****************************************************************** ////////////// ////////////// ////////////// /// /// /// /////// /////// /////// /// /// /// ////////////// /// /// ****************************************************************** EFFector Online Volume 6 No. 1 9/17/1993 editors@eff.org A Publication of the Electronic Frontier Foundation ISSN 1062-9424 1098 lines -==--==--==-<>-==--==--==- In This Issue: Clipper Escrow Agents Chosen Barlow's "A Plain Text on Crypto Policy" Crypto Conference in Austin Virginians Against Censorship -==--==--==-<>-==--==--==- **************************** Clipper Escrow Agents Chosen **************************** In the next several days, the Administration will announce it has chosen at least one escrow agency and has developed procedures for accessing escrow keys pursuant to warrant. Here is an account of an Administration hill staff briefing on September 16, 1993, and the draft procedures for law enforcement, foreign intelligence, and state and local law enforcement wiretapping. We are looking for comments and analysis. Please circulate widely. Jerry Berman, EFF. ================== RE: Clipper Escrow Agent Briefing for Congressional Staff Yesterday, September 15, 1993, a briefing was held for congressional staff regarding the status of the Clipper project. The lead briefers for the Administration were Mark Richard, Deputy Assistant Attorney General, Criminal Division, DOJ; Jim Kallstrom, FBI; Geoff Greiveldinger, Special Counsel, Narcotic and Dangerous Drug Section, DOJ; and John Podesta. Also present were Mary Lawton, Counsel for Intelligence Policy and Review, DOJ; Mike Waguespack, NSC; and Dwight Price, National District Attorneys Association. The Administration has tentatively settled on NIST and a yet to be determined non-law enforcement component of the Department of the Treasury as the "escrow agents." The Administration will finalize the choices in the next few days, according to John Podesta. The Attorney General will make an announcement, in what form has not been determined, but it will probably not be a Federal Register notice. The Attorney General will announce that she has adopted, and the escrows have agreed to follow, the attached procedures. The system will work as follows: (1) A black box (actually a PC) in the possession of a law enforcement agency will be able to read the Law Enforcement Access Field in a Clipper encrypted data stream and extract the identification number specific to the Clipper chip being used by the intercept target. Cost of the black box yet undetermined. How many will be purchased by law enforcement yet undetermined, although if use of Clipper becomes common, the black boxes will be in great demand, by federal as well as state and local agencies. They will be available only to law enforcement, with yet to be specified controls on their sale. Each black box will have a unique identifier. (2) The law enforcement agency will fax the device ID number to each of the escrow agents, along with a certification that the agency has authority to conduct the intercept, the ID number of the intercepting agency's black box, and the time period for which the intercept is authorized (in the case of Title III's, up to thirty days, with extensions). (3) The escrow agents will transmit the key components by encrypted link directly into the black box of the requesting law enforcement agency. The key components will only work with that particular black box, and will only work for the stated duration of the intercept. If the intercept is extended, the law enforcement agency will have to send a new request to the escrow agents to extend the life of the key components. The escrow agents will maintain logs of the requests. Greiveldinger stressed that the system is "replete with recordation of the transactions that will occur." The escrow agents also have a responsibility for maintaining the integrity of the chip manufacturing process. In opening remarks describing the need for the Clipper escrow system, Kallstrom had stressed that the AT&T product posed a unique threat in terms of voice quality, affordability, portability and strength of the encryption. The Administration rejects the argument that voice encryption is readily available. The AT&T product, which isn't available yet, is unique, and competing products, the Administration argues, are yet further in the future. The next voice encryption product in the pipeline is Motorola's, and Motorola has expressed interest in using Clipper in its product. The Administration argued that the need for compatibility would drive a significant share of the market to Clipper or Capstone-based products. Escrow coverage will not be complete, but the bad guys are careless and are expected to use Clipper products. The key criterion used in selecting the escrow agents was whether the agency had experience in and an infrastructure for handling sensitive information. The Administration did not want to use a law enforcement or national security component, for credibility reasons. It did not want to use private entities based on concerns about longevity and not wanting security to be governed by the need to make a profit. The briefers admitted that the proposed system is not really an escrow. The agencies holding the key components will not have any duties or responsibilities to the Clipper users. The escrows' obligation will be to the government, and they will be liable to Clipper users only under the Bivens doctrine, where any failure must be shown to be wilful. Both John Podesta and Mark Richard stated that there is no plan on or over the horizon to outlaw non-escrowed encryption. John and Mark said that the international aspects of the escrow/encryption issue are the thorniest to deal with, and there are no answers yet. Clipper products would be exportable with a license, although other countries may try to keep them out. (Nobody asked questions about changes in the rules governing export of non-Clipper encryption.) Other nations would not participate in the escrow system, nor, presumably, would they be allowed to buy the black boxes. E.G., if the British intercepted an IRA communication that appeared to be encrypted with Clipper, and came to the FBI for help, the anticipated escrow system would not allow the FBI to get the key from the escrow agents. ==================PROPOSED PROCEDURES AUTHORIZATION PROCEDURES FOR RELEASE OF ENCRYPTION KEY COMPONENTS IN CONJUNCTION WITH INTERCEPTS PURSUANT TO TITLE III The following are the procedures for the release of escrowed key components in conjunction with lawfully authorized interception of communications encrypted with a key-escrow encryption method. These procedures cover all electronic surveillance conducted pursuant to Title III of the omnibus Crime Control and Safe Streets Act of 1968, as amended (Title III), Title 18, United States Code, Section 2510 et seq. 1) In each case there shall be a legal authorization for the interception of wire and/or electronic communications. 