Date: Sat, 02 Jul 94 08:43:53 EST Errors-To: Comp-privacy Error Handler From: Computer Privacy Digest Moderator To: Comp-privacy@uwm.edu Subject: Computer Privacy Digest V5#001 Computer Privacy Digest Sat, 02 Jul 94 Volume 5 : Issue: 001 Today's Topics: Moderator: Leonard P. Levine Information About CPD ACM Releases Crypto Study USACM Calls for Clipper Withdrawal Re: IRS Speech, Again Question About CallerID Comments on Baker article (long) The Computer Privacy Digest is a forum for discussion on the effect of technology on privacy. The digest is moderated and gatewayed into the USENET newsgroup comp.society.privacy (Moderated). Submissions should be sent to comp-privacy@uwm.edu and administrative requests to comp-privacy-request@uwm.edu. Back issues are available via anonymous ftp on ftp.cs.uwm.edu [129.89.9.18]. Login as "ftp" with password "yourid@yoursite". The archives are in the directory "pub/comp-privacy". Archives are also held at ftp.pica.army.mil [129.139.160.133]. ---------------------------------------------------------------------- From: "Prof. L. P. Levine" Date: 02 Jul 1994 08:04:32 -0500 (CDT) Subject: Information About CPD Organization: University of Wisconsin-Milwaukee This is issue number 1 of volume 5 of the Computer Privacy Digest. Volume 1 covers the period 27 Apr 92 through 30 Dec 92, volume 2 from 04 Jan 93 through 06 Jul 93, volume 3 from 06 Jul 93 through 29 Nov 93, and volume 4 from 02 Dec 93 through 30 Jun 94. Dennis G. Rears was the moderator for volumes 1-3 and Leonard P. Levine was the moderator for volume 4 and continues on to moderate volume 5. The Computer Privacy Digest (CPD) is a forum for discussion of the effect of technology on privacy. The digest is moderated and gatewayed into the USENET newsgroup comp.society.privacy (Moderated). Submissions should be sent to comp-privacy@uwm.edu and administrative requests to comp-privacy-request@uwm.edu. CPD maintains an archive site for material of general interest that is too long to post. We also maintain all back issues of CPD for those who wish to peruse issues that have passed. These issues are ordered by issue number and are stored in appropriate volume directories. The recently completed volume 4 has fairly complete indeces available within its directory. Gopher access into this structure is the easiest route. Use the command 'gopher gopher.cs.uwm.edu'. It will permit access to the Computer Privacy Digest files. Standard gopher commands work. Similarly, Mosaic access is through 'gopher://gopher.cs.uwm.edu'. Ftp Access into ftp.cs.uwm.edu [129.89.9.18] with userid 'ftp' and password 'yourid@yoursite' will also open up the directory. The archives are in the directory "pub/comp-privacy". Archives are also held at the address of the former moderator, Dennis Rears, ftp.pica.army.mil [129.139.160.133]. Using ftp, within the directory pub/comp-privacy a 'dir' command will show the directories for volume1, volume2, volume3, volume4, volume5 and the library. Each of these directories has appropriate information. Please come and access what you wish. If you have no access to these methods, and wish to examine some old data, we will try to act as your libararian and email you whatever information you request. Send requests to the Information address below. ---------------------------------+----------------------------------------- Leonard P. Levine | Moderator of: Computer Privacy Digest Professor of Computer Science | and comp.society.privacy University of Wisconsin-Milwaukee | Post: comp-privacy@uwm.edu Box 784, Milwaukee WI 53201 | Information: comp-privacy-request@uwm.edu | Gopher: gopher.cs.uwm.edu levine@cs.uwm.edu | Mosaic: gopher://gopher.cs.uwm.edu ---------------------------------+----------------------------------------- ------------------------------ From: "US ACM, DC Office" Date: 30 Jun 1994 16:34:47 +0000 Subject: ACM Releases Crypto Study Association for Computing Machinery PRESS RELEASE __________________________________________________ Thursday, June 30, 1994 Contact: Joseph DeBlasi, ACM Executive Director (212) 869-7440 Dr. Stephen Kent, Panel Chair (617) 873-3988 Dr. Susan Landau, Panel Staff (413) 545-0263 COMPUTING SOCIETY RELEASES REPORT ON ENCRYPTION POLICY "CLIPPER CHIP" CONTROVERSY EXPLORED BY EXPERT PANEL WASHINGTON, DC - A panel of experts convened by the nation's foremost computing society today released a comprehensive report on U.S. cryptography policy. The report, "Codes, Keys and Conflicts: Issues in U.S Crypto Policy," is the culmination of a ten-month review conducted by the panel of representatives of the computer industry and academia, government officials, and attorneys. The 50-page document explores the complex technical and social issues underlying the current debate over the Clipper Chip and the export control of information security technology. "With the development of the information superhighway, cryptography has become a hotly debated policy issue," according to Joseph DeBlasi, Executive Director of the Association for Computing Machinery (ACM), which convened the expert panel. "The ACM believes that this report is a significant contribution to the ongoing debate on the Clipper Chip and encryption policy. It cuts through the rhetoric and lays out the facts." Dr. Stephen Kent, Chief Scientist for Security Technology with the firm of Bolt Beranek and Newman, said that he was pleased with the final report. "It provides a very balanced discussion of many of the issues that surround the debate on crypto policy, and we hope that it will serve as a foundation for further public debate on this topic." The ACM report addresses the competing interests of the various stakeholders in the encryption debate -- law enforcement agencies, the intelligence community, industry and users of communications services. It reviews the recent history of U.S. cryptography policy and identifies key questions that policymakers must resolve as they grapple with this controversial issue. The ACM cryptography panel was chaired by Dr. Stephen Kent. Dr. Susan Landau, Research Associate Professor in Computer Science at the University of Massachusetts, co-ordinated the work of the panel and did most of the writing. Other panel members were Dr. Clinton Brooks, Advisor to the Director, National Security Agency; Scott Charney, Chief of the Computer Crime Unit, Criminal Division, U.S. Department of Justice; Dr. Dorothy Denning, Computer Science Chair, Georgetown University; Dr. Whitfield Diffie, Distinguished Engineer, Sun Microsystems; Dr. Anthony Lauck, Corporate Consulting Engineer, Digital Equipment Corporation; Douglas Miller, Government Affairs Manager, Software Publishers Association; Dr. Peter Neumann, Principal Scientist, SRI International; and David Sobel, Legal Counsel, Electronic Privacy Information Center. Funding for the cryptography study was provided in part by the National Science Foundation. The ACM, founded in 1947, is a 85,000 member non-profit educational and scientific society dedicated to the development and use of information technology, and to addressing the impact of that technology on the world's major social challenges. For general information, contact ACM, 1515 Broadway, New York, NY 10036. (212) 869-7440 (tel), (212) 869-0481 (fax). Information on accessing the report electronically will be posted soon in this newsgroup. ------------------------------ From: "US ACM, DC Office" Date: 30 Jun 1994 16:35:37 +0000 Subject: USACM Calls for Clipper Withdrawal U S A C M Association for Computing Machinery, U.S. Public Policy Committee * PRESS RELEASE * Thursday, June 30, 1994 Contact: Barbara Simons (408) 463-5661, simons@acm.org (e-mail) Jim Horning (415) 853-2216, horning@src.dec.com (e-mail) Rob Kling (714) 856-5955, kling@ics.uci.edu (e-mail) COMPUTER POLICY COMMITTEE CALLS FOR WITHDRAWAL OF CLIPPER COMMUNICATIONS PRIVACY "TOO IMPORTANT" FOR SECRET DECISION-MAKING WASHINGTON, DC - The public policy arm of the oldest and largest international computing society today urged the White House to withdraw the controversial "Clipper Chip" encryption proposal. Noting that the "security and privacy of electronic communications are vital to the development of national and international information infrastructures," the Association for Computing Machinery's U.S. Public Policy Committee (USACM) added its voice to the growing debate over encryption and privacy policy. In a position statement released at a press conference on Capitol Hill, the USACM said that "communications security is too important to be left to secret processes and classified algorithms." The Clipper technology was developed by the National Security Agency, which classified the cryptographic algorithm that underlies the encryption device. The USACM believes that Clipper "will put U.S. manufacturers at a disadvantage in the global market and will adversely affect technological development within the United States." The technology has been championed by the Federal Bureau of Investigation and the NSA, which claim that "non-escrowed" encryption technology threatens law enforcement and national security. "As a body concerned with the development of government technology policy, USACM is troubled by the process that gave rise to the Clipper initiative," said Dr. Barbara Simons, a computer scientist with IBM who chairs the USACM. "It is vitally important that privacy protections for our communications networks be developed openly and with full public participation." The USACM position statement was issued after completion of a comprehensive study of cryptography policy sponsored by the ACM (see companion release). The study, "Codes, Keys and Conflicts: Issues in U.S Crypto Policy," was prepared by a panel of experts representing various constituencies involved in the debate over encryption. The ACM, founded in 1947, is a 85,000 member non-profit educational and scientific society dedicated to the development and use of information technology, and to addressing the impact of that technology on the world's major social challenges. USACM was created by ACM to provide a means for presenting and discussing technological issues to and with U.S. policymakers and the general public. For further information on USACM, please call (202) 298- 0842. ============================================================= USACM Position on the Escrowed Encryption Standard The ACM study "Codes, Keys and Conflicts: Issues in U.S Crypto Policy" sets forth the complex technical and social issues underlying the current debate over widespread use of encryption. The importance of encryption, and the need for appropriate policies, will increase as networked communication grows. Security and privacy of electronic communications are vital to the development of national and international information infrastructures. The Clipper Chip, or "Escrowed Encryption Standard" (EES) Initiative, raises fundamental policy issues that must be fully addressed and publicly debated. After reviewing the ACM study, which provides a balanced discussion of the issues, the U.S. Public Policy Committee of ACM (USACM) makes the following recommendations. 1. The USACM supports the development of public policies and technical standards for communications security in open forums in which all stakeholders -- government, industry, and the public -- participate. Because we are moving rapidly to open networks, a prerequisite for the success of those networks must be standards for which there is widespread consensus, including international acceptance. The USACM believes that communications security is too important to be left to secret processes and classified algorithms. We support the principles underlying the Computer Security Act of 1987, in which Congress expressed its preference for the development of open and unclassified security standards. 2. The USACM recommends that any encryption standard adopted by the U.S. government not place U.S. manufacturers at a disadvantage in the global market or adversely affect technological development within the United States. Few other nations are likely to adopt a standard that includes a classified algorithm and keys escrowed with the U.S. government. 3. The USACM supports changes in the process of developing Federal Information Processing Standards (FIPS) employed by the National Institute of Standards and Technology. This process is currently predicated on the use of such standards solely to support Federal procurement. Increasingly, the standards set through the FIPS process directly affect non-federal organizations and the public at large. In the case of the EES, the vast majority of comments solicited by NIST opposed the standard, but were openly ignored. The USACM recommends that the standards process be placed under the Administrative Procedures Act so that citizens may have the same opportunity to challenge government actions in the area of information processing standards as they do in other important aspects of Federal agency policy making. 4. The USACM urges the Administration at this point to withdraw the Clipper Chip proposal and to begin an open and public review of encryption policy. The escrowed encryption initiative raises vital issues of privacy, law enforcement, competitiveness and scientific innovation that must be openly discussed. 5. The USACM reaffirms its support for privacy protection and urges the administration to encourage the development of technologies and institutional practices that will provide real privacy for future users of the National Information Infrastructure. ------------------------------ From: glr@ripco.com (Glen Roberts) Date: 01 Jul 1994 13:58:08 GMT Subject: Re: IRS Speech, Again Organization: RCI, Chicago, IL John R Levine (johnl@iecc.com) wrote: Someone asked a week or two ago someone asked about the speech I excerpted by Coleta Brueck, Project Manager, Document Processing System, of the IRS where she said "We know everything about you that we need to know." There is a lot of fear mongering about the IRS collection of information. However, they get so much information, that much of it ends up near useless. For example, I just got a GAO report about the fact that they get TOO MANY CTR's (currency transaction reports). Cash transactions over $10,000 have to be reported on a CTR. Well, they get so many, it interferes with the intended purpose of the CTR's. -------------------------------------- Glen L. Roberts, Publisher, Directory of Elect Surv Equip Suppliers Host Full Disclosure Live (WWCR 5,810 khz - Sundays 7pm central) Box 734, Antioch, Illinois 60002 Fax: (708) 838-0316 Voice/FAX on demand: (708) 356-9646 -------------------------------------- ------------------------------ From: "J. Shickel" Date: 30 Jun 1994 