-----BEGIN PGP SIGNED MESSAGE-----
The Washington Post
Sunday, May 30, 1993
Pages H1, H4
Business section
CHIPPING AWAY AT PRIVACY?
Encryption Device Widens Debate Over Rights of U.S. to Eavesdrop
by John Mintz and John Schwartz
Washington Post Staff Writers
The two men were well-dressed, Bill Frezza recalls. They walked
into his New Jersey office a few days after his company,
Ericsson-G.E. Mobile Data, Inc., announced the introduction of a
portable device for sending and receiving electronic messages.
The two asked knowledgeable questions about whether the product
incorporated "encryption" technology, which scrambles signals to
frustrate eavesdroppers.
They wanted to buy some of the expensive, high-tech devices. With
cash.
"They were not tekkies," concluded Frezza, the firm's marketing
chief. By the time they left (empty-handed, since there were no
devices to sell yet), Frezza had decided they were drug dealers.
The New Jersey incident illustrates why law enforcement and
intelligence agencies are working so hard to keep a finger on new
communications technologies emerging around the world. They fear
these advances will give criminals and terrorists a new advantage
- -- by making it all but impossible for authorities to tap their
telephones and computer lines.
The problem, say the feds, is that the bad guys are always the
first to get the hot new toys -- whether they are fast cigarette
boats, automatic weapons or computerized gadgets that ensure
privacy. So the authorities -- over sharp protests from civil
libertarians -- are continually looking for ways to defeat
encryption technologies and continue monitoring communications.
This conflict, simmering for years, came to a boil on April 16,
when the White House announced it was imposing a new scheme for
encrypting voice and data communications. The system, which
employs a scrambler device dubbed the "Clipper Chip," leaves a
deciphering "key" in the federal government's pocket.
Whitfield Diffie, a pioneering cryptographer at Sun Microsystems
Inc., compares Clipper to "the little keyhole in the back of the
combination locks used on the lockers of schoolchildren. The
children open the locks with the combinations, which is supposed
to keep other children out, but the teachers can always look in
the lockers by using the key."
The government will stock up on phones and computers equipped
with Clipper, and many companies that do business with the
government will need to buy the same gear. The administration
also hopes Clipper will catch on across the business landscape.
Meanwhile, federal officials have been drawing up legislation to
require telecommunications companies to grant law enforcement
special access to U.S. communications networks.
"We feel we need these tools to do our job," said James K.
Kallstrom, the FBI's chief of investigative technology. Kallstrom
said if the FBI can't get industry to make the changes, disaster
could occur. "I don't have a lot of dead bodies laying around
here or dead children from an airplane explosion that we haven't
been able to solve -- yet."
For Jim Bidzos, president of a California-based encryption firm
called RSA Data Security Inc., the controversy "comes down to one
simple question: Do you have the right to keep a phone call or a
computer transmission private? The government says no."
David Sobel, an attorney with Computer Professionals for Social
Responsibility, an advocacy group for high-tech industries, said
the fight over Clinton's Clipper chip is the opening shot in "the
battle for the future direction of the nation's data highways."
Spooking the 'New Agers'
The Clinton White House's decision to cast its lot with the FBI
and the super-secret National Security Agency (NSA) has its
ironies.
The young computer wizards who manage the information industry
helped elect Clinton, and they share with him a dream of a
21st-century telecommunications revolution. But many of the
industry's "new agers," as one White House official calls them,
think Clinton is selling out to spooks and spies.
The FBI and NSA had won support in the Bush administration for
Clipper, first proposed several years ago. Then within weeks of
the Democrats' move into the White House, top law enforcement and
national security officials won over the Clinton team. One White
House official said they were "taken with the aura of making
national security decisions inside the White House.... You see
the stakes differently."
The FBI and state and local law enforcement officials told the
incoming Clinton team that resolving this issue was one of their
highest priorities, industry sources said. Mike Godwin, counsel
for the Electronic Frontier Foundation, which is mobilizing the
communications industry against Clipper, said that "like all
liberals, Clinton has an interest in being seen as a good
law-and-order guy."