2) All electronic surveillance court orders under Title III shall contain provisions authorizing after-the-fact minimization, pursuant to 18 U.S.C. 2518(5), permitting the interception and retention of coded communications, including encrypted communications. 3) In the event that federal law enforcement agents discover during the course of any lawfully authorized interception that communications encrypted with a key escrow encryption method are being utilized, they may obtain a certification from the investigative agency conducting the investigation, or the Attorney General of the United States or designee thereof. Such certification shall (a) identify the law enforcement agency or other authority conducting the interception and the person providing the certification; (b) certify that necessary legal authorization has been obtained to conduct electronic surveillance regarding these communications; (c) specify the termination date of the period for which interception has been authorized; (d) identify by docket number or other suitable method of specification the source of the authorization; (e) certify that communications covered by that authorization are being encrypted with a key-escrow encryption method; (f) specify the identifier (ID) number of the key escrow encryption chip providing such encryption; and(g) specify the serial (ID) number of the key-escrow decryption device that will be used by the law enforcement agency or other authority for decryption of the intercepted communications. 4) The agency conducting the interception shall submit this certification to each of the designated key component escrow agents. If the certification has been provided by an investigative agency, as soon thereafter as practicable, an attorney associated with the United States Attorney's Office supervising the investigation shall provide each of the key component escrow agents with written confirmation of the certification. 5) Upon receiving the certification from the requesting investigative agency, each key component escrow agent shall release the necessary key component to the requesting agency. The key components shall be provided in a manner that assures they cannot be used other than in conjunction with the lawfully authorized electronic surveillance for which they were requested. 6) Each of the key component escrow agents shall retain a copy of the certification of the requesting agency, as well as the subsequent confirmation of the United States Attorney's office. In addition, the requesting agency shall retain a copy of the certification and provide copies to the following: (a) the United States Attorney's office supervising the investigation, and (b) the Department of Justice, Office of Enforcement operations . 7) Upon, or prior to, completion of the electronic surveillance phase of the investigation, the ability of the requesting agency to decrypt intercepted communications shall terminate, and the requesting agency may not retain the key components. These procedures do not create, and are not intended to create, any substantive rights for individuals intercepted through electronic surveillance, and noncompliance with these procedures shall not provide the basis for any motion to suppress or other objection to the introduction of electronic surveillance evidence lawfully acquired. AUTHORIZATION PROCEDURES FOR RELEASE OF ENCRYPTION KEY COMPONENTS IN CONJUNCTION WITH INTERCEPTS PURSUANT TO FISA The following are the procedures for the release of escrowed key components in conjunction with lawfully authorized interception of communications encrypted with a key-escrow encryption method. These procedures cover all electronic surveillance conducted pursuant to the Foreign Intelligence Surveillance Act (FISA), Pub. L. 9S-511, which appears at Title 50, U.S. Code, Section 1801 et seq. 1) In each case there shall be a legal authorization for the interception of wire and/or electronic communications. 2) In the event that federal authorities discover during the course of any lawfully authorized interception that communications encrypted with a key-escrow encryption method are being utilized, they may obtain a certification from an agency authorized to participate in the conduct of the interception, or from the Attorney General of the United States or designee thereof. Such certification shall (a) identify the agency participating in the conduct of the interception and the person providing the certification; (b) certify that necessary legal authorization has been obtained to conduct electronic surveillance regarding these communications; (c) specify the termination date of the period for which interception has been authorized; (d) identify by docket number or other suitable method of specification the source of the authorization; (e) certify that communications covered by that authorization are being encrypted with a key-escrow encryption method; (f) specify the identifier (ID) number of the key escrow encryption chip providing such encryption; and(g) specify the serial (ID) number of the key-escrow decryption device that will be used by the agency participating in the conduct of the interception for decryption of the intercepted communications. 4) This certification shall be submitted to each of the designated key component escrow agents. If the certification has been provided by an agency authorized to participate in the conduct of the interception, as soon thereafter as practicable, an attorney associated with the Department of Justice, office of Intelligence Policy and Review, shall provide each of the key component escrow agents with written confirmation of the certification. 5) Upon receiving the certification, each key component escrow agent shall release the necessary key component to the agency participating in the conduct of the interception. The key components shall be provided in a manner that assures they cannot be used other than in conjunction with the lawfully authorized electronic surveillance for which they were requested. 6) Each of the key component escrow agents shall retain a copy of the certification, as well as the subsequent written confirmation of the Department of Justice, Office of Intelligence Policy and Review. 