10:39:33 -0500 (EST) Subject: Question About CallerID Does 'Caller ID' return the telephone number of callers with unlisted numbers? __ ______________________________________________________________________ Jon Shickel | stu_jfshicke@vax(1).acs.jmu.edu (internet) | "Better Living through @jmuvax (bitnet) | Chemistry" __________________________________________________________________________ ------------------------------ From: nzook@fireant.ma.utexas.edu (Nathan Zook) Date: 30 Jun 1994 14:34:23 GMT Subject: Comments on Baker article (long) Organization: University Of Texas Mathematics Comment by Nathan Zook, PhD candidate in Mathematics. Distribute widely. Wired Magazine issue reproduced without explicit permission. First, let my quote from the Texas Republican Party's 1994 platform, a section that was added at my request at the convention. "Electronic Privacy-The Party believes that no government trapdoor encryption standards should be advanced for use in any civilian communication systems (e.g. Clipper Chip, Digital Telephony Act) and that the U.S. patent office should limit the RSA patent to allow individuals to secure their own communications systems. We believe that encryption systems publicly available outside the U.S. should not be classified as munitions." There is an effort underway to develop an EFF platform. I will suggest the following as the basic principle in this matter: "We believe that the mere existence of technologically feasible methods to monitor the day-to-day activities of citizens does not imply that legal entities should be allowed to use such technologies to gather such information. We place an absolute premium on the right of individuals to communicate, to maintain records, and to transact business privately, should they desire to." I would like to point out at this juncture that resistance to the Clipper standard did not appear whole cloth overnight. There has been a deep and growing suspicion among those of us keeping track of such things that this government is making preparations to begin tracking the lives of thousands or millions of individuals of whom they disapprove. This administration, and this president, in particular, have spoken of "Getting around that." That being the pesky forth amendment. Since the forth amendment is the only thing standing between you and the government when it comes to the Clipper chip, it is amazing that the response has been a limited as it has. Speaking of this administration, you will note that mister Baker refers to a child molester in his comments. This administration, you will recall, burned a building to the ground containing many children--to keep them from being molested. This administration is pushing for a relaxation of child porn laws, and a lowering of the age of consent. So when this administration talks about protecting children, grab your gun, grab your wife and kids, and head for cover. I have made no effort to be fair in my comments. I consider this man, by his manner and position, to be a real and present danger to the security of the individuals in this nation, and, as such, have utilized my full power in responding to point out the "flaws" in his statements. I have not edited, except by insertion, anything in the original article. I have indented text lines from the article. WIRED 2.06 Don't Worry Be Happy ******************** A WIRED Exclusive By Stewart A. Baker, Chief Counsel for the NSA With all the enthusiasm of Baptist ministers turning their Sunday pulpits over to the Devil, the editors of WIRED have offered me the opportunity to respond to some of the urban folklore that has grown up around key escrow encryption -- also known as the Clipper Chip. Oops, I missed it. THIS is the first attempt to marginalize us. Folklore- unsubstantiated beliefs held by unsophisticated people. Note that he refers to all of his straw men as myths, as well. Recently the Clinton administration has announced that federal agencies will be able to buy a new kind of encryption hardware that is sixteen million times stronger than the existing federal standard known as DES. But Is THAT all? 16,000,000? Does this guy know how many times over decryption power has advanced since DES was introduced? That the key was shortened, at the request of this same NSA? I expect that if this number is correct, that the NSA can crack Clipper messages almost as fast as they can be sent--without the "escrowed key". this new potency comes with a caveat. If one of these new encryption devices is used, for example, to encode a phone conversation that is subject to a lawful government wiretap, the government can get access to that device's encryption keys. Separate parts of each key are held by two independent "escrow agents," who will release keys only to authorized agencies under safeguards approved by the attorney general. Private use of First note. This is the same attorney general who is looking into "getting around" the forth amendment. Note also that there is no mention here of requiring a search warrant. They are working hard in order to keep that option open--the option of not needing a search warrant in order to make a tap. Why do they need that? the new encryption hardware is welcome but not required. That's a pretty modest proposal. Its critics, though, have generated at least seven myths The thin edge always is. Modest, that is. about key escrow encryption that deserve answers. MYTH NUMBER ONE: Key escrow encryption will create a brave new world of government intrusion into the privacy of Americans. Okay, how about this? "GOVERNMENT HELD key escrow encryption will allow for the government to spy on millions of Americans at the same time with next to no effort, should they so desire." Remember the phrase, "_Government_ trapdoor encryption standards" And no, that's not such a _new_ thing. The government's power to monitor us continues to grow at an alarming rate, and this is merely the latest example. Opponents of key escrow encryption usually begin by talking about government invading the privacy of American citizens. None of us likes the idea of the government intruding willy-nilly on communications that are meant to be private. But it is perfectly all right for the government to intrude willy-nilly into high crime areas, such a housing projects? And you consider the net to have the potential to be such a high crime area? But the key escrow proposal is not about increasing government's authority to invade the privacy of its citizens. All that key escrow does is preserve the government's current ability to conduct wiretaps under existing authorities. Even if key escrow were the only form of encryption available, the world would look only a little different from the one we live in now. So long as there is a living mathematicians with a hard BS, RSA will always be there for those of us who are willing to risk jail by using it. But you are still missing the point. I, for one, have never willing ceded the privacy of my phone conversations to any governmental agency. And if I told my story of being tapped, a lot of other people might agree. The right of the government to interrogate was severely cut back by Miranda, I think that it is time we consider that persons who go to the trouble of encryptting their private communications should be allowed that privacy. In fact, it's the proponents of widespread