Clinton's National Security Council is now conducting a
closed-door review of those subjects -- which the industry
criticizes for being secret, and on Friday corporate critics will
converge on the White House.
Old Ways, New Days
To understand the FBI's and NSA's concern about the new
information age, it helps to recall the state of communications a
quarter-century ago. In the 1950s and 1960s, there was only one
phone company, AT&T, and it worked closely with the NSA and law
enforcement, industry experts said. Similarly, the computer
business was dominated by International Business Machines Corp.
AT&T and IBM were huge, discreet and overtly patriotic
bureaucracies -- proud members of the military-industrial complex.
When the administration of President Gerald Ford filed an
antitrust suit against AT&T in the 1970s, the Defense Department
opposed it on national security grounds, since the firm was seen
as key to the nation's mastery of the global communications
system.
When the antitrust suit succeeded in 1984 and a federal judge
dismantled AT&T, the NSA was scared, government officials said.
Instead of the one mighty AT&T, there are now seven regional
"Baby Bell" companies and hundreds of new telecommunications
players in the U.S. market, some foreign-owned. The computer
business also has been balkanized, with some firms run by
youngish rebels of the post-Vietnam War generation who sneer at
authority. (The founders of Apple Computer Inc., started in
business selling "blue boxes" -- machines that help users scam
the phone company -- to students at the University of California
at Berkeley.)
The FBI and NSA are uncomfortable speaking about the nation's
vital communications secrets with some of these newcomers,
government officials said. Adding to law enforcement worries is
the technology itself: Where the system was once just copper
wires on poles, now it's a dizzying tangle of satellites,
microwave towers, fiber-optic cables and cable TV systems, all
linked up and bouncing signals around in cyberspace.
"They feel this onslaught, being drowned by this technology
revolution that's overrunning their capabilities," one White
House source said of the NSA and FBI. "They're feeling very
threatened.... They fear the horse is getting out of the barn."
Dealing With Digits
The government's response to the new world has been twofold: an
attempt to make the nation's phone and communications networks
more open to government taps, and a drive to limit the spread of
data encryption.
The biggest worry for law enforcement is the high-tech
modernization of the nation's communications system, especially
the "digitalization" of phone networks. This translates
conversations and data into the "0"s and "1"s of computer talk.
Anyone who has heard the squeal of a fax machine knows it doesn't
sound like conversation.
The FBI wants a guarantee that when a court approves a wiretap,
it can gain access through special "ports" to conversations or
data streams that can be retranslated from digital language.
The FBI is "panicky," said one Baby Bell executive, over the
increasing sophistication of the U.S. phone system. "They're
sitting over there with their simple little pair of alligator
clips" that were once used to tap phone lines.
The FBI's Kallstrom offers an example of the limits imposed by
changing technology: In the mid-1980s in New York City, because
digital switches that control cellular phone networks were not
designed with law enforcement in mind, investigators looking into
drug dealers, mobsters, terrorists and all other miscreants had
only five "ports," or entry points, from which to tap cellular
phones.
"For years, criminals had a free pass to engage in criminal
activity there," he said. "It's a mini-version of what'll
happen in the future."
The FBI says it wants to maintain the status quo, meaning its
ability to keep monitoring calls.
"You want to maintain what?" said Nathan Myhrvold, a Microsoft
Corp., vice president. "That's just such a crazy thing to say in
the computer industry," where product cycles are measured in
months.
In March 1992, the FBI took the offensive in the battle to keep
the taps open. That's when it surprised industry with a
legislative proposal that would require telecommunications firms
to guarantee law enforcement access to its new information
networks.
This "digital telephony" proposal was later withdrawn after a
bitter outcry from communications and computer companies. The
firms opposed, among other things, provisions that the Federal
Communications Commission must draw up rules on this highly
complex matter in secret and on a highly expedited schedule, and
that the phone companies' customers finance the modifications
through rate increases that could cost many billions of dollars.
Federal officials have been drafting new legislation, sources
said, but have been tight-lipped about its content.