7) Upon, or prior to, completion of the electronic surveillance phase of the investigation, the ability of the agency participating in the conduct of the interception to decrypt intercepted communications shall terminate, and such agency may not retain the key components. These procedures do not create, and are not intended to create, any substantive rights for individuals intercepted through electronic surveillance, and noncompliance with these procedures shall not provide the basis for any motion to suppress or other objection to the introduction of electronic surveillance evidence lawfully acquired. AUTHORIZATION PROCEDURES FOR RELEASE OF ENCRYPTION KEY COMPONENTS IN CONJUCTION WITH INTERCEPTS PURSUANT TO STATE STATUTES Key component escrow agents may only release escrowed key components to law enforcement or prosecutorial authorities for use in conjunction with lawfully authorized interception of communications encrypted with a key escrow encryption method. These procedures apply to the release of key components to State and local law enforcement or prosecutorial authorities for use in conjunction with interceptions conducted pursuant to relevant State statutes authorizing electronic surveillance, and Title III of the omnibus Crime Control and Safe Streets Act of 1968, as amended, Title 18, United States Code, Section 2510 et seq. 1) The State or local law enforcement or prosecutorial authority must be conducting an interception of wire and/or electronic communications pursuant to lawful authorization. 2) Requests for release of escrowed key components must be submitted to the key component escrow agents by the principal prosecuting attorney of the State, or of a political subdivision thereof, responsible for the lawfully authorized electronic surveillance. 3) The principal prosecuting attorney of such State or political subdivision of such State shall submit with the request for escrowed key components a certification that shall (a) identify the law enforcement agency or other authority conducting the interception and the prosecuting attorney responsible therefore; (b) certify that necessary legal authorization for interception has been obtained to conduct electronic surveillance regarding these communications; (c) specify the termination date of the period for which interception has been authorized (d) identify by docket number or other suitable method of specification the source of the authorization; (e) certify that communications covered by that authorization are being encrypted with a key-escrow encryption method; (f) specify the identifier (ID) number of the key escrow chip providing such encryption; and (g) specify the serial (ID) number of the key-escrow decryption device that will be used by the law enforcement agency or other authority for decryption the intercepted communications. 4) Such certification must be submitted by the principal prosecuting attorney of that State or political subdivision to each of the designated key component escrow agents. 5) Upon receiving the certification from the principal prosecuting attorney of the State or political subdivision, each key component escrow agent shall release the necessary key component to the intercepting State or local law enforcement agency or other authority. The key components shall be provided in a manner that assures they cannot be used other than in conjunction with the lawfully authorized electronic surveillance for which they were requested. 6) Each of the key component escrow agents shall retain a copy of the certification of the principal prosecuting attorney of the State or political subdivision. In addition, such prosecuting attorney shall provide a copy of the certification to the Department of Justice. 7) The U.S. Department of Justice may, to assure conformance with these procedures, make inquiry of the certifying prosecuting attorney regarding, inter alia, the genuineness of the certification and confirmation of the existence of lawful authorization to conduct the relevant electronic surveillance. The inquiry of the U.S. Department of Justice will not involve intrusion into matters that must, under relevant statute, be kept from public disclosure. 8) Upon, or prior to, completion of the electronic surveillance phase of the investigation, the ability of the intercepting law enforcement agency or other authority to decrypt intercepted communications shall terminate, and the intercepting law enforcement agency or other authority may not retain the key components. These procedures do not create, and are not intended to create, any substantive rights for individuals intercepted through electronic surveillance, and noncompliance with these procedures shall not provide the basis for any motion to suppress or other objection to the introduction of electronic surveillance evidence lawfully acquired. ***************************** A Plain Text on Crypto Policy ***************************** For the October, 1993 Electronic Frontier column in Communications of the ACM by John Perry Barlow The field of cryptography, for centuries accustomed to hermetic isolation within a culture as obscure as its own puzzles, is going public. People who thought algorithms were maybe something you needed to dig rap music are suddenly taking an active interest in the black arts of crypto. We have the FBI and NSA to thank for this. The FBI was first to arouse public concerns about the future of digital privacy with its injection of language year before last into a major Senate anti-crime bill (SB 266) which would have registered the congressional intent that all providers of digitized communications should provide law enforcement with analog access to voice and data transmissions of their subscribers. When this was quietly yanked in committee, they returned with a proposed bill called Digital Telephony. If passed, it would have essentially called a halt to most American progress in telecommunications until they could be assured of their continued ability to wiretap. Strange but true. They were never able to find anyone in Congress technologically backward enough to introduce this oddity for them, but they did elevate public awareness of the issues considerably. The National Security Agency, for all its (unknown but huge) budget, staff, and MIPS, has about as much real world political experience as the Order of Trappists and has demonstrated in its management of cryptology export policies the maddening counter-productivity that is the usual companion of inexperience. The joint bunglings of these two agencies were starting to infuriate a lot of people and