Subject: RISKS DIGEST 15.50 REPLY-TO: risks@csl.sri.com RISKS-LIST: RISKS-FORUM Digest Thursday 10 February 1994 Volume 15 : Issue 50 FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator ** See recent issues for information on RISKS, omitted from this ** ** issue. OR, CONTACT RISKS-REQUEST@csl.sri.com for information. ** Contents: Re: Dorothy Denning's contribution to RISKS-15.48 on EES/Clipper/etc. (Barbara Simons, Marc Rotenberg, George T. Talbot, Lance J. Hoffman, Fredrick B. Cohen, A. Padgett Peterson, Geoff Kuenning) ---------------------------------------------------------------------- Date: Thu, 10 Feb 94 13:48:52 PST From: "Barbara Simons" Subject: Re: Campaign and Petition Against Clipper (Denning, RISKS-15.48) In RISKS-15.48, 9 Feb 1994, Dorothy Denning states: >As near as I know, neither CPSR nor any other group has conducted any >systematic poll of industry, professional societies, or the public. While >many people have voiced opposition, there are many more organizations and >people who have been silent on this issue. The ACM is in the process of >conducting a study on encryption. CPSR is a member of the study group, as am >I. Steve Kent is chair. Our goal is a report that will articulate the >issues, not a public statement either for or against. The International >Association for Cryptologic Research has not to my knowledge made any official >statement about Clipper. I am chair of USACM, which is the new U.S. Public Policy Committee of ACM. A few months ago we asked Steve Kent to chair a panel that would study encryption policy in the U.S. and produce a report for ACM. As Dorothy mentions, she is on the panel, together with several other illustrious individuals, including the esteemed moderator of RISKS. I have included the list of panelists at the end of this note. CPSR is no more a member of the panel than are the National Security Agency or the Department of Justice. The panel does have members who are affiliated with all three organizations. I am certain that Dorothy did not intend to give the impression that the ACM panel has decided that ACM will not have a public position on Clipper. However, since her email might have been misinterpreted by some readers, I want to clarify that, while ACM has not taken a position on Clipper, there has not been any decision made within ACM of which I am aware that prevents ACM from taking a position at some future time. In addition, it is my understanding that there has been no final determination made by the panel of precisely what the report will or will not contain. Barbara Simons, Chair USACM The members of the ACM encryption policy panel are: Dr. Clint Brooks, National Security Agency Scott Charney, Department of Justice Dr. Dorothy Denning, Georgetown University Dr. Whitfield Diffie, Sun Microsystems Inc. Dr. Anthony Lauck, Digital Equipment Corporation Douglas Miller, Software Publishers Association Dr. Peter Neumann, SRI International Dave Sobel, Computer Professionals for Social Responsibility Chair: Dr. Stephen Kent, Bolt Beranek & Newman Staff: Dr. Susan Landau, University of Massachusetts ------------------------------ Date: Thu, 10 Feb 1994 16:07:13 EST From: Marc Rotenberg Subject: Re: CPSR Clipper Campaign Dorothy Denning has raised important questions about the Clipper proposal. As she says "the issues are extremely complex and difficult." Below I've tried to answer the points she has raised. I apologize in advance to RISKS readers who know all of this. Please read her comments and my response. Speak with others interested in the Clipper proposal. If on balance, after reviewing the arguments, you decide Clipper is a mistake then you should express your opposition by sending a message to: CLIPPER.PETITION@CPSR.ORG with the words "I oppose Clipper" in the subject header. If you have already signed the petition, ask a friend or colleague to sign. Your help is needed. Marc Rotenberg, director, CPSR Washington office >> The Clipper proposal, developed in secret by the >> National Security Agency, is a technical standard >> that will make it easier for government agents to >> wiretap the emerging data highway. > The standard (FIPS 185) is not a standard for the > Internet or any other high speed computer network. It > is for the telephone system. The letter to the President makes clear that we are concerned about "Clipper and associated standards" which include the Capstone EES configuration for data transmission. It is clearly the intent of the EES proposal to cover both voice and data transmissions. > The standard will not make it any easier to tap phones, > let alone computer networks. All it will do is make it > technically possible to decrypt communications that are > encrypted with the standard, assuming the communications > are not superencrypted with something else. This is a little bit like saying that leaving a master key for every house on your block with the police will not make it easier for the police to open locked doors. We may disagree about whether this is a good idea, but let's be clear about the intent of the