unbreakable encryption who want to create a brave new world, one in which all of us -- crooks included -- Now we see the first sign that this guy might be a Clinton era appointee. At least I hope so. Why do I say so? Check this out: "Our opponents are sheltering criminals." He will expand on this in a minute, but criminalizing the opposition is the particular habit of government. It is a scare tactic, and an attempt to marginalize the opposition through emotional manipulation. When you see it, grab your gun, your wife and kids, and head for cover. have a guarantee that the government can't tap our phones. Yet these proponents have done nothing to show us that the new world they seek will really be a better one. We here see the first suggestion that this guy has little or no knowledge of the history of cryptology. It has been several years since reading David Kahn's, "The Codebreakers", but I recall, "Encryption changes nothing. It attempts to maintain a state of ignorance in the enemy until the knowledge becomes useless. Encryption can only delay. _Decryption_, however changes things. It is through decryption that the enemy is destroyed, and so it is upon decryption that we will focus." This was written some time before quantum encryption. Note also here the argument to ignorance. I maintain that this government has done nothing to show us that the new world they seek will really be a better one. I maintain that this government has done much to show quite the reverse. I maintain that a limited government is a VERY good thing, and alternative systems would certainly limit government, vis a vis the Clipper system, although not nearly to the extent he claims. In fact, even a civil libertarian might prefer a world where wiretaps are possible. If we want to catch and convict the leaders of criminal organizations, there are usually only two good ways to do it. We can "turn" a gang member -- get him to testify against his leaders. Or we can wiretap the leaders as they plan the crime. Didn't this guy ever read Dick Tracy? He obviously failed to interview law enforcement officials about how they obtain evidence. Tailing, long-range listening/viewing devices, through the wall listening devices, bugs, TEMPEST, the list goes on and on. What he means to say is, "there are usually two _easy_ ways to do it." Well, get off your duff!! I once did a human rights report on the criminal justice system in El Salvador. I didn't expect the Salvadorans to teach me much about human rights. But I learned that, unlike the US, El Salvador greatly restricts the testimony of "turned" co-conspirators. Why? Because the co-conspirator is usually "turned" either by a threat of mistreatment or by an offer to reduce his punishment. Either way, the process raises moral questions -- and creates an incentive for false accusations. Now we can be certain this is a Clinton era appointee. He has obviously never read a scrap of information about the Salem witch trials. This country's government had to come to grips with this CENTURIES ago. And if the government has no qualms about using turned evidence, juries most certainly do. Because they know instinctively what this guy apparently had to go to El Salvador to learn. Wiretaps have no such potential for coercive use. The defendant is convicted or freed on the basis of his own, unarguable words. Again, this guy should keep up with Dick Tracy. Is he completely unaware of the advances in computer manipulation of pictures and sound? I expect within twenty years that the public will DEMAND that this type of evidence be ruled inadmissible, unless we have an UNFORGABLE communication system in place. And anything the government has the keys to, it can forge. In addition, the world will be a safer place if criminals cannot take advantage of a ubiquitous, standardized encryption infrastructure that is immune from any conceivable law enforcement wiretap. Even if you're worried about illegal government taps, key escrow reinforces the existing requirement that every wiretap and every decryption must be lawfully authorized. The key escrow system means that proof of authority to tap must be certified and audited, so that illegal wiretapping by a rogue prosecutor or police officer is, as a practical matter, impossible. Unless that rogue prosecutor happens to be the attorney general, I presume? More to the point, the concern is not about rogues, it is about the government _as a whole_. We want protection against a Hitler- or Lenin-styled government. And what is the big deal about wire taps? Put a bug in either room. Do other things. The FBI got shot down last year over this sort of thing. GET THE POINT. MYTH NUMBER TWO: Unreadable encryption is the key to our future liberty. Let me sharpen this "myth" a little. There EXISTS a single key to our future liberty. This "myth" is downright insulting. I'm tempted to ignore the rest of this, but he asks for some rebuttals. There is no single key to our future liberty. There are many. Like the right to bear arms. Like eternal vigilance. Like freedom from massive, arbitrary spying. Of course there are people who aren't prepared to trust the escrow agents, or the courts that issue warrants, or the officials who oversee the system, or anybody else for that matter. Rather than rely on laws to protect us, they say, let's make wiretapping impossible; then we'll be safe no matter who gets elected. Marginalization attempt number two: Our opposition is paranoid. IF WE DIDN'T NEED SAFEGUARDS "NO MATTER WHO GETS ELECTED", THEN WHY DO WE HAVE A BILL OF RIGHTS? You know, that stuff this administration is "trying to work around". Let me be specific. I want protection against _this_ administration. If we trust the courts that issue warrants, why do we have appeals courts? This sort of reasoning is the long-delayed revenge of people who couldn't go to Woodstock because they had too much trig homework. It reflects a wide -- and kind of endearing -- streak of romantic high-tech anarchism that crops up throughout the computer world. Marginalization attempt number three: Our opposition is a bunch of cute starry-eyed nerds. Furthermore, he sneers anyone who takes their academic responsibilities more seriously than trespassing, destroying private property, and taking part in the biggest ("non-inhaling") orgy in history. Definitely a Clintonite. The problem with all this romanticism is that its most likely beneficiaries are predators. Take for example the campaign to distribute PGP ("Pretty Good Privacy") encryption on the Internet. Some argue that widespread availability of this encryption will help Latvian freedom fighters today and American freedom fighters tomorrow. Well, not quite. Rather, one of the earliest users of PGP was a high-tech pedophile in Santa Clara, California. He used PGP to encrypt files that, police suspect, include a diary of his contacts with susceptible young boys using computer bulletin boards all over the country. "What really bothers me," says Detective Brian Kennedy of the Sacramento, California, Sheriff's Department, "is that there could be kids out there who need help badly, but thanks to this encryption, we'll never reach them." Marginalization attempt number four: Our opposition is a bunch of pedophiles. Coming from this administration, that should be a compliment. But there is a VERY serious slight-of-hand