More than three dozen of the nation's leading cryptographers,
computer security specialists and privacy experts today urged
President Clinton to abandon the controversial Clipper encryption
proposal. The letter was coordinated by Computer Professionals
for Social Responsibility (CPSR), which has long sought to open
the issue of cryptography policy to public debate

The group cited the secrecy surrounding the proposal,
widespread public opposition to the plan and privacy concerns as
reasons why the initiative should not go forward.

The letter comes at a crucial point in the debate on
cryptography policy. An internal Administration review of the
issue is nearing completion and the National Security Agency (NSA)
is moving forward with efforts to deploy Clipper technology in
civilian agencies, including the Internal Revenue Service.

CPSR has sponsored several public conferences on
cryptography and privacy and has litigated Freedom of Informa-
tion Act cases seeking the disclosure of relevant government
documents. In one pending FOIA case, CPSR is challenging the
secrecy of the Skipjack algorithm which underlies the Clipper
proposal.

For additional information, contact Dave Banisar, CPSR
Washington, DC, (202) 544-9240, < banisar @ washofc.cpsr.org >.

=============================================================


January 24, 1994

The President
The White House
Washington, DC 20500

Dear Mr. President,

We are writing to you regarding the "Clipper" escrowed
encryption proposal now under consideration by the White House.
We wish to express our concern about this plan and similar
technical standards that may be proposed for the nation's
communications infrastructure.

The current proposal was developed in secret by federal
agencies primarily concerned about electronic surveillance, not
privacy protection. Critical aspects of the plan remain
classified and thus beyond public review.

The private sector and the public have expressed nearly
unanimous opposition to Clipper. In the formal request for
comments conducted by the Department of Commerce last year, less
than a handful of respondents supported the plan. Several hundred
opposed it.

If the plan goes forward, commercial firms that hope to
develop new products will face extensive government obstacles.
Cryptographers who wish to develop new privacy enhancing
technologies will be discouraged. Citizens who anticipate that
the progress of technology will enhance personal privacy will
find their expectations unfulfilled.

Some have proposed that Clipper be adopted on a voluntary
basis and suggest that other technical approaches will remain
viable. The government, however, exerts enormous influence in the
marketplace, and the likelihood that competing standards would
survive is small. Few in the user community believe that the
proposal would be truly voluntary.

The Clipper proposal should not be adopted. We believe that
if this proposal and the associated standards go forward, even on
a voluntary basis, privacy protection will be diminished,
innovation will be slowed, government accountability will be
lessened, and the openness necessary to ensure the successful
development of the nation's communications infrastructure will be
threatened.

We respectfully ask the White House to withdraw the Clipper
proposal.

Sincerely,

Public Interest and Civil Liberties Organizations

Marc Rotenberg, CPSR
Conrad Martin, Fund for Constitutional Government
William Caming, privacy consultant
Simon Davies, Privacy International
Evan Hendricks, US Privacy Council
Simona Nass, Society for Electronic Access
Robert Ellis Smith, Privacy Journal
Jerry Berman, Electronic Frontier Foundation

Cryptographers and Security Experts

Bob Bales, National Computer Security Association
Jim Bidzos, RSA Data Security Inc.
G. Robert Blakley, Texas A&M University
Stephen Bryen, Secured Communications Technologies, Inc.
David Chaum, Digicash
George Davida, University of Wisconsin
Whitfield Diffie, Sun Microsystems
Martin Hellman, Stanford University
Ingemar Ingemarsson, Universitetet i Linkvping
Ralph C. Merkle, Xerox PARC
William Hugh Murray, security consultant
Peter G. Neumann, SRI International
Bart Preneel, Katolieke Universiteit
Ronald Rivest, MIT
Bruce Schneier, Applied Cryptography (1993)
Richard Schroeppel, University of Arizona
Stephen Walker, Trusted Information Systems
Philip Zimmermann, Boulder Software Engineering

Industry and Academia

Andrew Scott Beals, Telebit International
Mikki Barry, InterCon Systems Corporation
David Bellin, North Carolina A&T University
Margaret Chon, Syracuse University College of Law
Laura Fillmore, Online BookStore
Scott Fritchie, Twin-Cities Free Net
Gary Marx, University of Colorado
Ronald B. Natalie, Jr, Sensor Systems Inc.
Harold Joseph Highland, Computers & Security
Doug Humphrey, Digital Express Group, Inc
Carl Pomerance, University of Georgia
Eric Roberts, Stanford University
Jonathan Rosenoer, CyberLaw & CyberLex
Alexis Rosen, Public Access Networks Corp.
Steven Zorn, Pace University Law School

(affiliations are for identification purposes only)