proposal. > The purpose of the standard is to provide a very strong > encryption algorithm - something much stronger than DES > - and to do so in a way that does not thwart law > enforcement and national security objectives. Keys are > escrowed so that if someone uses this technology, they > cannot use it against national interests. The NSA is responsible for foreign signal interception. It has no legal authority to conduct wire surveillance. What are the NSA's "national security" interests in domestic wire surveillance? >> Industry groups, professional associations and >> civil liberties organizations have expressed almost >> unanimous opposition to the plan since it was first >> proposed in April 1993. >> The private sector and the public have expressed >> nearly unanimous opposition to Clipper. > As near as I know, neither CPSR nor any other group has > conducted any systematic poll of industry, professional > societies, or the public. To the best of my knowledge, there has never been a proposed technical standard that generated more opposition. Firms across the telecommunications and computer industry oppose Clipper. Computer security people and cryptographers oppose Clipper. Privacy experts oppose Clipper. >> The Administration ignored the overwhelming >> opposition of the general public. When the Commerce >> Department solicited public comments on the >> proposal last fall, hundreds of people opposed the > plan while only a few expressed support. > Hundreds of people is hardly overwhelming in a > population of 250 million, especially when most of the > letters were the same and came in through the net > following a sample letter that was sent out. I would encourage Dorothy, or anyone else, to take a poll of any representative user group -- RISKS readers perhaps -- if there is any doubt about how the public feels about the proposal. >> The technical standard is subject to misuse and >> compromise. It would provide government agents with >> copies of the keys that protect electronic >> communications. "It is a nightmare for computer >> security." > I have been one of the reviewers of the standard. We > have completed our review of the encryption algorithm, > SKIPJACK, and concluded it was very strong. While we > have not completed our review of the key escrow system, > from what I have seen so far, I anticipate that it will > provide an extremely high level of security for the > escrowed keys. Dorothy endorsed the proposal before she joined the "review" team. The group that she refers to, a White House task force, has an interesting history. The majority of cryptographers asked to participate declined. >> The underlying technology was developed in secret >> by the NSA, an intelligence agency responsible for >> electronic eavesdropping, not privacy protection. >> Congressional investigations in the 1970s disclosed >> widespread NSA abuses, including the illegal >> interception of millions of cables sent by American >> citizens. > NSA is also responsible for the development of > cryptographic codes to protect the nation's most > sensitive classified information. They have an > excellent track record in conducting this mission. Senator Frank Church, who conducted the most extensive hearings ever held on the National Security Agency, said that the NSA's intelligence gathering capabilities were important for the security of the United States. He also said that the massive eavesdropping capability created "A tremendous potential for abuse." If ever turned against the communications system of the United States: no American would have any privacy left . . . there would be no place to hide. We must see to it that this agency and all agencies that possess this technology operate within the law and under proper supervision, so that we never cross over that abyss. That is an abyss from which there is no return. " (NBC Meet the Press, 1975) >> Computer security experts question the integrity of >> the technology. Clipper was developed in secret and >> its specifications are classified. > The 5 of us who reviewed the algorithm unanimously > agreed that it was very strong. We will publish a final > report when we complete or full evaluation. Nothing can > be concluded from a statement questioning the technology > by someone who has not seen it regardless of whether > that person is an expert in security. The original CPSR letter to the President, asking for the withdrawal of Clipper, was signed by Hellman, Rivest, Diffie, Merkle, and others. Many more experts are adding their names daily to the CPSR petition. >> NSA overstepped its legal authority in developing >> the standard. A 1987 law explicitly limits the >> intelligence agency's power to set standards for >> the nation's communications network. > The 1987 Computer Security Act states that NIST "shall > draw on the technical advice and assistance (including > work products) of the National Security Agency." The original replacement for DES, proposed by the Department of Commerce in 1989, would have had these characteristics: -- public, unclassified -- implementable in