For those of you who do not receive the comp.risks feed, the Wiretap
Chip (Clipper) is debate is taking hold on several forefronts. What
this tells me is this: People are starting to realize the negative
implications of this Big Brother "technology."
I say: Great, but there's alot of eyes to open out there and we need
to let Joe and Janet Lunchbucket know how this will affect them.
8<------ Begin forwarded message ------------------------
Date: Thu, 22 Apr 93 12:12:44 -0700
From: Mark Seecof
Subject: "key escrow" (Clipper Chip; RISKS 14.51)
(At the risk of redundancy (with other contributors)):
1. Although gov't press releases and gov't surrogates like Dorothy
Denning keep talking about warrants (actually, they say "proper
authorization") for Clipper keys, the government has never abandoned
(and does not even deny) the practice of conducting warrantless
wiretaps for "national security" reasons. How will keys be obtained
to decrypt such intercepts? My guess--the security of the "escrow"
agencies will be secretly compromised. And then, the time will
come when the NSA turns over political or criminal information with
little or no "national security/foreign/military intelligence" content
to the FBI, etc. My fallback guess is that the Skipjack algorithm
will have a back door.
2. The key escrow scheme is a pottery container of fecal matter.
Right now in California we are enjoying two scandals involving the
release, to unauthorized persons, of "secret" data, by employees of
government and private organizations, in violation of: their
employers' policies, their own terms of employment, state criminal
law, and common (civil) law. These (Anaheim PD employee release
of DMV address info to anti-abortion terrorists; various people
including police employees giving info to an ADL investigator) are
representative, not exhaustive of the problem. Does anybody remember
the Walker (U.S. Navy) spy scandal of a few years ago? Walker ring
members, despite vetting by the military (perhaps inefficient, but
more thorough than likely in civilian agencies), exposure to the
most severe legal sanctions, and even the cultural pressures of
their military communities, sold out Navy cipher secrets and keys
to actual enemies for fairly small amounts of money. N.B.: the
Walker ring had no ideological motivations. Anyone who says that
the key escrow scheme will protect the privacy of Clipper users is
naive, stupid, or wicked. Of course, as someone will point out:
"the Walker ring got caught!"--but catching malefactors will not
prevent the harm they do before they are detected.
3. The assertion that the government should, by rights, be able to
decrypt private communications for "law enforcement" purposes
should be challenged. Privacy advocates should not concede this
important debate-framing assumption. Advances in digital computing
have made it possible for ordinary people to use powerful machine
cipher techniques. But such systems will not prevent police
agents from eavesdropping directly or by various bugging methods.
It may be (I suspect it is so) that depriving the police of
convenient wiretapping might have little effect over, say, ten
years, on their (police) ability to detect and interfere with
criminals.
Mark Seecof
8<----- End forwarded message -------------------------
Someone drop this guy a line to get him to join our cause! (Actually,
I'v already done that.) We can always use a LA Times cypherpunk,
can't we? ;-)
Cheers.
Paul Ferguson | Uncle Sam wants to read
Network Integration Consultant | your e-mail...
Centreville, Virginia USA | Just say "NO" to the Clipper
fergp@sytex.com | Chip...