going on here. This paragraph should destroy ANY credibility this guy has. Why? Read along with me. "One of the earliest" and therefore most primitive and easiest to break....... CANNOT YET TO BE BROKEN. Don't believe him. This guy is really stewing in his own juices here. Either the NSA isn't good enough to break this old PGP after several years, OR they don't care to, OR he's lying. His implications certainly do. PGP is called PGP because its authors know that it is not secure to the extent that THEY want. Let alone anyone else. To argue here that after all these years, the first versions still cannot be broken is like telling me -1 has no square root! (I'm working on my PhD in this stuff.) Assuming this guy is telling the truth,....... then what is really going on is that the NSA doesn't care enough about children to crack this case. So we see that it is the NSA that is sheltering pedophiles. (I'm just putting the shoe on the other foot here--of course the rank-and-file members of the NSA do no such thing.) Grab your gun, grab your wife and kids, and head for cover. If unescrowed encryption becomes ubiquitous, there will be many more stories like this. We can't afford as a society to protect pedophiles and criminals today just to keep alive the far-fetched notion that some future tyrant will be brought down by guerrillas wearing bandoleers and pocket protectors and sending PGP-encrypted messages to each other across cyberspace. Again, the opposition is a bunch of starry-eyed nerds. He must be jealous. Note also that he is scrupulously failing to mention RSA. Any serious resistance movement will use RSA. And they will wear whatever allows them to penetrate and eliminate enemy facilities. MYTH NUMBER THREE: Encryption is the key to preserving privacy in a digital world. Notice his order here. First he says privacy ain't such a good thing. Now he says, privacy can't be achieved. Nonsense. But as before, THERE IS NO SINGLE KEY TO ACHIEVING ANYTHING WORTH HAVING. It is A key. And an essential one. A hundred years ago, privacy rights meant shooting peeping Toms. Now we worry that the peeper's name is Sam. Even people who don't believe that they are likely to be part of future resistance movements have nonetheless been persuaded that encryption is the key to preserving privacy in a networked, wireless world, and that we need strong encryption for this reason. This isn't completely wrong, but it is not an argument against Clipper. Sure, some have. But some people who never plan to fall off also believe that the world is flat. So what? The point is that strong encryption, like the right to bear arms, is one of the best forms of insurance against an aggressive government. I know that this government isn't too thrilled about the second amendment, either, but this buttresses our concerns even more. If you want to keep your neighbors from listening in on your cordless phone, if you want to keep unscrupulous competitors from stealing your secrets, even if you want to keep foreign governments from knowing your business plans, key escrow encryption will provide all the security you need, and more. Not if it is only 16M times as powerful as DES, it won't protect from Japan. Note the scare tactics again. I REPEAT: I'm not worried about my neighbor, it's my uncle I don't trust. But I can't help pointing out that encryption has been vastly oversold as a privacy protector. The biggest threats to our privacy in a digital world come not from what we keep secret but from what we reveal willingly. We lose privacy in a digital world because it becomes cheap and easy to collate and transmit data, so that information you willingly gave a bank to get a mortgage suddenly ends up in the hands of a business rival or your ex-spouse's lawyer. Restricting these invasions of privacy is a challenge, but it isn't a job for encryption. Encryption can't protect you from the misuse of data you surrendered willingly. Now we go for distraction. Boy, I would hate to face this guy in court. Except for his first sentence, which I believe is just plain false, the entire paragraph has nothing to do with the Clipper issue. It's like saying, oh forty years ago, "The biggest threat to your home is nuclear attack, so why are you worried about keeping your guns?" This is something we can work on. This is a threat we can deal with. This is a real and present danger. Of course, even in his distraction, he destroys his credibility. If the administration is so worried about privacy, as this system is supposed to provide, why is there no serious legislation pending on these other matters? If Clipper is the best these guys can do to help privacy, we are in heap big trouble. What about the rise of networks? Surely encryption can help prevent password attacks like the recent Internet virus, or the interception of credit card numbers as they're sent from one digital assistant to another? Well, maybe. In fact, encryption is, at best, a small part of network security. The real key to network security is making sure that only the right people get access to particular data. That's why a digital signature is so much more important to future network security than encryption. If everyone on a net has a unique identifier that others cannot forge, there's no need to send credit card numbers -- and so nothing to intercept. And if everyone has a digital signature, stealing passwords off the Net is pointless. That's why the Clinton administration is determined to put digital signature technology in the public domain. It's part of a strategy to improve the security of the information infrastructure in ways that don't endanger government's ability to enforce the law. And we are all being SUCH bad children by not begging you for it. So now the guy admits that digital signatures are a critical part of net security. But only HIS signatures are good. PGP ones are bad. RSA ones are bad. This reminds me of IBM introducing their first PC with an 8088, after the TRS-80 had been out for years with the Z-80. One of the major concerns is that the same thing, in the end, will happen. MYTH NUMBER FOUR: Key escrow will never work. Crooks won't use it if it's voluntary. There must be a secret plan to make key escrow encryption mandatory. One at a time, please. "Government trapdoor encryption standards... for civilian communication systems." If a company wants to use its own system internall, fine. If a company wants to offer such a system to outsiders, fine. If the government wants to use it for the military, or other strictly internal matters, fine. And by the way, if this is so good, why won't the military use it? As for people not wanting to use it, (all crooks, again) this is a legitimate concern. Major crooks are probably using RSA already. Minor ones aren't smart enough, usually, to use PGP. But the third one is legitimate. If the government is as concerned about maintaining its wire tapping abilities as _you_ indicate, the expectation that the system will go mandatory is hardly unreasonable. This is probably the most common and frustrating of all the myths that abound about key escrow. The administration has said time and again that it will not force key escrow on manufacturers and companies in the private sector. In a Catch-22 response, critics then insist that if key escrow isn't mandated it won't work. This administration also