both hardware or software -- usable by federal Agencies and U.S. based multi-national corporation -- a level of security sufficient for the protection of unclassified, sensitive information and commercial propriety and/or valuable information. The final proposal, developed with the "technical assistance" of the NSA, has these characteristics. -- The Clipper algorithm Skipjack is classified -- Public access to the reasons underlying the proposal is restricted -- Skipjack can be implemented only in tamper-proof hardware -- It will not be used by multi-national corporations -- The security of the configuration remains unproven. The Computer Security Act was passed precisely because the NSA tried previously to grab civilian computer security turf. The law was specifically intended to control the type of abuse that results from secret standard-setting arrangements. If there any doubt among RISKS readers about the illegal activities of the NSA in the development of the EES, please consult the minutes of the NSA/NIST Technical Working Group (TWG) that produced the standard. The minutes should be available from the National Security Agency Public Information Office. That phone number is 301/688-6524. >> There is no evidence to support law enforcement's >> claims that new technologies are hampering criminal >> investigations. CPSR recently forced the release of >> FBI documents that show no such problems. > CPSR obtained some documents from a few FBI field > offices. Those offices reported no problems. CPSR did > not get reports from all field offices and did not get > reports from local law enforcement agencies. I can tell > you that it is a fact that new communications > technologies, including encryption, have hampered > criminal investigations. The statement is illogical. There is still no evidence to support the FBI's claims. The FBI made certain claims that cryptography was impeding criminal investigation conducted by wiretap. CPSR investigated the FBI's claims by filing a Freedom of Information Act suit to obtain the relevant documents. The documents provided to us by the Department of Justice revealed that none of the FBI field officers had encountered any obstacles. The Department of Justice has just informed us that they provided to us all relevant documents concerning the Clipper proposal. There is one reported case where cryptography made it difficult for law enforcement to obtain evidence. That case concerned reading the contents of a file on a hard disk after it was seized. If this is the problem that the Clipper proposal is intended to solve, then the key escrow scheme must be extended to every single encrypted file -- not just encrypted communications -- everywhere in the world. Every encrypted file. Everywhere. >> If the plan goes forward, commercial firms that >> hope to develop new products will face extensive >> government obstacles. Cryptographers who wish to >> develop new privacy enhancing technologies will be >> discouraged. > The standard is voluntary -- even for the government. An FBI legislative proposal now under consideration at the White House would mandate a Clipper-like scheme. That proposal is backed by fines up to $10,000 per day and jail time. That's not voluntary. >> Mr. Rotenberg said "We want the public to >> understand the full implications of this plan. >> Today it is only a few experts and industry groups >> that understand the proposal. > I support this objective. Unfortunately, it is not > possible for most of us to be fully informed of the > national security implications of uncontrolled > encryption. For very legitimate reasons, these cannot > be fully discussed and debated in a public forum. This assertion has never been supported by evidence. It has been used simply to stifle criticism. > The Feb. 4 decision was made > following an inter-agency policy review, headed by the > National Security Council, that examined these issues > using considerable input from industry, CPSR, EFF, and > individuals as well as from law enforcement and > intell CPSR did not participate in the inter-agency policy review. Our position from the very beginning is that these decisions must be made openly. > In the absence of understanding > the national security issues, I believe we need to > exercise some caution in believing that we can > understand the full implications of encryption on > society. This premise, if accepted, would mean that people in the United States would have no right to express political views when the government claimed "national security." Certainly, there are matters of national security that must be protected, but when an agency with expertise in wire surveillance develops a secret standard for eavesdropping and tells those who raise questions that there are matters of national security that they would not understand, there is good reason for concern. If you believe that Clipper is a mistake, please express your views by sending email with the words "I oppose Clipper" in the subject header to CLIPPER.PETITION@CPSR.ORG. [In the following messages, I have pruned back