reno-key-escrow-announcement.html

Reno key escrow announcement

Reno Key Escrow Announcement

Department of Justice

EMBARGOED FOR 3 P.M. RELEASE
AG
FRIDAY, FEBRUARY 4, 1994
(202) 616-2771

ATTORNEY GENERAL MAKES KEY ESCROW ENCRYPTION ANNOUNCEMENTS

Attorney General Janet Reno today announced selection of the two U.S. Government entities that will hold the escrowed key components for encryption using the key escrow encryption method. At the same time, the Attorney General made public procedures under which encryption key components will be released to government agencies for decrypting communications subject to lawful wiretaps.

Key Escrow Encryption (formerly referred to as Clipper Chip ) strikes an excellent balance between protection of communications privacy and protection of society. It permits the use in commercial telecommunications products of chips that provide extremely strong encryption, but can be decrypted, when necessary, by government agencies conducting legally authorized wiretaps. Decryption is accomplished by use of keys--80-bit binary numbers-- that are unique to each individual encryption chip. Each unique key is in turn split into two components, which must be recombined in order to decrypt communications. Knowing one component does not make decryption any more feasible than not knowing either one.

The two escrow agents are the National Institute of Standards and Technology (NIST), a part of the Department of Commerce, and the Automated Systems Division of the Department of the Treasury. The two escrow agents were chosen because of their abilities to safeguard sensitive information, while at the same time being able to respond in a timely fashion when wiretaps encounter encrypted communications. In addition, NIST is responsible for establishing standards for protection of sensitive, unclassified information in Federal computer systems.

The escrow agents will act under strict procedures, which are being made public today, that will ensure the security of the key components and govern their release for use in conjunction with lawful wiretaps. They will be responsible for holding the key components: for each chip, one agent will hold one of the key components, and the second agent will hold the other. Neither will release a key component, except to a government agency with a requirement to obtain it in connection with a lawfully authorized wiretap. The system does not change the rules under which government agencies are authorized to conduct wiretaps.

When an authorized government agency encounters suspected key- escrow encryption, a written request will have to be submitted to the two escrow agents. The request will, among other things, have to identify the responsible agency and the individuals involved; certify that the agency is involved in a lawfully authorized wiretap; specify the wiretap's source of authorization and its duration; and specify the serial number of the key-escrow encryption chip being used. In every case, an attorney involved in the investigation will have to provide the escrow agents assurance that a validly authorized wiretap is being conducted.

Upon receipt of a proper request, the escrow agents will transmit their respective key components to the appropriate agency. The components will be combined within a decrypt device, which only then will be able to decrypt communications protected by key- escrow encryption. When the wiretap authorization ends, the device s ability to decrypt communications using that particular chip will also be ended.

The Department of Justice will, at the various stages of the process, take steps to monitor compliance with the procedures.