Clipper Chip retreat
From tomorrow's NYT:
type: NYT (Copyright 1994 The New York Times) priority: Urgent date: 07-20-94 2114EDT category: Financial subject: BC CLIPPER CHIP RETREAT title: ADMINISTRATION REVERSES ITSLEF ON WIRETAPPING TECHNOLOGY author: JOHN MARKOFF text: In an abrupt and significant reversal, the Clinton administration indicated Wednesday that it was willing to consider alternatives to its Clipper chip wiretapping technology, which has been widely criticized by industry executives and privacy-rights groups. ... I'll leave it to someone else to post the entire article, but the gist is that Gore sent a letter to Maria Cantwell saying that the administration is willing to consider alternatives to Clipper that are based upon nonclassified algrithms, and where the escrow agents are not government agencies. They still insist on an escrow system, however. There's a quote from Marc Rotenberg saying that the escorw requirement is still unacceptable.
In an abrupt and significant reversal, the Clinton administration indicated Wednesday that it was willing to consider alternatives to its Clipper chip wiretapping technology, which has been widely criticized by industry executives and privacy-rights groups.
I'll leave it to someone else to post the entire article, but the gist is that Gore sent a letter to Maria Cantwell saying that the administration is willing to consider alternatives to Clipper that are based upon nonclassified algrithms, and where the escrow agents are not government agencies. They still insist on an escrow system, however.
There's a quote from Marc Rotenberg saying that the escorw requirement is still unacceptable.
The article implied that in exchange for this, the Cantwell amendment had been scrapped. This was far more important, IMHO. The government never had a chance to impose that silly chip. But threatening prison to people who export crypto is extremelly painful to people trying to build businesses based on things that use cryptography. Has the government ever actually prosecuted somebody for exporting crypto source code via the net? It seems like an interesting test case, and based on the ruling about exporting applied cryptography, I would say that it was permitted. (After all, our right to free speach involves the transmission of ideas. I can understand them stopping the export of physical things like computer disks, but not source code). So does anybody actually know of a case in which the government attempted to jail somebody for knowingly transmitting cryptographic programs from the US? JWS
I'll leave it to someone else to post the entire article, but the gist is that Gore sent a letter to Maria Cantwell saying that the administration is willing to consider alternatives to Clipper that are based upon nonclassified algrithms, [...]
There are three of ways they could proceed from here. The first is to declassify SKIPJACK, which would (IMO anyway) be another welcome boost for civilian crypto, in that it would be the chance to see and analyse a NSA-designed cryptosystem. For that very reason, I doubt that they will do it. (Small aside from another field: it will be _very_ interesting to compare the old SHA to the revised version. One of the reasons I suspect that the problem is quite significant is simply because they have decided to revise it and run the risk of invoking comparitive research which may disclose design techniques or methods of attack. If the later option is the lesser of two evils, I would guess that it is a nasty hole indeed.) The second would be to take an existing commercial cipher, and to sanctify that as their recommended algorithm. Again, assuming that they selected a properly secure algorithm, the very features of the algorithm they chose would be another point of interest. This is the least favorable option. Their final option would be to release another cipher, but with a reduced keysize or key entropy. Not the best solution, but one which I have a nasty suspicion will happen. Ian.
participants (3)
-
Hal Abelson -
Ian Farquhar -
solman@MIT.EDU