[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
more Clipper proponents on sci.crypt
Call me paranoid, but I think the NSA has decided that sci.crypt is now a good spot to level propaganda.
From: [email protected] (Bill Pugh)
Organization: U of Maryland, Dept. of Computer Science, Coll. Pk., MD 20742
>I don't like the Clipper, and don't think it will succeed. However, on the
>chance that we get stuck with it, we should figure out ways to solve many
>of the concerns people have raised.
>
>A lot of people have concerns about the key escrow system. There are
>good reasons to be worried about a system in which the government can
>get a court order to decode your communications. But an even greater
>concern to many people is how to make sure that key disclosure is limited
>to lawfully authorized cases.
The more I see statements like these, the more I suspect that the Clipper has a backdoor besides the key escrow systems. I think the whole escrow issue is a decoy to getting a widespread NSA standard in place. Also, keep in mind it could be the case that NSA builds different versions of the chips over time. How would we ever know?
From: [email protected] (Ross Anderson)
Organization: U of Cambridge Computer Lab, UK
>At Eurocrypt 93 a few weeks ago, the NSA's technical director said that the
>key escrow system was still `vaporware' and that they had no objection to
>interested parties getting involved in the design, to make sure that it was
>`whiter than white'.
>
>Here's my twopenceworth: you can in fact make an escrow system which will be
>goood enough to silence all or most of the reasonable objections, and here is
>how to do it.
>
>1. The International Problem.
>
>... if clipper is restricted to the US, it will lose a lot of its value.
>The bad guys such as the Mafia and the various terrorist groups will just
>buy their communications systems in Europe or the Far East. Indeed,
>respectable US corporations may end up buying their kit there as this is the
>only way in which they can get the same kind of scrambler phone in each of
>their offices.
This guy then goes on to propose a lot of bizarre international configurations of key escrow. Holy cow-- this guy is advocating *international* key escrow?
Good lord, cypherpunks, I wouldn't be surprised if Britain soon official endorses the Clipper. All our worst paranoia would be reality. Consider it: the NSA and GCHQ have been in active collaboration ever since WWII and especially in recent years. This is all documented by Bamford. What if Clipper is not just amenable to the NSA, but was also developed with British input?
>The big question of course is whether the Agency would be happy with an
>escrow system which really worked, on top of algorithms which were really
>hard to break and were implemented well. Perhaps the object of the current
>exercise is simply to sow fear, uncertainty and doubt, and thus postpone the
>uptake of crypto in the commercial sector,
I don't care if `the Agency' is happy or not. I think they would most definitely *not* be happy under such an arrangement and would use any significant Clipper entrenchment as torque to later ban alternative cryptographic schemes.
I'm growing desperately weary. I think the tidal wave is approaching.