radically on the included repetitions of Dorothy's original message. I hope I have not lost any threads... Refer back to RISKS-15.48 if you are in doubt. PGN] ------------------------------ Date: Wed, 9 Feb 94 22:16:51 EST From: ugtalbot@king.mcs.drexel.edu (George T. "14K F/D" Talbot) Subject: Re: Campaign and Petition Against Clipper I would like to comment upon a few points raised by Dr. Denning: >The decisions that have been made were not made lightly. While I appreciate the sentiments expressed by Dr. Denning here, I'm sure that those who oppose the Clipper initiative are also intelligent and have also worked very hard to make their concerns known. I have studied this issue actively and I assure you that I did not sign the petition "lightly". >The standard (FIPS 185) is not a standard for the Internet or any other high >speed computer network. While the Clipper initiative only covers the phone system, the entire proposal (Clipper and Capstone and the key escrow system) will touch the high-speed networks and should be taken as a whole. >...assuming >the communications are not superencrypted with something else. Law >enforcers still need to get a court order just to intercept the >communications in the first place... There are two points to address here. First, it is currently very difficult to produce and export cryptographic software of any significant strength due to export controls. A private entity which has the resources to produce a strong cryptographic solution will have to invest a great deal to produce such software. The current export controls would make it impossible for such an entity to compete on the world market, thus limiting profit, possibly to the point of non-profitability. This makes superencryption pretty unlikely, and this is one of the purposes of the current export controls on encryption. Also at issue is whether the government will outlaw non-Clipper/Capstone/Key Escrow encryption entirely. Second, law enforcement needs to get a court order to intercept phone communications. I know of no such need to get a court order to intercept communications on a high speed network w.r.t. Capstone. The current administration proposal does not require a court order to get the escrowed keys themselves. > The Administration ignored the overwhelming opposition of the > general public. When the Commerce Department solicited public > comments on the proposal last fall, hundreds of people opposed the > plan while only a few expressed support. > >Hundreds of people is hardly overwhelming in a population of 250 million, >especially when most of the letters were the same and came in through the net >following a sample letter that was sent out. Currently the community which is informed on this issue is rather small. It is unclear whether that population of 250 million would support the initiative if they were fully informed. Assuming the people which responded to the Commerce Department solicitation is representative of the public at large, it is clear that this is not a popular initiative outside of government/ law enforcement/national security circles. >I have been one of the reviewers of the standard. We have completed our >review of the encryption algorithm, SKIPJACK, and concluded it was very >strong. While we have not completed our review of the key escrow system, from >what I have seen so far, I anticipate that it will provide an extremely high >level of security for the escrowed keys. I'm sure that the committee which reviewed the algorithm made as accurate an assessment of the algorithm they could in the limited time they were given. What the NSA refuses to answer on this point is whether it, or the rest of the national security community will use the escrow system. If the [national security] community does not sign up [for the key escrow system], then the escrow system will be effectively compromised. >...I am not aware of any recent evidence >that the NSA is engaging in illegal intercepts of Americans... From what I understand, the Act was passed in response to the incident in the 1970s. Just because one doesn't have evidence doesn't mean that abuses don't exist, and one can't make basic policy decisions based upon that. When considering important policy like this, one has to actively consider the risks of abuse. >... From what current reports show, NSA pushed the proposal through NIST, and it was NSA, not NIST, which was the true author and sponsor of the initiative. They were operating on a "gray area" where because they were the only source for the standard considered, they effectively set the standard without explicitly violating the law. >... I can tell you that it >is a fact that new communications technologies, including encryption, have >hampered criminal investigations. I personally commend law enforcement for >trying to get out in front of this problem. Dr. Denning, would you, as a service to RISKS readers, disclose your evidence of how encryption has hampered criminal investigations? And how often? And what kind of investigations were hampered? >... In the absence of understanding