Encryption Anxieties
On top of the surveillance problems posed by a digital network,
law enforcement also is vexed by the rise of inexpensive
encryption technologies, used in everything from personal
computer messages to electronic commerce. Businesses that zip
sensitive secrets across the globe need to guard against
industrial espionage, and some encryption systems are virtually
unbreakable -- not only by industrial pirates, but also by the
NSA and FBI.
The government hopes Clipper will replace chips providing
unbreakable encryption for conversations. The NSA also is
promoting a chip to encrypt data, called "Capstone." Both use a
classified encryption algorithm, or formula, called "Skipjack."
Using these technologies, government officials retain their own
master keys, actually long strings of numbers, to decrypt
messages. To assuage the fears of civil libertarians, the
government will split each key in two -- like the two pieces of a
treasure map torn down the middle -- and place the pieces with
two government agencies. A police officer who gets a judge's
approval for a wiretap must go to the two agencies to tap the
line.
Administration sources said that if the current plan doesn't
enable the NSA and FBI to keep on top of the technology, then
Clinton is prepared to introduce legislation to require use of
its encryption technology, which is crackable by the NSA, and ban
use of the uncrackable gear.
"It's an option on the table," said a White House official.
Stephen Bryen -- formerly a top trade security official in the
Pentagon and now president of a small Silver Spring-based firm
that develops encryption technology -- says that he realized
recently that "I've got a competitor, and it's the U.S.
government."
He said it is almost unprecedented for government to compete
directly with industry in this way. "It's hard to compete against
taxpayer money," he said. "The playing field's not level."
So far, Clipper's launch has been less than auspicious.
A coalition of top computer and telecommunications firms and
trade groups -- including IBM, Microsoft and about 25 others --
has sent letters to Clinton raising a list of 150 pointed
questions about the decision. On Friday, an association of firms
that make computers said that with Clipper, government officials
may find it "difficult to resist" monitoring communications it
shouldn't. It recommended the government slow deliberations on
the question.
Details about Clipper's technology are classified. Without
knowing about it, Clipper's critics say they can't evaluate how
secure it is -- the central issue for those wanting privacy.
Dorothy Denning, a Georgetown University cryptography expert
briefed on the chip by government officials, says Clipper strikes
a balance between strong data security and restricted government
access. "I was impressed," she said.
In any case, many in industry say they doubt Clipper will gain
favor in the market. Data security shoppers may avoid a product
with a famous security hole installed by the government.
Paul Jones, vice president for government marketing at a
Virginia-based encryption firm called Guardata, said a security
consultant for a big labor union recently told him, "Do you think
I'm dumb enough to buy something endorsed by the NSA?"
For the same reason, Clipper would be a hard sell overseas, where
companies might fear U.S. intelligence agencies would spy on
them. The federal government, said Bidzos of RSA Data Security,
"is forcing a showdown we just can't win" overseas.
Rep. Edward J. markey (D-Mass.), chairman of the House
telecommunications subcommittee, fears the government may
eventually ban encryption. "In a digitally linked world, where
encryption is the key to privacy," he said, "banning encryption
may be like banning privacy."
Frezza of Ericsson GE said despite his personal reluctance to
sell high-tech gear to criminals, the government's effort to
limit encryption software is bought so easily.
"The genie is already out of the bottle," he said. "We're all
going to look back on this date in five years and laugh that
anyone tried to control this technology."
-----BEGIN PGP SIGNATURE-----
Version: 2.2
iQCVAgUBLAloa5RLcZSdHMBNAQGtcgQAjhCYLsOMh/SbxVHEJByUvdXXbMfuf30p
l7JFINuhOOaqDx3c2azJMEPSHxFWG4q4yCQ3xOOlAQFMWKycGFR8ZU+hTH0M2ltc
K4imn1G4v0hQ3BLauA4P4eOv7Zr4ehhDH6qq/zr6iAr3JTZiANvs9DujetQherb4
YHvOKsvu9Bs=
=i5rB
-----END PGP SIGNATURE-----
Paul Ferguson | The future is now.
Network Integrator | History will tell the tale;
Centreville, Virginia USA | We must endure and struggle
fergp(a)sytex.com | to shape it.
Stop the Wiretap (Clipper/Capstone) Chip.