stated that it would cut taxes for the middle class, and raise them only on millionaires. This administration also stated that it would not recertify China for MFN status. This administration also stated that our Haitian policy under the previous administration was "immoral". This administration also stated that it would wait as long as necessary at Waco. This administration has gone through periods of changing its stories on Whitewater daily. Shall I continue? Yes, this administration is definitely the most trustworthy we have EVER had. I can't imagine what ever got into me, doubting their word. That misunderstands the nature of the problem we are trying to solve. Encryption is available today. But it isn't easy for criminals to use; especially in telecommunications. Why? Because as long as encryption is not standardized and ubiquitous, using encryption means buying and distributing expensive gear to all the key members of the conspiracy. Up to now only a few criminals have had the resources, sophistication, and discipline to use specialized encryption systems. "resources, sophistication, and discipline"--Those last two words, the last one in particular, have NEVER been associated with much of the criminal environment, for ANY reason. But, _but_, BUT with the 1977 advent of the RSA system, practically ANYONE with a decent computer can make code like nobody's business. And, despite the government's "best" efforts, criminal use of RSA will continue to rise, especially among the big time. What worries law enforcement agencies --what should worry them -- is a world where encryption is standardized and ubiquitous: a world where anyone who buys an US$80 phone gets an "encrypt" button that interoperates with everyone else's; a world where every fax machine and every modem automatically encodes its transmissions without asking whether that is necessary. In such a world, every criminal will gain a guaranteed refuge from the police without lifting a finger. What worries me --what should worry you -- is guys who actually seem to believe statements like this when they make them. If encryption is such a poor provider of privacy, what is his worry here? He so much as affirms his own named MYTH number three! Not one of the above systems would be immune from governmental monitoring. Just immune from the lazy ones. The purpose of the key escrow initiative is to provide an alternative form of encryption that can meet legitimate security concerns without building a web of standardized encryption that shuts law enforcement agencies out. If banks and corporations and government agencies buy key escrow encryption, criminals won't get a free ride. They'll have to build their own systems -- as they do now. And their devices won't interact with the devices that much of the rest of society uses. As one of my friends in the FBI puts it, "Nobody will build secure phones just to sell to the Gambino family." If he actually said that, he is as misinformed as you. The Gambinos, I am sure, have MORE than sufficient resources to hire their own mathematitions, engineers, etc, and custom build PLENTY of such things. Right now they probably aren't because using such a system would set off too many flags. But mark my words--when secure or "secure" communications systems become ubiquitous, these families will have their own systems installed, probably within weeks. In short, as long as legitimate businesses use key escrow, we can stave off a future in which acts of terror and organized crime are planned with impunity on the public telecommunications system. Of course, whenever we say that, the critics of key escrow trot out their fifth myth: Oh, yes save us! Please!!! You yourself just said that these people are already doing exactly what you claim to prevent. Face the facts: it is not a matter of if but of when that almost all serious criminals will be doing this. You just want to deceive enough of the lesser ones in order to trot them out the the public as examples of how good this system is. Sorta like calling up those news stations before assaulting Waco. MYTH NUMBER FIVE: The government is interfering with the free market by forcing key escrow on the private sector. Industry should be left alone to develop and sell whatever form of encryption succeeds in the market. Well, lets see. Precisely why was the Clipper release "accelerated"? Was it not because the nasty market was moving ahead with secure comm, and you didn't like the way it was going? Didn't you preempt AT&T's efforts by clipper? Oh, no, you aren't "forcing" anything on the market. You make offers to major companies that cannot be refused. We all know the VHS/Beta story. This administration has been a big fan of early intervention in determination of standards. This is a textbook example of such an intervention. In fact, opponents of key escrow fear that businesses may actually prefer key escrow encryption. Why? Because the brave new world that unreadable encryption buffs want to create isn't just a world with communications immunity for crooks. It's a world of uncharted liability. What if a company supplies unreadable encryption to all its employees, and a couple of them use it to steal from customers or to encrypt customer data and hold it hostage? As a lawyer, I can say it's almost certain that the customers will sue the company that supplied the encryption to its employees. And that company in turn will sue the software and hardware firms that built a "security" system without safeguards against such an obvious abuse. The only encryption system that doesn't conjure up images of a lawyers' feeding frenzy is key escrow. Marginalization attempt number five: our opponents are liars. And as someone who ISN'T a lawyer, I'm not impressed. These uncharted liabilities have been cooked up by trial lawyers just trying to rip the rest of society off. The problem you refer to has nothing to do with encryption, it has to do with tort reform, and with sharks in general. Of course, THIS administration thinks we don't need such things. But that's not even it. "Governmental trapdoor encryption systems..." if Future Manufacturers wants to use escrow key internally, that's fine by me. Speaking of someone fearing the opposite of what they say, I think that this government doesn't like the idea of a distributed password base. Suppose a company suspects one of its employees of stealing secrets. Under Clipper, it would have to go to you to get the key. Such transactions would be a matter of public record. Rumors could fly, stock might plunge. All because some guy was trading barbecue recipes. Companies SHOULD be able to monitor what their equipment is being used for. Now tell me precisely why the government should be involved in each such check??? But there's a second and even more compelling reason why the key escrow initiative can't fairly be characterized as interfering with private enterprise: The encryption market has been more or less created and sustained by government. Much of the market for encryption devices is in the public sector, and much of the encryption technology now in widespread use in the private sector was funded, perfected, or endorsed by the federal government. Did the government create RSA? Did it create PGP? Do businesses want to protect their research secrets from government? Notice the arrogance (again), if something