Clipper: missing the point (was Re: CRYPTO: DoJ's new rules for access to Clipper keys)

[David Farber <farber () central cis upenn edu>]

From: jtara () crash cts com (Jon Tara)


In article <2j18dq$a77 () jaws cs hmc edu> ebrandt () jarthur cs hmc edu (Eli
Brandt) writes:
> From: ebrandt () jarthur cs hmc edu (Eli Brandt)
> Subject: Re: CRYPTO: DoJ's new rules for access to Clipper keys
> Date: 5 Feb 1994 23:00:10 GMT


> In article <strnlghtCKrKKF.31F () netcom com>, David Sternlight
> <david () sternlight com> wrote:
> > But that's exactly the way Clipper is designed. They need to show good cause
> > and a search warrant.


> `Clipper' is designed in no such way.  The technology requires no
> warrant from an eavesdropper.  The regulation surrounding the system
> is what requires a warrant (actually, "legal authorization").
> Regulations can change.


> Treated as a cryptosystem, `Clipper' lacks proper key management.
> It substitutes obscurity.  The security of the entire system hangs
> upon the behavior of the bureaucracies holding the keys, for as long
> as the system is in place.  Twenty-five years?  Twenty-five years is
> Germany 1918 to Germany 1943.  Twenty-five years is half the length
> of the Cold War.  It's a long time, geopolitically speaking.


Thank you! Most of the discussion I have read so far misses the point: the
mere EXISTENCE of a set of master keys is extremally dangerous: I will go so
far to suggest that it threatens not only individual privacy, but national
security.


Who is to say who will be in control 10, 20, 30, 50 years from now, and will
have "inherited" those keys? Who is to say that they will not somehow fall
into the wrong hands? Who is to say that a benevolent government today will
not be a corrupt one tommorow?


Here's another though, perhaps nullified by the end of the cold war: at least
the people living in the areas where the sets of keys will be kept can breathe
easier: one can be fairly certain that those areas will be erased from any
foreign nuclear targeting!


(I assume that the REAL spooks and secret military operations will not use the
system, but that there will still be a lot of confidential government stuff
encrypted with the system.)


_____________________________________________________________________
Jon Tara | Internet:   jtara () crash cts com  | Am I supposed to say
         | CompuServe: 76477,3422           | something clever here?