The right to be secure (fwd Computerworld article)

[fergp@sytex.com (Paul Ferguson)]

ComputerWorld
Volume 27, Number 28
July 12, 1993
page 28
Advanced Technology
 
The right to be secure
 
Government-backed data security standard raises Big Brother issues
By James Daly
 
Two months ago, the Clinton administration dropped a bomb on the
world of computer security.
 
In an effort to assist law enforcement officers looking for a
legal back door into coded criminal communications, officials
from the National Institute of Standards and Technology (NIST)
and the National Security Agency (NSA) said they intend to
establish as a federal standard an approach to voice and data
encryption called "key escrow." This method would require the
technology needed to unlock a coded conversation to be kept by
government-approved agencies and retrieved in the event of
government-approved wiretaps.
 
Data encryption would be done in silicon via a device called the
"Clipper chip," which would be installed in machines needing its
coding and decoding capabilities.
 
To put it mildly, the Clipper chip proposal has generated a lot
of excitement among privacy advocates who fear abuses by a
technologically empowered Big Brother.
 
Computerworld recently tried to talk with officials from both the
NIST and the NSA to further explore the Clipper issue, but
neither allowed a face-to-face interview with a staff member.
Instead, we had to submit written questions.
 
Here are the answers provided by officials from the NIST and the
NSA.
 
Q. The proposed Clipper chip technology has generated an awful
   lot of acrimony since it was announced in April. Has the
   government lessened its level of commitment to the chip?
 
A. The administration remains committed too the initiative and is
   proceeding with the following actions: the acquisition of key
   escrow encryption devices by law enforcement agencies; the
   naming of key escrow agents to hold the keys for the key
   escrow microcircuits and the establishment of procedures by
   the attorney general for the access of the keys; the
   evaluation of the key escrow encryption algorithm by respected
   experts; the promulgation of a standard by the secretary of
   commerce to facilitate the procurement and use of key escrow
   encryption devices in federal communications systems; and the
   comprehensive review of encryption policy.
 
   In addition, discussions with industry and other concerned
   groups have proved very productive. The administration does
   not intend to arbitrarily end its study of the issue while
   helpful consultations are under way.
 
   It should also be understood that the use of products
   implementing the key escrow encryption microcircuit is
   voluntary. There has been no attempt to either mandate its use
   or to deny the entry of other encryption technologies into the
   marketplace.
 
Q. Privacy advocates say that if the keys needed to de-crypt
   data are placed in the hands of government authorities, there
   is the potential for abuse. What kinds of safeguards would be
   implemented to prevent this?
 
A. The government may conduct electronic surveillance only when
   lawfully authorized. Moreover, the key escrow procedures being
   developed provide that each key will be split into two parts,
   and different key escrow authorities will hold each part.
   Neither part alone can be used to decrypt messages.
 
   To obtain the key needed to unlock the encryption, law
   enforcement must present evidence of its authority for a key,
   typically a court order, to both key escrow authorities.
   Finally, the system will be designed to ensure that law
   enforcement destroys the keys it receives when its authority
   to conduct the electronic surveillance has expired.
 
Q. Vendors who have extensive business overseas say they would
   not be able to sell Clipper-equipped machines on foreign
   shores. How do you respond?
 
A. Key-escrowed products will be exportable to U.S. persons and
   companies operating overseas. One issue under consideration in
   the presidential review is whether a broader export policy is
   advisable. Should a broader export policy be adopted, we
   believe products implementing the key escrow technology will
   find favor among consumers who desire the superb encryption
   security offered.
 
Q. If Clipper would be the standard, would the use of non-Clipper
   encryption devices be outlawed? If so, how would you find out
   who was using these non-Clipper devices?
 
A. No. Use of key-escrowed products by the private sector would
   be entirely voluntary. Federal agencies will have the option
   of using this technology once it becomes a Federal Information
   Processing Standard. DES [Data Encryption Standard], the
   existing federal encryption standard, will still be available
   for use in federal systems.
 
Q. Regarding DES, some security experts say that with powerful
   chips such as Pentium already on the market and the 686 and
   786 in design stages, DES is getting near to being crackable.
   Is DES nearing the end of its useful life?
 
A. NIST will recommend that DES be renewed for another five years
   as a Federal Information Processing Standard. We do recognize,
   however, that as computer technology advances, the expected
   effort needed to break DES-encrypted messages decreases. In
   time, DES will become less valuable for securing sensitive
   information.
 
Q. What eventually made DES and other cryptosystems acceptable was
   their ease of use in software. Do you feel companies will be
   willing to go back to the hassle and additional expenses of
   hardware-based cryptography?
 
A. Again, we must emphasize that use of this technology is
   voluntary. Software containing other cryptosystems is still
   available to consumers. As for use of this technology in
   hardware, new products are already being developed to lessen
   the "hassle" of hardware-based cryptography. One example would
   be its use of PCMCIA [Personal Computer Memory Card
   International Association] cards. Moreover, encryption
   implemented in software generally provides less security than
   hardware encryption.
 
Q. What happens when the Clipper chip's technology cannot keep up
   with faster networks and becomes a bottleneck? Do we then have
   to have a multiyear review process wherein we select a
   Clipper-2 chip and retrofit all the devices across the
   country?
 
A. We expect the key escrow microcircuits will be enhanced to keep
   pace with future data requirements. As with the introduction
   of any next-generation technology, consumers will decide the
   extent to which they require, and are willing to pat for, the
   new technology. We do not envision an "across the country"
   retrofit of all devices.
 
Q. What should the role of the government, if any, in developing
   a nationwide computer security policy guideline?
 
A. The government has a strong interest in computer security
   policies in light of the federal agencies' need to protect
   their own information: for law enforcement agencies to
   conduct lawfully authorized electronic intercepts in order to
   combat crime and terrorism; to protect national security
   through export controls of cryptographic technologies; and the
   growing U.S. economic interest in protecting corporations and
   citizens' information that is stored and transmitted
   electronically.
 
   That does not mean, however, that a government-imposed
   security policy is appropriate. Government must be actively
   involved in setting computer security standards for its own
   use and making its technology, expertise and guidance
   available to the private sector when requested and
   appropriate. Private sector organizations can then make
   appropriate risk-based, cost-effective decisions as to
   protecting their information assets.
 

Paul Ferguson               |  "Confidence is the feeling you get
Network Integrator          |   just before you fully understand
Centreville, Virginia USA   |   the problem."
fergp@sytex.com             |      - Murphy's 7th Law of Computing
 
               Quis Custodiet Ipsos Custodes?