hasn't been endorsed by the federal government, it won't sell. Up until the early '80's, the government more or less created the market. The demand now is government driven, too: people don't trust it, and they want protection from it. The free market is trying to respond to demand, and Clipper is clearly an attempt to influence that market. And not by accident, either. Good encryption is expensive. It isn't just a matter of coming up with a strong algorithm, although testing the strength of an algorithm can be enormously time-consuming. The entire system must be checked for bugs and weaknesses, a laborious and unglamorous process. And, of course, the facts that strong encryption is non-exportable, that the government has opposed expansion of strong encryption at every turn, and that the government used Clipper to cut off the first product coming out don't have a thing to do with it. Generally, only the federal government has been willing to pay what it costs to develop secure communications gear. That's because we can't afford to have our adversaries reading our military and diplomatic communications. He admits it! There are other entities willing to do the hard work. They are also more candid about their results. They are more easily retaliated against. They are, therefore, more trustworthy. That's led to a common pattern. First, the government develops, tests, or perfects encryption systems for itself. Then the private sector drafts along behind the government, adopting government standards on the assumption that if it's good enough for the government's information, it's good enough to protect industry's. Unless, like the DES, the government intentionally weakens a system for the public so that it can read it? Again, however, this guy is either lying or horribly misinformed. Clipper is NOT good enough for the military. Nor the diplomatic corps. Nor for anyone else with a SERIOUS espionage problem. The "general use" of the Clipper will be to assure privacy for those agencies with FOUO data, not SCI data. SCI data will be better protected. As encryption technology gets cheaper and more common, though, we face the real prospect that the federal government's own research, its own standards, its own purchases will help create the future I described earlier -- one in which criminals use ubiquitous encryption to hide their activities. How can anyone expect the standard-setting arms of government to use their power to destroy the capabilities of law enforcement -- especially at a time when the threat of crime and terror seems to be rising dramatically? Yep, we're all lax on crime. You're just a poor, misunderstood crimefighter. You fight environmental crimes, health care crimes, crimes against lizards, and crimes against the earth. Funny how serial killers get a couple of years. By adopting key escrow encryption instead, the federal government has simply made the reasonable judgment that its own purchases will reflect all of society's values, not just the single-minded pursuit of total privacy. "All of society's values"--like the NEA? Like PBS and NPR? "Reasonable judgment" indeed. The government's first interest is its dominancy and continuance. That puts it in direct conflict with the people's interest in privacy. Oh yes, we should all trust your profound judgement. So where does this leave industry, especially those companies that don't like either the 1970s-vintage DES or key escrow? It leaves them where they ought to be -- standing on their own two feet. Companies that want to develop and sell new forms of unescrowed encryption won't be able to sell products that bear the federal seal of approval. They won't be able to ride piggyback on federal research efforts. And they won't be able to sell a single unreadable encryption product to both private and government customers. Not quite. The federally granted copyright (patent?) on RSA makes it illegal for them to use the most powerful, simplest scheme out there. They may be on their own two feet, but the Feds are trying to knock them down. Well, so what? If companies want to develop and sell competing, unescrowed systems to other Americans, if they insist on hastening a brave new world of criminal immunity, they can still do so -- as long as they're willing to use their own money. That's what the free market is all about. Marginalization attempt number six: Our opponents are unpatriotic. Again, coming from this crowd, I think that should be a compliment. And what does this administration know about the free market? This mea culpa for influencing the market is just too incredible. You offer to buy thousands of units of _your_ design from AT&T, just as they are getting serious about _their_ designs, promising them millions more sales, and THAT is a free market? I'll try Soviet agriculture. Of course, a free market in the US doesn't mean freedom to export encryption that may damage US national security. As our experience in World War II shows, encryption is the kind of technology that wins and loses Not encryption, decryption. And are you actually claiming that any serious enemy we might face WON'T already have access to RSA-based systems? wars. With that in mind, we must be careful about exports of encryption. This isn't the place for a detailed discussion of controls, but one thing should be clear: They don't limit the encryption that Americans can buy or use. The government allows Americans to take even the most sophisticated encryption abroad for their own protection. Nor do controls require that from what? From abusive governments? Isn't that it? Speaking of foreign governments, consider the following senario: the US adopts some governmental escrow-key system. The Chinese pick up on it. They come out with their own standard--same chip, same system, made "at home". And then they tell their people, "With this new chip on your phones, our glorious government is granting our people the exact same level of privacy that the United States government gives its own." Care to comment on THAT "myth"? software or hardware companies "dumb down" their US products. Software firms have complained that it's inconvenient to develop a second encryption scheme for export, but they already have to make changes from one country to the next -- in language, alphabet, date systems, and handwriting recognition, to take just a few examples. And they'd still have to develop multiple encryption programs even if the US abolished export controls, because a wide variety of national restrictions on encryption are already in place in countries from Europe to Asia. This guy better not light a match--there is enough straw around here to keep India in fodder for a year. The problem isn't that it's inconvenient to develop different standards, it's that they won't sell. I know it's hard for you to understand, but the rest of the world has RSA, and maybe PGP. They are using it already. And unless our secure systems can deliver that level of protection, nobody outside will want it. MYTH NUMBER SIX: The National Security Agency is a spy agency; it has no business worrying about domestic encryption policy. WOW! All the hay in Kentucky! I've never _heard_ such a statement. Anybody who is at all involved in crypto knows what the NSA is, what is does, and what it has done. Of course it is natural that the NSA would develop any systems that the