the national security issues, I >believe we need to exercise some caution in believing that we can understand >the full implications of encryption on society. I disagree and Dr. Denning contradicts herself. If the decision is made at those levels, the public will not be informed. This policy is too important to relegate to a back room. George T. Talbot ------------------------------ Date: Thu, 10 Feb 1994 08:28:46 -0500 (EST) From: "Lance J. Hoffman" Subject: Clipper standard came close to being not only for phones Dorothy Denning wrote in RISKS Forum: > The [Clipper] standard (FIPS 185) is not a standard for the Internet or any > other high speed computer network. It is for the telephone system. Quoting > from FIPS 185: "Data for purposes of this standard includes voice, facsimile It apparently came close to covering everything. I have heard from several people at NIST describing the general unhappiness there about the EES. One wrote to me: > Three weeks ago, Ray Kammer {the deputy director} and Mike Rubin {the > general counsel} here told people to rewrite the FIPS 185 {the EES}, which > was in draft form, so that the standard applied to all electronic > communications, including those not covered under the then current language. > They refused, even walked out of the meeting, saying that it just could not > be done. Ray Kammer backed down, and the FIPS went out w/o the > all-inclusive language. {remarks in curly brackets added by L Hoffman for explanation} In any case, that point may be somewhat moot because Capstone applies to data! ------------------------------ Date: Thu, 10 Feb 94 06:11:05 PST From: Fredrick B. Cohen Subject: Re: Denning's thoughts on the Clipper Chip >The standard (FIPS 185) is not a standard for the Internet or any other high >speed computer network. ... The language sounds to me like it covers ISDN which is rapidly becoming the standard for non-local networking, all switched circuits, which will soon include most cable systems, and standard commercial modems carry the vast majority of all current computer communications. What do you think the superhighway is going to be made of? We have AT+T trying for the twisted pair as the standard, and the cable companies going for a cable version, and some chasing optical, but it is all circuit switched at one point or another. > ... The standard will make it much >harder for anyone to conduct illegal taps, including the government. For someone who lived through Watergate and Irangate and all the other gates, I am amazed that you can still take this position. It only means that the class of people who will be able to get the information will be restricted to the richer and more powerful. Anyone familiar with the telephone system today knows that to tap a line requires only that the FBI tell the telephone company the phone number. The rest happens in a matter of seconds. With clipper, it will be the same way. > ... Keys are escrowed so that if someone uses this technology, they cannot > use it against national interests. How much do these escrow agents get paid, and how well are their families protected? How many guards watch them continuously? Who are we kidding? US Nuclear codes were leaked to the Soviets at the height of the cold war. Do you really think that we will protect these escrow agents any better? >As near as I know, neither CPSR nor any other group has conducted any >systematic poll ... I know for a fact that most of the major telecommunications providers are worried that Clipper will be made the standard. The reason is that they need better protection and they have to be able to do more things more flexibly than Clipper allows. They also don't want to have to pay the company who makes clipper a fortune to use a technology they don't want to use. >Hundreds of people is hardly overwhelming in a population of 250 million ... Do you claim to believe that the great silent majority is in favor of Clipper? Actually, hundreds of people who opposed it against only a few who supported it would tend to indicate that 245 Million oppose it and 5 million are in favor. Not that this was a statistically valid sample. After all, the people who oppose it are probably more knowledgeable than the general public. >... concluded it was very strong. ... In the light of 5,000 years of cryptographic history where experts claimed that systems were very strong only to find them broken soon after, I find it hard to trust the hand picked committee of 5 so-called experts who are given money and time to pass judgement on a technology that is so weak that they are afraid to expose it to the light of day. If it is so strong, why not let the rest of the world review it? The German experts said the same thing about Enigma, and lots of US experts said the same thing about for national security reasons. The infoscape is littered with failed cryptosystems and failed experts wo trusted them. >... I do not believe that our requirements for protecting private >information are greater than those for protecting classified information. >... I am not aware of any recent