institutions who are rarely troubled by Large Governmental Foolishness in the Service of Paranoia. Along with all the usual paranoids, of course. Then from the NSA's caverns in Fort Meade, Maryland there slouched a chip called Clipper. For those of you who just tuned in (or who tuned out early), the Clipper Chip...now called Skipjack owing to a trademark conflict...is a hardware encryption device that NSA designed under Reagan-Bush. In April it was unveiled by the Clinton Administration and proposed for both governmental and public use. Installed in phones or other telecommunications tools, it would turn any conversation into gibberish for all but the speaker and his intended listener, using a secret military algorithm. Clipper/Skipjack is unique, and controversial, in that it also allows the agents of government to listen under certain circumstances. Each chip contains a key that is split into two parts immediately following manufacture. Each half is then placed in the custody of some trusted institution or "escrow agent." If, at some subsequent time, some government agency desires to legally listen in on the owner of the communications device in which the chip has been placed, it would present evidence of "lawful authority" to the escrow holders. They will reveal the key pairs, the agency will join them, and begin listening to the subject's unencrypted conversations. (Apparently there are other agencies besides law enforcement who can legally listen to electronic communications. The government has evaded questions about exactly who will have access to these keys, or for that matter, what, besides an judicial warrant, constitutes the "lawful authority" to which they continually refer.) Clipper/Skipjack was not well received. The blizzard of anguished ASCII it summoned forth on the Net has been so endlessly voluble and so painstaking in its "How-many-Cray-Years-can-dance-on-the-head-of-a-Clipper-Chip" technical detail that I would guess all but the real cypherpunks are by now data-shocked into listlessness and confusion. Indeed, I suspect that even many readers of this publication...a group with prodigious capacity for assimilating the arid and obscure...are starting to long for the days when their knowledge of cryptography and the public policies surrounding it was limited enough to be coherent. So I almost hesitate to bring the subject up. Yet somewhere amid this racket, decisions are being made that will profoundly affect your future ability to communicate without fear. Those who would sacrifice your liberty for their illusions of public safety are being afforded some refuge by the very din of opposition. In the hope of restoring both light and heat to the debate, I'm going to summarize previous episodes, state a few conclusions I've drawn about the current techno-political terrain, and recommend positions you might When I first heard about Clipper/Skipjack, I thought it might not be such a bad idea. This false conclusion was partly due to the reality distorting character of the location...I was about fifty feet away from the Oval Office at the time...but it also seemed like one plausible approach to what may be the bright future of crime in the Virtual Age. I mean, I can see what the Guardian Class is worried about. The greater part of business is already being transacted in Cyberspace. Most of the money is there. At the moment, however, most of the monetary bits in there are being accounted for. Accounting is digital, but cash is not. It is imaginable that, with the widespread use of digital cash and encrypted monetary exchange on the Global Net, economies the size of America's could appear as nothing but oceans of alphabet soup. Money laundering would no longer be necessary. The payment of taxes might become more or less voluntary. A lot of weird things would happen after that... I'm pretty comfortable with chaos, but this is not a future I greet without reservation. So, while I'm not entirely persuaded that we need to give up our future privacy to protect ourselves from drug dealers, terrorists, child molesters, and un-named military opponents (the Four Horsemen of Fear customarily invoked by our protectors), I can imagine bogeymen whose traffic I'd want visible to authority. Trouble is, the more one learns about Clipper/Skipjack, the less persuaded he is that it would do much to bring many actual Bad Guys under scrutiny. As proposed, it would be a voluntary standard, spread mainly by the market forces that would arise after the government bought a few tons of these chips for their own "sensitive but unclassified" communications systems. No one would be driven to use it by anything but convenience. In fact, no one with any brains would use it if he were trying to get away with anything. In fact, the man who claims to have designed Clipper's basic specs, Acting NIST Director Ray Kammer, recently said, "It's obvious that anyone who uses Clipper for the conduct of organized crime is dumb." No kidding. At least so long as it's voluntary. Under sober review, there mounted an incredibly long list of reasons to think Clipper/Skipjack might not be a fully-baked idea. In May, after a month of study, the Digital Privacy and Security Working Group, a coalition of some 40 companies and organizations chaired by the Electronic Frontier Foundation (EFF), sent the White House 118 extremely tough questions regarding Clipper, any five of which should have been sufficient to put the kibosh on it. The members of this group were not a bunch of hysterics. It includes DEC, Hewlett-Packard, IBM, Sun, MCI, Microsoft, Apple, and AT&T (which was also, interestingly enough, the first company to commit to putting Clipper/Skipjack in its own products). Among the more troubling of their questions: o Who would the escrow agents be? o What are Clipper's likely economic impacts, especially in regard to export of American digital products? o Why is its encryption algorithm secret and why should the public have confidence in a government-derived algorithm that can't be privately tested? o Why is Clipper/Skipjack being ram-rodded into adoption as a government standard before completion of an over-all review of U.S. policies on cryptography? o Why are the NSA, FBI, and NIST stone-walling Freedom of Information inquiries about Clipper/Skipjack? (In fact, NSA's response has been, essentially, "So? Sue us.") o Assuming Clipper/Skipjack becomes a standard, what happens if the escrow depositories are compromised? o Wouldn't these depositories also become targets of opportunity for any criminal or terrorist organization that wanted to disrupt US. law enforcement? o