[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
ComputerWorld article on Clipper/Capstone
- To: [email protected]
- Subject: ComputerWorld article on Clipper/Capstone
- From: [email protected] (Paul Ferguson)
- Date: Mon, 07 Jun 93 21:23:40 EDT
- Organization: Sytex Communications, Inc
ComputerWorld
June 7, 1993
Vol. 27, No. 23
page 21
Fed officials pan ban of old encryption specs
by Gary H. Anthes
Gaithersburg, MD
Federal officials responsible for shaping information security
policy said last week that legislation mandating use of the
government's recently proposed encryption technology -- and
banning the use of older but popular techniques -- is neither
wise nor legal.
In April, the White House said it intended to establish as a
federal standard an approach to encryption called "key-escrow."
This method would require that the keys needed to unlock a coded
conversation be kept by government-approved agencies and
retrieved only for court-ordered wiretaps.
Dubbed "Clipper" for voice communications and "Capstone" for
data, the approach is intended to balance the conflicting
objectives of users -- who demand absolute security and privacy
-- and law enforcement agencies, which are looking for a legal
"backdoor" into coded criminal communications.
Protecting rights to privacy
But the idea has been challenged by civil libertarians who fear
abuses by a technologically empowered Big Brother, and by some
users, especially those such as banks that have made large
investments in cryptography based on the older Data Encryption
Standard (DES), which some fear could be banned by the
government.
Protesters so far include the Computer and Business Equipment
Manufacturers Association, Information Technology Association of
America, Computer Professionals for Social Responsibility,
Electronic Frontier Foundation, Business Software Alliance,
Software Publishers Association and Information Systems Security
Association.
Raymond Kammer, acting director of the National Institute of
Standards and Technology (NIST), acknowledged that a ban on
existing techniques would be considered. "But my personal opinion
is, I can't see doing anything that would take away any freedoms
we now enjoy," Kammer said.
"We tried to come up with a technique that would not require
legislation," said Clint Brooks, advisor to the director of the
National Security Agency, which developed and now strongly
supports the key-escrow approach.
Brooks predicted it would be years before criminal use of DES
would be wide-spread enough to present obstacles to law
enforcement agencies, which cannot crack DES codes. "Let's wait
and see if legislation is needed," he said.
While the majority of those attending a public hearing at the
NIST last week spoke out against the government's proposal, a few
strongly defended it saying criticisms are either misdirected or
deal with fixable flaws.
Donald Alvarez, national defense science and engineering graduate
fellow at Princeton University, outlined six ways that Clipper
could be breached but finished by saying, "I definitely believe
it is possible to address the needs of both [users and law
enforcers], even with the Clipper and Capstone chip sets."
8<---------- End of Article -------------
In a small, corner-page, footnote box on the same page --
"Keyed up
In a statement filed with the Computer System and Privacy
Advisory Board, Citicorp raised the following concerns about
Clipper:
o The private sector was not adequately consulted.
o The algorithm used in Clipper/Capstone is not compatible with
other commonly used encryption methods and will only cause
costly disruptions for businesses.
o The algorithm -- which is to be secret but will be examined by
a handful of government-chosen experts -- "will undergo
inadequate scrutiny and hurried review."
o The databases and access systems associated with Clipper may be
flawed and insecure."
Paul Ferguson | The future is now.
Network Integrator | History will tell the tale;
Centreville, Virginia USA | We must endure and struggle
[email protected] | to shape it.
Stop the Wiretap (Clipper/Capstone) Chip.