evidence that the NSA is engaging in >illegal intercepts of Americans. It is hard to believe that such a well known expert is that naive. It is the blind belief in government that allows it to get away with so much. We need more questioning, not less. We need affirmative facts that show they are not doing this before we will believe it. Just because they haven't been caught, doesn't mean they are innocent. >The 5 of us who reviewed the algorithm unanimously agreed that it was very >strong. We will publish a final report when we complete or full evaluation. >Nothing can be concluded from a statement questioning the technology by >someone who has not seen it regardless of whether that person is an expert in >security. I disagree strongly with this assertion. The mere fact that 5 experts agree that a technology is strong gives me no confidence whatsoever. If it is so strong, what's the big secret? If it's so strong, why does it have to be protected by a special hardware mechanism? If it is so strong, why not tell all of us so we can start to develop similar systems of our own? How can you claim it is so strong when you are afraid to even tell us how it works? History has shown that secret systems such as these are not strong. The evidence I use to condemn is 5,000 years of history. Your evidence is 5 people in a room saying it's strong. Which should we give more weight to? >... I can tell you that it >is a fact that new communications technologies, including encryption, have >hampered criminal investigations. ... If technology hampers criminal investigations, why not eliminate cars except for police. Then we could catch a lot more criminals. This is a stupid argument. Let's get better police and better tools for them to use, and not try to weaken the very fabric of our information society instead. > Mr. Rotenberg said "We want the public to understand the full > implications of this plan. Today it is only a few experts and > industry groups that understand the proposal. > >I support this objective. Unfortunately, it is not possible for most of us to >be fully informed of the national security implications of uncontrolled >encryption. For very legitimate reasons, these cannot be fully discussed and >debated in a public forum. It is even difficult to talk about the full >implications of encryption on law enforcement. This is the argument of dictators, not democracies. If it cannot be opened to public scrutiny, it does not belong here. The implications of controlled encryption are the ones you are afraid of airing. But I am not. Controlled encryption is just another way for those with power to tighten their grip. What is so frightening to you about encryption that you can't even discuss it? Is it that people will have privacy from their own government? Is it that we will be able to assure integrity in communications? Giving power to the public is not something to be feared. It is something to be sought out and encouraged. >This is why it is important >that the President and Vice-President be fully informed on all the issues, and >for the decisions to be made at that level. ... >In the absence of understanding the national security issues, I >believe we need to exercise some caution in believing that we can understand >the full implications of encryption on society. Why is it that you think you understand more about the implications of cryptography on national security than the rest of us? This elitist crap has got to end. It is bad for our country to have elitists who believe they know more than the rest of us dictating how we will live our lives. It is bad for our country that the esteemed members of this forum do not have access to your rational in order to openly discuss your points of view. It is bad for our country that professors at universities tell their students and the public not to think about the issues, but to trust that the professors know best. If you want to serve the national interest, get the debate out in the open! > ... In one recent NRC study, the committee rightly pointed out that we need more open research in this field. Perhaps Professor Denning would like to follow the recommendations of that report and open up to us. Fred Cohen - independent researcher ------------------------------ Date: Thu, 10 Feb 94 09:11:08 -0500 From: padgett@tccslr.dnet.mmc.com (A. Padgett Peterson) Subject: Clipper Chip Politics At first I was astounded by the hysteria over the Clipper chip but have come to the conclusion that it is really a matter of Politics and Money - technical worth has nothing to do with it. Have just finished reading the Cantwell Bill text on export controls and have come to a similar conclusion. Lots of good sounding words modified by vague exclusions. (Could not tell if PGP was permitted since all the user has to do is install or excluded since each user must generate a unique key). Clearly, if I were to design a custom mechanism for a client and the client had the only copies in existence, the old rules would apply & if the client were "offshore" I would be in violation. According to