Since the chip transmits its serial number at the beginning of each connection, why wouldn't it render its owner's activities highly visible through traffic analysis (for which government needs no warrant)? o Why would a foreign customer buy a device that exposed his conversations to examination by the government of the United States? o Does the deployment and use of the chip possibly violate the 1st, 4th, and 5th Amendments to the U.S. Constitution? o In its discussions of Clipper/Skipjack, the government often uses the phrase "lawfully authorized electronic surveillance." What, exactly, do they mean by this? o Is it appropriate to insert classified technology into either the public communications network or into the general suite of public technology standards? And so on and so forth. As I say, it was a very long list. On July 29, John D. Podesta, Assistant to the President and White House Staff Secretary (and, interestingly enough, a former legal consultant to EFF and Co-Chair of the Digital Privacy Working Group), responded to these questions. He actually answered few of them. Still un-named, undescribed, and increasingly unimaginable were the escrow agents. Questions about the inviolability of the depositories were met with something like, "Don't worry, they'll be secure. Trust us." There seemed a lot of that in Podesta's responses. While the government had convened a panel of learned cryptologists to examine the classified Skipjack algorithm, it had failed to inspire much confidence among the crypto establishment, most of whom were still disinclined to trust anything they couldn't whack at themselves. At the least, most people felt a proper examination would take longer than the month or so the panel got. After all, it took fifteen years to find a hairline fissure in DES . But neither Podesta nor any other official explained why it had seemed necessary to use a classified military algorithm for civilian purposes. Nor were the potential economic impacts addressed. Nor were the concerns about traffic analysis laid to rest. But as Thomas Pynchon once wrote, "If they can get you asking the wrong questions, they don't have to worry about the answers." Neither asked nor answered in all of this was the one question that kept coming back to me: Was this trip really necessary? For all the debate over the details, few on either side seemed to be approaching the matter from first principles. Were the enshrined threats...drug dealers, terrorists, child molesters, and foreign enemies...sufficiently and presently imperiling to justify fundamentally compromising all future transmitted privacy? I mean...speaking personally now...it seems to me that America's greatest health risks derive from the drugs that are legal, a position the statistics overwhelmingly support. And then there's terrorism, to which we lost a total of two Americans in 1992, even with the World Trade Center bombing, only 6 in 1993. I honestly can't imagine an organized ring of child molesters, but I suppose one or two might be out there. And the last time we got into a shooting match with another nation, we beat them by a kill ratio of about 2300 to 1. Even if these are real threats, was enhanced wire-tap the best way to combat them? Apparently, it hasn't been in the past. Over the last ten years the average total nation-wide number of admissible state and federal wire-taps has numbered less than 800. Wire-tap is not at present a major enforcement tool, and is far less efficient than the informants, witnesses, physical evidence, and good old fashioned detective work they usually rely on. (It's worth noting that the World Trade Center bombing case unraveled, not through wire-taps, but with the discovery of the axle serial number on the van which held the explosives.) Despite all these questions, both unasked and unanswered, Clipper continues (at the time of this writing) to sail briskly toward standardhood, the full wind of government bearing her along. On July 30, NIST issued a request for public comments on its proposal to establish Clipper/Skipjack as a Federal Information Processing Standard (FIPS). All comments are due by September 28, and the government seems unwilling to delay the process despite the lack of an overall guiding policy on crypto. Worse, they are putting a hard sell on Clipper/Skipjack without a clue as to who might be escrow holders upon whose political acceptability the entire scheme hinges. Nor have they addressed the central question: why would a criminal use a key escrow device unless he were either very stupid...in which case he'd be easily caught anyway...or simply had no choice. All this leads me to an uncharacteristically paranoid conclusion: The Government May Mandate Key Escrow Encryption and Outlaw Other Forms. It is increasingly hard for me to imagine any other purpose for the Clipper/Skipjack operetta if not to prepare the way for the restriction of all private cryptographic uses to a key escrow system. If I were going to move the American people into a condition where they might accept restrictions on their encryption, I would first engineer the wide-spread deployment of a key escrow system on a voluntary basis, wait for some blind sheik to slip a bomb plot around it and then say, "Sorry, folks this ain't enough, it's got to be universal." Otherwise, why bother? Even its most ardent proponents admit that no intelligent criminal would trust his communications to a key escrow device. On the other hand, if nearly all encrypted traffic were Skipjack-flavored, any transmission encoded by some other algorithm would stick out like a licorice Dot. In fact, the assumption that Cyberspace will roar one day with Skipjack babble lies behind the stated reason for the secrecy for the algorithm. In their Interim Report, the Skipjack review panel puts it this way: Disclosure of the algorithm would permit the construction of devices that fail to properly implement the LEAF [or Law Enforcement Access Field], while still interoperating with legitimate SKIPJACK devices. Such devices would provide high quality cryptographic security without preserving the law enforcement access capability that distinguishes this cryptographic initiative. In other words, they don't want devices or software out there that might use the Skipjack algorithm without depositing a key with the escrow holders. (By the way, this claim is open to question. Publishing Skipjack would not necessarily endow anyone with the ability to build an interoperable chip.) Then there was the conversation I had with a highly-placed official of the National Security Council in which