Clipper trapdoor? Peter Wayner <pcw@access.digex.net> writes:
My general impression is that the system is secure. Many people have played paranoid and expressed concerns that the classified algorithm might be hiding a trapdoor. It became clear to me that these concerns were really silly. There is a built-in trapdoor to be used by the government when it is "legal authorized" to intercept messages. The NSA has rarely had trouble in the past exercising either its explicitly granted legal authority or its implied authority. The phrase "national security" is a powerful pass phrase around Washington and there is no reason for me to believe that the NSA wouldn't get all of the access to the escrow database that it needs to do its job. Building in a backdoor would only leave a weakness for an opponent to exploit and that is something that is almost as sacrilidgeous at the NSA as just putting the classified secrets in a Fed Ex package to Saddam Hussein.
This raises an interesting question and I draw a totally different conclusion. If, as we have been told, the only way for an agency to obtain the escrow keys is to present a court order, than NSA needs to obtain such an order to decrypt *any* communication it intercepts. I don't really understand what Peter means when he says that "NSA has rarely had trouble in the past exercising either its explicitly granted legal authority or its implied authority. The phrase 'national security' is a powerful pass phrase around Washington and there is no reason for me to believe that the NSA wouldn't get all of the access to the escrow database that it needs to do its job." Does this mean NSA would, in fact, obtain a warrant in order to "get all of the access to the escrow database that it needs to do its job"? If so, this would represent an unprecedented change in the way NSA does "its job." NSA has no domestic law enforcement authority, so it would obviously never be in a position to obtain a law enforcement wiretap warrant under Title III. The only possible way for NSA to obtain a warrant would be under the Foreign Intelligence Surveillance Act (FISA). But the Foreign Intelligence Surveillance Court, which issues warrants under FISA, has ruled that FISA's provisions limit the authority to conduct electronic surveillances to the U.S. in a geographic sense as defined in sec. 101(i). The drafters left to another day the matter of "broadening this legislation to apply overseas ... because the problems and circumstances of overseas surveillance demand separate treatment." In the Matter of the Application of the United States for an Order Authorizing the Physical Search of Nonresidential Premises and Personal Property (1981), footnote 1 (citations omitted). Consider the following hypothetical: Iraqi agents smuggle Clipper phones out of the U.S. Saddam Hussein uses them to communicate with his military commander in Basra. NSA intercepts the communications. Question: How does NSA decrypt the messages? Note that neither Title III (law enforcement) nor FISA (U.S.-based) apply to this situation, so we have to assume that NSA will not have a court order to obtain the escrow keys. I have to conclude that NSA would not be putting this technology out into the world *unless* it did, in fact, have some way to decrypt messages *without* access to the escrow keys. Am I missing something? David Sobel CPSR Legal Counsel
You didn't read the original clipper announcement carefully. It never said that all access to the escrowed keys was to be handled through warrants. Clearly the other weasel word access techniques envisioned included requests from the Agencies. My paranoid fantasy, actually, is that we are really seeing phase I of a longer term plan, which will result in outlawing non-escrowed keys. The way it works is this: Skipjack is distributed. A clever group of nameless individuals obtains some components. Through significant effort, they determine the algorithm and family key, and they are published. Phase II: mock Agency uproar ensues, NSA claims it tried to be "reasonable" about escrowed keys, but obviously the bad guys have demonstrated that they can't be trusted. The only way to solve the "problem" is to outlaw non-escrowed key cryptography.
Note that neither Title III (law enforcement) nor FISA (U.S.-based) apply to this situation, so we have to assume that NSA will not have a court order to obtain the escrow keys. I have to conclude that NSA would not be putting this technology out into the world *unless* it did, in fact, have some way to decrypt messages *without* access to the escrow keys.
Am I missing something?
Yes. Quoting the original Presidential release:
Access to these keys will be limited to government officials with legal authorization to conduct a wiretap.
"legal authorization to conduct a wiretap" != "court order". I've seen lots of people slip into that habit. Today, it requires a court order to wiretap domestic conversations between US citizens. Presumably, the same conditions apply to Skipjack. However, that could change. As for the example of snooping on Hussein and his officers, you know exactly how much legal authorization the NSA needs to conduct that wiretap. Exactly none. Hence, it needs no paperwork to get the key to Hussein's phone. How the escrow agents make the NSA prove that the keyid in question belongs to Hussen's phone is an exercise left to the legislature :-/ Marc
participants (3)
-
David Sobel
-
Marc Horowitz
-
Tom Knight