Interesting People mailing list archives
Computerworld Editorial (31 May 93)
From: Bruce Schneier <schneier () chinet com>
Date: Wed, 30 Jun 1993 11:43:54 -0500 (CDT)
Bruce Schneier 730 Fair Oaks Ave Oak Park, IL 60302 (708) 524-9461 550 words CLIPPER - PERSONAL OPINION In April, the Clinton administration, in cleaning up old business left over from the Bush administration, introduced a new cryptography initiative that ensures government the ability to conduct electronic surveillance. The first fruit of this initiative is CLIPPER, designed to secure telecommunications. CLIPPER is an NSA-designed, tamper-resistant VLSI chip which uses a classified encryption algorithm. Each chip has a special key, not needed for messages, used only to encrypt a copy of each user's message key. Anyone knowing the special key can decrypt wiretapped communications protected with this chip. The claim is that only the government will know this key and will use it only if and when authorized by a court. The encryption algorithm in CLIPPER is classified. This is wrong. NSA's refusal to allow public scrutiny of the algorithm gives ammunition to those who believe that there is a secret "back door," to the algorithm, allowing the NSA to decrypt messages at will. The only way to assuage these fears is to allow academic cryptographers world-wide to examine the algorithm and publish their findings. CLIPPER is a hardware device. This forces manufacturers to redesign their hardware to accommodate the chip. DSP chips and digital designs are becoming more and more a part of telecommunications; why spend the extra money, weight, and power for another chip? Finally, CLIPPER is based on the Orwellian assumption that the government has a right to listen to private communications. It promotes the power of government over the power of the individual. It represents a fundamental shift in government policy, from a passive role of listening to an active role of regulating new technologies. Why is the government now claiming that there is something wrong with a private citizen trying to keep a secret from the government? This is not simply a little proposal of the government in some obscure area; it is a preemptive and unilateral attempt to usurp powers that previously belonged to the people. As long as CLIPPER is optional, people who desire real privacy (both honest citizens and criminals) will use other encryption methods. Since these methods will be secure from wiretapping, I expect the federal government to introduce legislation banning non-escrowed encryption, and to reintroduce legislation forcing telephone-switch manufacturers to add circuitry to allow wiretapping. The Administration is mandating a solution before allowing public discussion of the problem. Is the ability to conduct wiretaps more important than the need for personal privacy? How effective are wiretaps in law enforcement? Why would any intelligent criminal use flawed encryption such as CLIPPER? It is premature for the Administration to propose standards before we, as a people, have time to debate the issues. CLIPPER does not protect privacy; it forces individuals to unconditionally trust that the government will respect our privacy. It assumes that the government is the good guy and private citizens are all bad guys. The same law enforcement authorities that illegally tapped Martin Luther King Jr.'s phones can easily tap a phone protected with CLIPPER. During the past five years, local police authorities have been either charged criminally or sued civilly in numerous jurisdictions--including Maryland, Connecticut, Vermont, Georgia, Missouri, and Nevada-- for conducting illegal wiretaps. It is a poor idea to deploy technologies that could someday facilitate a police state. ------- End of Forwarded Message
Current thread:
- Computerworld Editorial (31 May 93) Bruce Schneier (Jun 30)