Gore Letter and Software Key Escrow
Some interesting comments from a recent issue of "EE Times": "While some critics declared Clipper dead, Gore made it clear that any encryption system used for voice communications must retain that the key-escrow framework that is the central feature of the Clipper chip. The only difference will be whether private-sector escrow agents will be added." ["Gore letter clouds U.S. Clipper policy," George Leopold, "EE Times," 1994-07-25, p. 4] [the article mentioned Gore's "We welcome the opportunity to work with industry to develop a more versatile, less expensive system. Such a key-escrow system would be implemented in software, firmware, hardware or any combination thereof, would not rely on upon a classified algorithm, would be voluntary and would be exportable."] In an earlier article: "Sen. Patty Murray, D-Wash., cosponsor of the Senate bill, said the Clipper-chip proposal "has had a chilling effect on software manufacturers in my state," particularly Microsoft Corp. She and other Clipper critics testifying last week argued that software encryption is widely available. "Federal efforts to put the genie back in the bottle will be futile," Murray said." ["Congress adds its voice to Clipper debate," George Leopold, "EE Times," 1994-05-09, p. 16] And this chilling comment from Stephen Walker of TIS: " "Most Americans would accept government-imposed key escrow if it was established by law" and subject to judicial review, said Stephen Walker, president of Trusted Systems Inc. [sic] and a former NSA official." ["Congress adds its voice to Clipper debate," George Leopold, "EE Times," 1994-05-09, p. 16]
From these and other articles I continue to believe that several related things are happening:
* The Administrations has backed away from the hardware-based, proprietary Skipjack approach that Clipper and EES represented. Though Clipper is not yet officialy dead, its brain wave has flatlined. * The software industry was apparently pressured, based on comments by various people, including Rep. Maria Cantwell (D-Wash) and Sen. Patty Murray. The form and timing of this pressure is not public knowledge, but hints of it keep emerging. * A software-based key escrow system, involving the new Walker-Belenson-others algorithm, is the likely basis for this new "more versatile, less expensive system" that Gore says would be "implementable in software, firmware, hardware or any combination thereof..." Practically speaking, this means software, as the hardware base of machines already out in the world pretty much makes hardware- or firmware-based deployment very problematic...few people will buy new hardware, which is what helped to kill Clipper. * Ostensibly this will be "voluntary," but the "voluntary" part may only be choice from a Chinese menu of approved and licensed escrow agents. [This is my interpretation, reading between the line of a dozen or so articles, articles which quote sources about how "private industry" will provide escrow agents, how choice will be preserved, and how the infamous "legitimate needs of law enforcment" will be preserved. * This compromise will likely put software key escrow (SKE, or Carl Ellison's "GAK"..."Government Access to Keys") into the software for audio and video teleconferencing, communication, and possibly into the OS itself (as this would be needed to ensure wide coverage of installed machines). * The articles suggest Sen. Leahy, Rep. Cantwell, and many others have already accepted this compromise. Enabling legislation could come at any time, and may be closely related to the Digital Telephony Bill, which has had the same behind-the-scenes negotiating. In closing, I reject the point made by Walker, that Americans will accept a "government imposed key escrow if it was established by law." I think this is the real threat on the horizon. --Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^859433 | Public Key: PGP and MailSafe available. "National borders are just speed bumps on the information superhighway."
Tim,
From: tcmay@netcom.com (Timothy C. May) Date: Mon, 8 Aug 1994 17:04:09 -0700 (PDT)
Thanks for the quotes.
* This compromise will likely put software key escrow (SKE, or Carl Ellison's "GAK"..."Government Access to Keys") into the software for audio and video teleconferencing, communication, and possibly into the OS itself (as this would be needed to ensure wide coverage of installed machines).
Let me push even harder for use of the term "GAK". Your use of SKE here is not appropriate. "Escrow" is (or at least was) a neutral or positive term -- it's something on the side of the user. GAK is opposed to the user (unless the user is the Gov't, I suppose). The Administration, by using the words "Key Escrow" for GAK, no doubt attempted to sugar coat what they were doing. Thanks to the effort of many people (including us), that bit of sugar coating was washed off for the public to taste what was underneath. However, that combined effort has done damage to the English language. The word "escrow" is no longer neutral or positive. It evokes images of GAK and becomes negative. I agree that SKE (gov't use of "escrow") is potentially more threatening than Clipper/Capstone because it removes the distaste for hardware. But, even though that is something currently on your mind, I wish you would not try to limit my phrase GAK to SKE. By GAK I'm talking about any form of government access to citizens' keys -- hardware, software, rubber hoses, .... That was the son-of-an-English-major speaking. Meanwhile, there are positive uses for salting a master key away. For example, I encrypted a file on my Mac with Curve Encrypt earlier this year and then forgot the password. It took a month to remember it. If I hadn't remembered it, I would have to have written a program to guess passwords (knowing the forms I use). (Fortunately, I remembered it.) It would have been nice to have a key someplace (e.g., split in 3 pieces among 3 friends of mine who don't know each other) which I know I can always get in an emergency. [There's a danger here that those people might not be protected by the 5th Amendment, if the gov't were to learn who they were. ..any lawyers out there?] Several people are working on features like this, not for the gov't. The problem comes that a natural term to use to describe this feature would be "key escrow". However, the gov't has soiled that term. Now, I need a new term, hopefully true to the language to describe a feature like this without calling up images of GAK. --------------------------------------------------
In closing, I reject the point made by Walker, that Americans will accept a "government imposed key escrow if it was established by law."
I do too. However, he might be right, if you take this as a prediction. If the gov't had not tried to pull the Clipper/Capstone crap in the manner it did (half spook, half Madison Avenue), but instead had initiated legislation to get this access, we cypherpunks would have been upset but we might not have gotten 80% of the public on our side. I don't know if the gov't has shot itself in the foot permanently, from the public's point of view. What I hope is immaterial. Walker might be right. The gov't might try it and we might lose. We can't relax in our efforts but we can't get anywhere just talking to recipients of cypherpunks. We have to keep getting the word out. [begin soap box] I also think we need to start writing the code that's needed -- not new ciphers or UNIX hacks to demonstrate feasibilities -- but polished end-user code for the computer-phobic users of Macs or Windows. [end soap box] - Carl
The problem comes that a natural term to use to describe this feature would be "key escrow". However, the gov't has soiled that term. Now, I need a new term, hopefully true to the language to describe a feature like this without calling up images of GAK. "Remote Backup" seems to be OK. Certainly backing up data is a perfectly respectable thing. Private keys are just more data. Eric
participants (3)
-
Carl Ellison -
hughes@ah.com -
tcmay@netcom.com