he mused that the French had, after all, outlawed the private use of cryptography, so it weren't as though it couldn't be done. (He didn't suggest that we should also emulate France's policy of conducting espionage on other countries' industries, though wide-spread international use of Clipper/Skipjack would certainly enhance our ability to do so.) Be that as it may, France doesn't have a Bill of Rights to violate, which it seems to me that restriction of cryptography in America would do on several counts. Mandated encryption standards would fly against the First Amendment, which surely protects the manner of our speech as clearly as it protects the content. Whole languages (most of them patois) have arisen on this planet for the purpose of making the speaker unintelligible to authority. I know of no instance where, even in the oppressive colonies where such languages were formed, that the slave-owners banned their use. Furthermore, the encryption software itself is written expression, upon which no ban may be constitutionally imposed. (What, you might ask then, about the constitutionality of restrictions on algorithm export. I'd say they're being allowed only because no one ever got around to testing from that angle.) The First Amendment also protects freedom of association. On several different occasions, most notably NAACP v. Alabama ex rel. Patterson and Talley vs. California, the courts have ruled that requiring the disclosure of either an organization's membership or the identity of an individual could lead to reprisals, thereby suppressing both association and speech. Certainly in a place like Cyberspace where everyone is so generally "visible," no truly private "assembly" can take place without some technical means of hiding the participants. It also looks to me as if the forced imposition of a key escrow system might violate the Fourth and Fifth Amendments. The Fourth Amendment prohibits secret searches. Even with a warrant, agents of the government must announce themselves before entering and may not seize property without informing the owner. Wire-taps inhabit a gray-ish area of the law in that they permit the secret "seizure" of an actual conversation by those actively eavesdropping on it. The law does not permit the subsequent secret seizure of a record of that conversation. Given the nature of electronic communications, an encryption key opens not only the phone line but the filing cabinet. Finally, the Fifth Amendment protects individuals from being forced to reveal self-incriminating evidence. While no court has ever ruled on the matter vis a vis encryption keys, there seems something involuntarily self-incriminating about being forced to give up your secrets in advance. Which is, essentially, what mandatory key escrow would require you to do. For all these protections, I keep thinking it would be nice to have a constitution like the one just adopted by our largest possible enemy, Russia. As I understand it, this document explicitly forbids governmental restrictions on the use of cryptography. For the moment, we have to take our comfort in the fact that our government...or at least the parts of it that state their intentions...avows both publicly and privately that it has no intention to impose key escrow cryptography as a mandatory standard. It would be, to use Podesta's mild word, "imprudent." But it's not Podesta or anyone else in the current White House who worries me. Despite their claims to the contrary, I'm not convinced they like Clipper any better than I do. In fact, one of them...not Podesta...called Clipper "our Bay of Pigs," referring to the ill-fated Cuban invasion cooked up by the CIA under Eisenhower and executed (badly) by a reluctant Kennedy Administration. The comparison may not be invidious. It's the people I can't see who worry me. These are the people who actually developed Clipper/Skipjack and its classified algorithm, the people who, through export controls, have kept American cryptography largely to themselves, the people who are establishing in secret what the public can or cannot employ to protect its own secrets. They are invisible and silent to all the citizens they purportedly serve save those who sit the Congressional intelligence committees. In secret, they are making for us what may be the most important choice that has ever faced American democracy, that is, whether our descendants will lead their private lives with unprecedented mobility and safety from coercion, or whether every move they make, geographic, economic, or amorous, will be visible to anyone who possesses whatever may then constitute "lawful authority." Who Are the Lawful Authorities? Over a year ago, when I first fell down the rabbit hole into Cryptoland, I wrote a Communications column called Decrypting the Puzzle Palace. In it, I advanced what I then thought a slightly paranoid thesis, suggesting that the NSA-guided embargoes on robust encryption software had been driven not by their stated justification (keeping good cryptography out of the possession of foreign military adversaries) but rather restricting its use by domestic civilians. In the course of writing that piece, I spoke to a number of officials, including former CIA Director Stansfield Turner and former NSA Director Bobby Ray Inman, who assured me that using a military organization to shape domestic policy would be "injudicious" (as Turner put it), but no one could think of any law or regulation that might specifically prohibit the NSA from serving the goals of the Department of Justice. But since then I've learned a lot about the hazy Post-Reagan/Bush lines between law enforcement and intelligence. They started redrawing the map of authority early in their administration with Executive Order 12333, issued on December 4, 1981. (Federal Register #: 46 FR 59941) This sweeping decree defines the duties and limitations of the various intelligence organizations of the United States and contains the following language: 1.4 The Intelligence Community. The agencies within the Intelligence Community shall...conduct intelligence activities necessary for the... protection of the national security of the United States, including: ... (c) Collection of information concerning, and the conduct of activities to protect against, intelligence activities directed against the United States, international terrorist and international narcotics activities, and other hostile activities directed against the United States by foreign powers, organizations, persons, and their agents; (Italics Added) Further, in Section 2.6, Assistance to Law Enforcement Authorities, agencies