the EFF, Mrs. Denning and I must be the only people publicly on the net who are in favor of Clipper/Capstone as a cheap means for very simple limited protection. It will fill the great void that exists between that which *should* be protected and that which *is* being protected. In the last few months, virtually every RFP I have seen deals with protection of "Sensitive but Unclassified" information. Presently, this is done with STU-IIIs and DES. Clunky. Ex$pen$ive. Requires effort to initiate. Government agencies faced with field offices, telecommuting, and electronic filing desperately need something that is 1) Cheap 2) Easy to use 3) Blessed by the Government 4) Sufficient to deter hackers and reporters - not because they are personally concerned about disclosure but because public law 93-579 (Privacy Act) and public law 100-235 (Computer Security Act) says they *will*. And for these uses Clipper/Capstone is *good enough* (C). People bemoan the fact that the government is creating a self-indulgent monopoly, but I have not seen anyone else rushing to fill the gap (three years ago I outlined both in magazines and at conferences a very simple means for access tokens/smart cards such as those from Enigma-Logic, Racal, and Secure-ID to be used to securely encrypt remote dial-up sessions. No one was interested. I have not seen ads for the Beaver BCC-007 encrypted laptop computer lately either. To me the whole key escrow procedure is a legal sop, I fully expect certain government agencies to be able to break any transmission within seconds given the right equipment and all of the keys (not necessarily who has which, just *all* of them), but I do not really care since anything that needs more protection will just receive stronger encryption before C/C ever sees it. The real value is for authentication and protection from volume analysis. (Today, it is easy to tell which of my missives are protected and which are not. How much and where can be valuable information even without reading the contents. With C/C you will have to decode everything to find out which is important and which is a take-away order). The NSA/FBI meeting at Bellcore included an assertion that a "National Laboratory" would be required to reverse engineer the chip. Does anyone think that it would not be easier/cheaper to simply buy someone on the inside ? "Security by Obscurity" may be effective for short durations and limited value objectives but we are talking strategic value here. Thus in my opinion, the whole broohah is a smoke-screen. C/C is going to happen, it will do what it is supposed to, it will become a standard since it is going to be cheap and enough, and some organizations are going to make billions of dollars off it - that is just the American Way. I still want some to play with. Padgett ------------------------------ Date: Thu, 10 Feb 94 13:48:28 -0800 From: geoff@FICUS.CS.UCLA.EDU (Geoff Kuenning) Subject: Re: Campaign and Petition Against Clipper In RISKS-15.48, Dorothy Denning combines some good points with some very paternalistic and unsupportable claims. I will primarily address the latter. >... The Clipper initiative is the result of >considerable deliberation by many intelligent people who appreciate and >understand the concerns that have been expressed and who worked hard to >accommodate the conflicting interests. The decisions that have been made were >not made lightly. In other words, despite the fact that many intelligent and well-informed people *oppose* Clipper, "we know best, so stop complaining." The fact that the decision was made by well-intentioned people does not make it correct. >The standard (FIPS 185) is not a standard for the Internet or any other high >speed computer network. It is for the telephone system. In the first place, many people access the Internet via various forms of telephone lines. If they are encrypted, it will be easier to tap them if they use Clipper. In the second place, the Administration has been quite up-front about its desire to force key-escrow encryption into nearly every encryption application. So while Ms. Denning is technically correct in her narrow reading of the document, CPSR is equally correct in raising an alarm about the larger issue of high-speed networks. >As near as I know, neither CPSR nor any other group has conducted any >systematic poll ... Ah, the old "silent majority" argument. I thought that went out when Nixon resigned. The truth is that, among the tiny fraction of the public which has expressed an opinion, there *has* been overwhelming public opposition. Very few people have written the Government to say, "my, what a wonderful idea!" Organizations like TV networks have a multiplier rule they apply to letters, where they figure that every letter received represents N people who felt the same way, but didn't take the time to write. To suggest that only one's opposition took the time to write, and that everyone else is in agreement, is at best disingenuous and at worst intellectually dishonest. > The ACM is in the process of >conducting a study on encryption. CPSR