government would use. And if the government were to make such standards public, such as the DES, what else would anyone expect? Since the National Security Agency has an intelligence mission, its role in helping to develop key escrow encryption is usually treated as evidence that key escrow must be bad security. In reality, though, NSA has two missions. It does indeed gather intelligence, in part by breaking codes. But it has a second, and oddly complementary, mission. It develops the best possible encryption for the US government's classified information. With code breakers and code makers all in the same agency, NSA has more expertise in cryptography than any other entity in the country, public or private. It should come as no surprise, therefore, that NSA had the know- how to develop an encryption technique that provides users great security without compromising law enforcement access. To say that NSA shouldn't be involved in this issue is to say the government should try to solve this difficult technical and social problem with both hands tied behind its back. The biggest NSA-specific gripe I could come up with is that the system is classified. That means we can't test it easily. And I believe that even with _our_ hands tied behind our backs, we are finding sever technical problems. MYTH NUMBER SEVEN: This entire initiative was studied in secret and implemented without any opportunity for industry or the public to be heard. Two parter: Part one is true, and, so long as the algorithm remains classified, very valid. Part two would have been true if it weren't for us. There _was_ an attempt to slip this by, but we stopped that... This is an old objection, and one that had some force in April of 1993, when the introduction of a new AT&T telephone encryption device required that the government move more quickly than it otherwise would have. Key escrow was a new idea at that time, and it was reasonable for the public to want more details and a chance to be heard before policies were set in concrete. But since April 1993, the public and industry have had many opportunities to express their views. The government's computer security and privacy advisory board held several days of public hearings. The National Security Council met repeatedly with industry groups. The Justice Department held briefings for congressional staff on its plans for escrow procedures well in advance of its final decision. And the Commerce Department took public comment on the proposed key escrow standard for 60 days. After all this consultation, the government went forward with key escrow, not because the key escrow proposal received a universally warm reception, but because none of the proposal's critics was able to suggest a better way to accommodate society's interests in both privacy and law enforcement. It bears repeating: the assumption that government's interests and societies coincide is the hallmark of an oppressive government, and you do yourself no good by continuing the assertion. Unless somebody comes up with one, key escrow is likely to be around for quite a while. That's because the only alternative being proposed today is for the government to design or endorse encryption systems that will cripple law enforcement when the technology migrates -- as it surely will -- to the private sector. And that alternative is simply irresponsible. And one last, marginalizing dig: Our opposition is irresponsible. Of course, the kids that went to Woodstock weren't. More to the point: The government had nothing to do with the design of RSA, let alone PGP, except to attempt to keep them under wraps, and to blockade their implementation. The government's refusal to admit that these systems are in fact the ones that are favored for PRIVATE use is another indication that they are not willing to accept the declarations of the market. So, in the end, what do we have? We have a man who spends more time attacking his opponents personally or in knocking down straw men than he does the issues. And when he does get around to the issues, many of his own "facts" either contradict his own arguments, or simple logic. A friend told me, after reading this article, that he was _at first_ placated by it. This man is a PhD mathematician. After reflection, he noted some of the points I raise. The fact that these folks have to resort to calling their opponents pedophiles, and to putting down responsible students indicates that they are desperate, and they have no real case. Why engage in all these scare tactics if you have good, basic arguments? In case you did not get it from my comments, I (and thousands like me) can develop the RSA system from scratch any time. Strong encryption is here. It cannot be made to go away. The only question is whether access to it will be limited to the elite few who can do it themselves, or if it will be out there for all. He fails to mention that one can easily layer PGP or RSA into any other system, rendering it strong, if you have the equipment. A late-breaking note: Sever technical flaws are cropping up in the Clipper standard. This is tied to the fact that they formed the standard by intentionally weakening an existing system--a violation of ALL developmental protocols. You NEVER weaken an existing system, because it is effectively impossible to prove exactly how much you weakened it. This breach of protocol, _by itself_ disqualifies, IMHO, the NSA from EVER being used to develop civilian use systems unless the algorithms, and the process used to reach them, are fully available for comment, over a long period. --end of comments Nathan Zook, Candidate, UT Austin, Dept of Mathematics nzook@math.utexas.edu They don't know that I'm doing this, so how could this have anything to do with their oppinions? For more information on the Clipper standard you can access WIRED's Clipper archive via the following WIRED Online services. * WIRED Infodroid e-mail server: Send e-mail to infodroid@wired.com containing the words "send clipper/index" on a single line inside the message body. * WIRED Gopher: Gopher to gopher.wired.com and select "Clipper Archive." * WIRED on World Wide Web: http://www.wired.com select "Clipper Archive." * WIRED on America Online: The keyword is WIRED. * WIRED on the Well: Type "go wired" from any "OK" prompt. * * * Stewart A. Baker is the National Security Agency's top lawyer. He worked briefly as Deputy General Counsel of the Education Department under President Jimmy Carter, and he practiced international law at Steptoe & Johnson, in Washington, DC. He has been at the NSA since 1992. =-=-=-=-=-=-=-=-=WIRED Online Copyright Notice=-=-=-=-=-=-=-=-=-= Copyright 1993,4 Wired Ventures, Ltd. All rights reserved. This article may be redistributed provided that the article and this notice remain intact. This article may not under any circumstances be resold or redistributed for compensation of any kind without prior written permission from Wired Ventures, Ltd. If you have any questions about these terms, or would like information about licensing materials from WIRED Online, please contact us via telephone (+1 (415) 904 0660) or email (info@wired.com). WIRED and WIRED Online are trademarks of Wired Ventures, Ltd. =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= ------------------------------ End of Computer Privacy Digest V5 #001 ****************************** .