within the Intelligence Community are authorized to...participate in law enforcement activities to investigate or prevent clandestine intelligence activities by foreign powers, or international terrorist or narcotics activities. In other words, the intelligence community was specifically charged with investigative responsibility for international criminal activities in the areas of drugs and terrorism. Furthermore, within certain fairly loose guidelines, intelligence organizations are "authorized to collect, retain or disseminate information concerning United States persons" that may include "incidentally obtained information that may indicate involvement in activities that may violate federal, state, local or foreign laws." Given that the NSA monitors a significant portion of all the electronic communications between the United States and other countries, the opportunities for "incidentally obtaining" information that might incriminate Americans inside America are great. Furthermore, over the course of the Reagan/Bush administration, the job of fighting the War on Some Drugs gradually spread to every element of the Executive Branch. Even the Department of Energy is now involved. At an Intelligence Community conference last winter I heard a proud speech from a DOE official in which he talked about how some of the bomb-designing supercomputers at Los Alamos had been turned to the peaceful purpose of sifting through huge piles of openly available data...newspapers, courthouse records, etc....in search of patterns that would expose drug users and traffickers. They are selling their results to a variety of "lawful authorities," ranging from the Southern Command of the U.S. Army to the Panamanian Defense Forces to various County Sheriff's Departments. "Fine," you might say, "Drug use is a epidemic that merits any cure." But I would be surprised if there's anyone who will read this sentence who has broken no laws whatever. And it's anybody's guess what evidence of other unlawful activities might be "incidentally obtained" by such a wide net as DOE is flinging. The central focus that drugs and terrorism have assumed within the intelligence agencies was underscored for me by a recent tour of the central operations room at the CIA. There, in the nerve center of American intelligence, were desks for Asia, Europe, North America, Africa and "Middle East/Terrorism," and "South America/Narcotics." These bogeymen are now the size of continents on the governmental map of peril. Given this perception of its duties, the NSA's strict opposition to the export of strong cryptographic engines, hard or soft, starts to make more sense. They are not, as I'd feared, so clue-impaired as to think their embargoes are denying any other nation access to good cryptography. (According to an internal Department of Defense analysis of crypto policy, it recently took 3 minutes and 14 seconds to locate a source code version of DES on the Internet.) Nor do they really believe these policies are enhancing national security in the traditional, military sense of the word, where the U.S. is, in any case, already absurdly over-matched to any national adversary, as was proven during the Gulf War. It's the enemies they can't bomb who have them worried, and they are certainly correct in thinking that the communications of drug traffickers and whatever few terrorists as may actually exist are more open to their perusal than would be the case in a world where even your grandmother's phone conversations were encrypted. And Clipper or no Clipper, such a world would be closer at hand if manufacturers hadn't known than any device that embodies good encryption would not be fit for export. But with Clipper/Skipjack, there is a lot that the combined forces of government will be able to do to monitor all aspects of your behavior without getting a warrant. Between the monitoring capacities of the NSA, the great data-sieves of the Department of Energy, and the fact that, in use, each chip would continually broadcast the whereabouts of its owner, the government would soon be able to isolate just about every perpetrator among us. I assume you're neither a drug-user nor a terrorist, but are you ready for this? Is your nose that clean? Can it be prudent to give the government this kind of corrupting power? I don't think so, but this is what will happen if we continue to allow the secret elements of government to shape domestic policy as though the only American goals that mattered were stopping terrorism (which seems pretty well stopped already) and winning the War on Some Drugs (which no amount of force will ever completely win). Unfortunately, we are not able to discuss priorities with the people who are setting them, nor do they seem particularly amenable to any form of authority. In a recent discussion with a White House official, I asked for his help in getting the NSA to come out of its bunker and engage in direct and open discussions about crypto embargoes, key escrow, the Skipjack algorithm, and the other matters of public interest. "I'll see what we can do," he said. "But you guys are the government," I protested. "Surely they'll do as you tell them." "I'll see what we can do," he repeated, offering little optimism. That was months ago. In the meantime, the NSA has not only remained utterly unforthcoming in public discussions of crypto policy, they have unlawfully refused to comply with any Freedom of Information Act requests for documents in this area. It is time for the public to reassert control over their own government. It is time to demand that public policy be made in public by officials with names, faces, and personal accountability. When and if we are able to actually discuss crypto policy with the people who are setting it, I have a list of objectives that I hope many of you will share. There are as follows: 1. There should no law restricting any use of cryptography by private citizens. 2. There should be no restriction on the export of cryptographic algorithms or any other instruments of cryptography. 3. Secret agencies should not be allowed to drive public policies. 4. The taxpayer's investment in encryption technology and related mathematical research should be made available for public and scientific use. 5. The government should encourage the deployment of wide-spread encryption. 6. While key escrow systems may have purposes, none should be implemented that places the keys in the hands of government. 7. Any encryption standard to be implemented by the government should developed in an open and public fashion and should not employ a secret algorithm. And last, or perhaps, first... 