Clipper has become the code name for an encryption system designed by the National Security Administration (NSA) and the National Institute of Standards and Technology (NIST). Clipper is deliberately compromised to allow law enforcement officials to wire-tap phones in the digital age. The fear is that authorized wire-taps would be rendered meaningless if the speech is encoded with an unbreakable encryption technique. Clipper would be a standard encryption system used by individuals and businesses to keep their communications secret and for which the government would hold a master key for decrypting messages.

During the Bush administration, several attempts to pass legislation to require Clipper to be installed in domestic telecommunication systems failed in Congress. Under Clinton, the government is using its purchasing power to create a market for Clipper by requiring Clipper-equipped telephones for government use, both within and outside of the defense department. The Clinton administration has also funded initial development to guarantee low per unit cost.

!D1FQ=+@z~o$3&H>

Cryptography is the process of writing in or deciphering secret code. It dates back to ancient Rome and has most often been used by the military. In very basic terms, the way encryption works is as follows: you have a message that you want to keep secret; you run the message through an encryption process with a key which produces unreadable text. This coded text is then sent to the intended recipient, who presumably has the appropriate key to decipher the text.

Encryption processes are implemented with mathematical algorithms that convert the original message into a coded or ciphered text based upon the key that is used. In a well designed system, the algorithm, or mathematical basis for the encryption, may be public and have no impact on the secrecy of the messages. The security of the encryption depends only on the secrecy of the key. Good systems are hard to design and are difficult to verify because of their mathematical complexity; good design requires an open process of design and review.

In a well designed encryption system, there should be no way for a stranger to decrypt a message except by trying all possible encryption keys; any shortcut that is found to exist is considered to be a serious weakness. The present encryption standard, DES, has 56 bit keys, and there are therefore 72,057,594,037,927,936 possible keys. It has become fairly easy to crack this code by brute forceÑ i.e. by trying all possible keys. Because of this, DES is being decertified in 1998, and the administration wishes Clipper to become the new standard. The Clipper encryption algorithm, called Skipjack, uses 80 bits, resulting 16 million times as many keys. It is unclear how long a lifetime will result from such a modest increase in key size.

The essence of Clipper is the Escrowed Encryption Standard (EES). This combines the Skipjack algorithm and an escrow system which is cast into an integrated circuit called Clipper, to encrypt digitized communications. The key escrow system involves dividing up the decryption key into two parts and giving one half to two different government agencies. Currently, the government agencies receiving the keys are NIST and the Treasury department. This is supposed to ensure that the keys can only be obtained with proper court authorization.

WHAT'S THE PROBLEM?

There are many concerns raised about Skipjack. The NSA developed the algorithm in secret and demands that it must be kept secret. This suggests to encryption experts the possibility of a severe weakness in the algorithm. Perhaps it can be easily cracked without the keys. DES, a previous NIST designed encryption system, suffered from the same lack of confidence after the algorithm was modified from IBM's original Lucifer. It was only in the last two years that it has been found that the algorithm was actually improved.

There are also important technical and structural problems with Clipper and EES. The key escrow system takes an algorithm that is supposed to be robust enough to take hundreds of years of supercomputer time to crack and reduces this supposed protection to padlock level security; if one has friends at the two agencies who can be bribed, then one can tap any link for which they hold the keys. Additionally, the escrow system is constructed in such a way that once a key has been revealed for a Clipper chip, it is then known forever. And, the court order procedure does not include any verification that the chip to be defeated actually belongs to the individual cited in the wiretap order.

The Clipper chip implementation may also have some problems. Apparently, if the initial handshake and setup between chips is interfered with, the chips silently revert to an unencrypted mode of communication. Due to the classified nature of the design, problems of this sort are difficult to identify, and if identified are hard to verity. Again, the secrecy surrounding the development of Clipper has people worried that a back door or secret access method may exist. Also, all chips use the same key worldwide to encode the initial handshake; as soon as it becomes known, various weaknesses are exposed, such as the ability to easily track digital cellular phones, even for those who cannot read the messages. It is also possible to wiretap and record conversations and then decrypt them later when a wiretap court order is obtained, violating the time limit on the court order.

Currently, the government says that it won't stop people from using their own encryption systems. Clipper will be a very expensive effort to install. Is the government hoping that criminals will be smart enough to use cryptography to hide their illegal activity but dumb enough to use the government designed system without including a second, more secure layer of encryption? Are they hoping that good encryption does not become commonly available in normal consumer items, such as in facsimile machines? There are already inexpensive systems that are available like Viacrypt's Pretty Good Privacy (PGP).

AND THAT'S NOT ALL . . .

Clipper is a technical collision between the scientific capabilities of the 21st century and a medieval understanding of crime fighting and of science. I'm reminded of a cartoon depicting a Pentagon soldier guarding a computer against viruses by pointing his gun at a modem. Similarly, cryptographers point out that there is no security in algorithms that need to be secret, or in crippling a system and then trying to keep the Achilles heel in a vault; either of these can be compromised in minutes, regardless of the supposed mathematical integrity provided by cryptography.

Despite technical flaws, perhaps the biggest problems with Clipper are policy Issues:

¥ Clipper was developed by the NSA without a public review process. The public must be able to decide how much freedom to give up through open debate.

¥ The NSA is barred by a 1987 law from working on systems destined for public use.

¥ Clipper cripples privacy mechanisms in advance of due process. Historically, our system of government has prevented anticipatory interference in the design and deployment of telecommunications mechanisms without a demonstrable clear and present danger or evidence of wrongdoing.

¥ The government is allowed to bypass court orders in obtaining the escrowed keys if national security is involvedÑa frequently misused justification.

¥ The government won't discuss Important issuesÑwho will know the algorithm used to generate keys, or have access to keys without court order? A government response to criticism, published in the Federal Register (Vol 59 No. 27), was a mixture of denial. evasiveness, and promises for improvement.

¥ Clipper will be resented by the international community. Good encryption systems are available overseas and other countries will not want their banking system (for example) to be forced, in order to interface with our own, to use a compromised security system to which the U.S. holds the keys.

¥ The voters do not want Clipper. A brief email campaign produced 47,000 petitions against Clipper in a few weeks. This is a remarkable response.

¥ The administration has said that non-escrowed encryption is not a matter of right, suggesting that other systems may be outlawed later.

¥ Encryption systems need to be constantly reevaluated and tested, which is impossible if the plans are secret.

In addition to the above, Clipper is a government program with a not-so-secret agenda. The claim that only the government itself is required to use the system is undermined by the statement that Clipper is aimed at catching terrorists and organized crane. This implies that the government expects to succeed in pressuring society into widespread adoption of Clipper. Many people are tired of this form of deliberate misrepresentation and lack of forthrightness.

Attempting to deploy an expensive, compromised encryption system is likely to be a doomed experiment in economics, politics and law enforcement. Americans consistently show that they do not appreciate being manipulated by their own government. It is unfortunate that the agencies we have set up to protect us against criminals are so lacking in diplomacy and technical competence.

WHAT CAN I DO?

First, educate yourself. More detailed information about Clipper is available from CPSR.ORG by electronic mail and other means (see page 14). Second, write to your congressperson and indicate how you feel about Clipper and write to the administration as well. 47,000 signatures were recently turned over to the White House, but individual letters are relatively rare and are quite important.

[Previous Article] | [Table of Contents] | [ Next Article]

Computer Professionals for Social Responsibility
P.O. Box 717
Palo Alto, CA 94302-0717
Tel. (415) 322-3778 Fax (415) 322-3798
webmaster@cpsr.org