Longfellow 25, 25 (1966). For an example of a literary cipher, see Edgar A. Poe, The Gold-Bug, in The Complete Tales and Poems of Edgar Allan Poe 42, 62-67 (1938). See also Terence Whalen,[Page 714] The Code for Gold: Edgar Allan Poe and Cryptography, 46 Representations 35 (1994). Back to text

9. Eric Bach et al., Cryptography FAQ (03/10: Basic Cryptology) § 3 (Oct. 31, 1994), available online URL ftp://rtfm.mit.edu/pub/usenet/ news.answers/cryptography-faq/part03. A message that has never been disguised is called a cleartext. See Kahn, supra note 6, at xvi. Back to text

10. The number of possible values of a key is called the keyspace. Back to text

11. See infra Technical Appendix, part B (describing public-key cryptography). Back to text

12. See Bruce Schneier, Applied Cryptography 4 (1994) (defining cryptanalytic terms). Back to text

13. [Page 715]On the early use of telegraphic cryptography in military combat, see Kahn, supra note 6, at 190-91. Back to text

14. See Approval of Federal Information Processing Standards Publication 185, Escrowed Encryption Standard (EES), 59 Fed. Reg. 5997, 5998 (1994) [hereinafter FIPS 185] ("Key escrow technology was developed to address the concern that widespread use of encryption makes lawfully authorized electronic surveillance difficult."). For a discussion of Federal Information Processing Standards (FIPS), see infra notes 222-25 and accompanying text. Back to text

15. Although the chip is universally known as "Clipper," the government has alternately adopted and abandoned the name. See U.S. Gen. Accounting Office, Communications Privacy: Federal Policy and Actions 6 n.6 (1993) [hereinafter GAO Communications Privacy] (explaining that the name was used, then dropped). The official use of the name "Clipper" recently has been revived. See Susan Landau et al., Association for Computing Machinery, Inc., Codes, Keys and Conflicts: Issues in U.S. Crypto Policy 52 n.1 (1994) [hereinafter ACM Report] (stating that Intergraph Corp., which had trademarked the name for one of its microprocessors, "graciously ceded" the rights to the name). Back to text

16. The technical name for the Clipper-compliant family of devices is the Escrowed Encryption Standard (EES). For the nonclassified specifications for these devices, see FIPS 185, supra note 14, at 6004-05. The Clipper Chip itself is designed for use in secure telephones; its cousin, the Capstone Chip, will be used for electronic mail, digital signatures, see infra Technical Appendix, part C, public key exchange, see infra Technical Appendix, part B, and random number generation. For a brief introduction to the Capstone Chip and its technical specifications, see generally National Inst. of Standards and Technology, Capstone Chip Technology (Apr. 30, 1993), in Building in Big Brother, supra note * (manuscript at 147) [hereinafter Capstone Chip Tech-nology]. A PCMCIA card (Type 1) using Capstone will likely be purchased in bulk by the Pentagon. See infra text accompanying note 245. The PCMCIA card was formerly known as a "Tessera" card, but the National Institute of Standards and Technology (NIST) has now changed the name to the "Fortezza" card because a private company had previously trademarked the name "Tessera." See Interview with Gary Latham, Mantech Strategic Associates, Ltd., in Miami, Fla. (Sept. 30, 1994) (Mr. Latham is a consultant employed by NIST); see also Matt Blaze, Protocol Failure in the Escrowed Encryption Standard, in Building in Big Brother, supra note * (manuscript at 131, 145) (noting that "Tessera" is a trademark of Tessera, Inc., which has no connection with the EES project).

[Page 716] The entire EES project has been plagued by problems with intellectual property law. Not only did the names originally selected for the EES chips conflict with existing trademarks, but the algorithm for the escrow concept itself was the subject of an infringement claim by MIT professor Silvio Micali. Professor Micali claimed he had patented the escrow concept. After initially denying there was infringement, NIST agreed to settle Professor Micali's claim by purchasing a nonexclusive license for all EES systems "developed for authorized government law enforcement purposes" whether inside or outside the government. U.S. Dep't of Commerce, Patent Agreement Removes Perceived Barrier to Telecommunications Security System (July 11, 1994) (press release); see also Ellen Messmer, NIST Acknowledges Patent Infringement, Network World, July 25, 1994, at 20 (noting that the exact terms of the NIST settlement agreement were not being revealed). Back to text

17. Established in 1952 by presidential directive, the NSA is the U.S. government's chief signals intelligence and cryptological department. See Kahn, supra note 6, at 675-84 (outlining the development of the NSA from 1952 through 1966); Jeffrey Richelson, The U.S. Intelligence Community 15-20 (1985) (describing the bureaucratic structure of the NSA). See generally James Bamford, The Puzzle Palace: A Report on America's Most Secret Agency (1982) (tracing the develop-ment of the NSA between 1952 and 1982). Back to text

18. Vice President Gore has suggested that the proposal might be modified inthe future to allow some companies to use certified private escrow agents ratherthan depositing their keys directly with the government. See Letter from Vice President Al Gore to Congresswoman Maria Cantwell (July 20, 1994), availableonline URL ftp://ftp.eff.org/pub/EFF/Policy/Crypto/ Clipper/gore_clipper_retreat_cantwell_072094.letter [hereinafter Gore-Cantwell Letter]. But see Statement of Patrick Leahy on Vice President Gore's Clipper Chip Letter (July 21, 1994), available online URL ftp:// ftp.eff.org/pub/EFF/Policy/Crypto/Clipper/gore_clipper_retreat_ leahy.statement (stating that the Gore letter "represents no change in policy").

NIST is currently exploring alternatives to the existing EES proposal that would rely more heavily on third-party escrow agents. See Interview with Gary Latham, supra note 16. Back to text

19. See infra part I.C.1.c.i (discussing the International Traffic in Arms Regulations (ITAR), which restrict the export of cryptographic software). Back to text

20. The government can require that federal agencies and government contractors use Clipper. Indeed, the government has announced that the Attorney General will[**PAGE 717**]purchase "several thousand" Clipper-equipped telephones. See Office of the Press Secretary, The White House, Statement by the Press Secretary 2 (Apr. 16, 1993), in Office of the Press Secretary, The White House, Government-Developed "Key Escrow" Chip Information Packet (Apr. 16, 1993) (information packet accompanying press release) [hereinafter "Key Escrow" Information Packet].

If Clipper becomes the exclusive encryption protocol used by the U.S. government, then anyone who wishes to communicate with the government concerning nonclassified but sensitive information will have to use Clipper. Back to text

21. Without access to relevant classified information, it is impossible to know whether the NSA or other government agencies might have discovered a means of breaking even the most sophisticated publicly available ciphers. Considering the intense secrecy that would surround such a cryptanalytic capability, however, one can safely act as if it does not exist. Even if the government had the capability to break supposedly unbreakable cryptography, such cryptanalysis would be a vital national secret--so vital that the government would never use that capability in a manner that would risk revealing its existence before the middle of the next large war. Back to text


To table of contents