8. There should be no broadening of governmental access to private communications and records unless there is a public consensus that the risks to safety outweigh the risks to liberty and will be effectively addressed by these means. If you support these principles, or even if you don't, I hope you will participate in making this a public process. And there are a number of actions you can take in that regard. The National Institute of Standards and Technology (NIST) has issued a request for public comments on its proposal to establish the "Skipjack" key-escrow system as a Federal Information Processing Standard. You've got until September 28 to tell them what you think of that. Comments on the NIST proposal should be sent to: Director, Computer Systems Laboratory ATTN: Proposed FIPS for Escrowed Encryption Standard Technology Building, Room B-154 National Institute of Standards and Technology Gaithersburg, MD 20899 If you belong to or work for an organization, you can encourage that organization to join the Digital Privacy Working Group. To do so they should contact EFF's Washington office at: Electronic Frontier Foundation 1001 G Street, NW Suite 950 East Washington, DC 20001 202/347-5400 Fax 202/393-5509 eff@eff.org I also encourage individuals interested in these issues to either join EFF, Computer Professionals for Social Responsibility, or one of the related local organizations which have sprung up around the country. For the addresses of a group in your area, contact EFF. New York City, New York Monday, September 6, 1993 *************************** Crypto Conference in Austin *************************** EFF / EFF-Austin Cryptography Conference September 22, 1993 - Ramada Inn North, Austin 9220 N. IH-35 at Rundberg Introductory Remarks: 1 to 1:30 p.m. Steve Jackson - Welcome. Bruce Sterling - Keynote Address. Panel #1: 1:45 to 3:00. POLICY. Mitch Kapor Jerry Berman Dave Farber Panel #2: 3:15 to 4:30. LAW ENFORCEMENT. Esther Dyson Mike Godwin FBI Representative (invited but not confirmed) (Possibly others tba) Panel #3: 4:45 to 6:00. CYPHERPUNKS. John Perry Barlow Eric Hughes John Gilmore (Possibly others tba) Dinner Break: 6 to 8 p.m. Everyone is on their own. The hotel restaurant will offer a buffet, or you can order from the menu, or there is other good dining nearby. Reception: 8-10 p.m. - cash bar, everyone is invited. ***************************** Virginians Against Censorship ***************************** P.O. BOX 64608 - VIRGINIA BEACH, VA 23467 (804) 499-3303 In a revolution as significant as that of the printing press, computers are changing the way we communicate and store knowledge. Gutenberg's invention led to our Constitutional protection of Freedom of the Press. Will this protection be extended to speech in the form of electrons? In order to give citizens an opportunity to examine the issues, Virginians Against Censorship will hold a free informational program, The First Amendment in Cyberspace, on Thursday, September 30, 1993, at 7:00pm in meeting room B of the Virginia Beach Central Library, 4100 Virginia Beach Blvd. Everyone is invited to hear Shari Steele, Director of Legal Services for the Electronic Frontier Foundation describe threats to civil liberties in cyberspace: seizure of a publishing company's computers because an employee was suspected of hacking; seizure and erasure of email messages from and to people who were suspected of nothing at all; arrest and trial of a teenage electronic magazine publisher because information in an article had originally been hacked; refusal of the government to permit development of encryption software that would allow individual citizens to protect their privacy. Law enforcement excesses don't mean there's no need for law on the electronic frontier, but that law must be created and monitored by informed citizens. To register for this program, call 804/431-3071 between 9:00am and 5:00pm. For more information, call Carolyn Caywood at 804/460-7518. Internet: ccaywood@wyvern.wyvern.com ============================================================= EFFector Online is published biweekly by: Electronic Frontier Foundation 1001 G Street, N.W., Suite 950 East Washington, DC 20001 USA Phone: +1 202 347 5400 FAX: +1 202 393 5509 Internet Address: eff@eff.org Coordination, production and shipping by Shari Steele, Director of Legal Services & Community Outreach (ssteele@eff.org) Reproduction of this publication in electronic media is encouraged. Signed articles do not necessarily represent the view of the EFF. To reproduce signed articles individually, please contact the authors for their express permission. *This newsletter is printed on 100% recycled electrons.* ============================================================= MEMBERSHIP IN THE ELECTRONIC FRONTIER FOUNDATION In order to continue the work already begun and to expand our efforts and activities into other realms of the electronic frontier, we need the financial support of individuals and organizations. If you support our goals and our work, you can show that support by becoming a member now. Members receive our bi-weekly electronic newsletter, EFFector Online (if you have an electronic address that can be reached through the Net), and special releases and other notices on our activities. But because we believe that support should be freely given, you can receive these things even if you do not elect to become a member. Your membership/donation is fully tax deductible. Our memberships are $20.00 per year for students and $40.00 per year for regular members. You may, of course, donate more if you wish. ============================================================= Mail to: Membership Coordinator Electronic Frontier Foundation 1001 G Street, N.W. Suite 950 East Washington, DC 20001 USA Membership rates: $20.00 (student or low income membership) $40.00 (regular membership) [ ] I wish to become a member of the EFF. I enclose: $_______ [ ] I wish to renew my membership in the EFF. I enclose: $_______ [ ] I enclose an additional donation of $_______ Name: Organization: Address: City or Town: State: Zip: Phone: ( ) (optional) FAX: ( ) (optional) E-mail address: I enclose a check [ ]. Please charge my membership in the amount of $ to my Mastercard [ ] Visa [ ] American Express [ ] Number: Expiration date: Signature: ______________________________________________ Date: I hereby grant permission to the EFF to share my name with other nonprofit groups from time to time as it deems appropriate. Initials:______________________ Downloaded From P-80 International Information Systems 304-744-2253