is a member of the study group, as am >I. Steve Kent is chair. Our goal is a report that will articulate the >issues, not a public statement either for or against. In other words, having attempted to discredit what little data we *do* have, Ms. Denning is stating that there are no plans to conduct a scientific study of public opinion. Perhaps the ACM or the CPSR should fund Roper or Gallup to investigate a few questions, approved by both Ms. Denning and a CPSR representative as being unbiased? > The International Association for Cryptologic Research has not to my > knowledge made any official statement about Clipper. I don't see what relevance this has to anything. One organization of cryptologists has remained silent. So what? > Hundreds of people is hardly overwhelming in a population of 250 million, > especially when most of the letters were the same and came in through the net > following a sample letter that was sent out. The first part of this statement is patently false; the same argument could be applied to any Harris poll. The second part, about "form letter" distortions in public issues, is relevant and important. All the more reason to do a more scientific survey. > ... I do not know the facts of the 1970s > incident that is referred to here, but it sounds like it occurred before > passage of the 1978 Foreign Intelligence Surveillance Act. This act requires > intelligence agencies to get a court order in order to intercept > communications of American citizens. The 1978 act was passed in response to the abuses of the early 70's. It should not have been necessary, since the NSA was prohibited from domestic spying even before that, but the NSA figured that since the cables involved were international communications, it was OK to eavesdrop on them. This is a rather classic case illustrating the way the NSA used the loosest possible interpretation of restrictions, rather than actively trying to respect the privacy of law-abiding citizens. > I am not aware of any recent evidence > that the NSA is engaging in illegal intercepts of Americans. Once burned, twice cautious. Ms. Denning, think of the egg you'll have on your face if the NSA gets caught misbehaving a few years from now. Personally, I don't see why I should trust any person or agency that is so secretive. > The 1987 Computer Security Act states that NIST "shall draw on the technical > advice and assistance (including work products) of the National Security > Agency." The question is of who was in control. There is a world of difference between drawing on "advice and assistance," and stepping out of the picture to let someone else do the job. I believe that the latter is what CPSR is worried about. > ... I can tell you that it > is a fact that new communications technologies, including encryption, have > hampered criminal investigations. Without data or references, how are we to believe this? CPSR carried out, at great difficulty, some preliminary research. There is no indication that they selected that data, and I hope that Ms. Denning is not suggesting this. Again, we have an attempt to invoke the "silent majority" argument to claim that the sampled data is invalid. Only this time Ms. Denning doesn't even offer anything to back up her counterclaim. In the first place, let's have some facts here. What criminal investigations have been hampered by new technologies? How many? In the second place, a pervasive thread in Ms. Denning's thinking seems to be that there is no room for a tradeoff between law enforcement and freedom. Let me point out that crime would drop tremendously if the police were allowed to search anyone's home at random, without warning, and to confiscate anything they chose. But I don't think I'd want to live in such a society. Similarly, I'm perfectly willing to let a few criminal investigations be "hampered" or even fail, if it means I can use strong encryption without fear of eavesdropping or prosecution. > The standard is voluntary -- even for the government. That's not what I remember. I seem to recall that the original announcement said that the standard would be applicable to all government agencies. Is there a citation to support the claim that it's voluntary within the government? As to outside the government, yes, it's voluntary. For now. But there are already major pressures being applied to make sure that this "voluntary" standard is the only practical choice. For example, Clipper will be much easier to export than RSA, Idea, or even the venerable Enigma. Government dollars are being used to make sure that the Clipper chip is available and cheap, undercutting the possibility of fair free-market competition. And hints have been dropped that any future encryption made available to the public will also require a key escrow scheme. Geoff Kuenning geoff@ficus.cs.ucla.edu geoff@ITcorp.com A huge vote of thanks to all the police, fire, medical, water, power, and gas workers who have worked 12-hour shifts to help us out after the quake. ------------------------------ End of RISKS-FORUM Digest 15.50 ************************