[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

CDT Policy Post 2.20 - Clinton Administration Floats Clipper III Draft



-----------------------------------------------------------------------------
    _____ _____ _______
   / ____|  __ \__   __|   ____        ___               ____             __
  | |    | |  | | | |     / __ \____  / (_)______  __   / __ \____  _____/ /_
  | |    | |  | | | |    / /_/ / __ \/ / / ___/ / / /  / /_/ / __ \/ ___/ __/
  | |____| |__| | | |   / ____/ /_/ / / / /__/ /_/ /  / ____/ /_/ (__  ) /_
   \_____|_____/  |_|  /_/    \____/_/_/\___/\__, /  /_/    \____/____/\__/
   The Center for Democracy and Technology  /____/     Volume 2, Number 20
----------------------------------------------------------------------------
      A briefing on public policy issues affecting civil liberties online
----------------------------------------------------------------------------
 CDT POLICY POST Volume 2, Number 20                         May 22, 1996

 CONTENTS: (1) Clinton Administration Floats Clipper III Key-Escrow Proposal
           (2) Join Sen Leahy TODAY (5/22) At HotWired to Discuss
               His Crypto Bill
           (3) Subscription Information
           (4) About CDT, contacting us

  ** This document may be redistributed freely with this banner in tact **
        Excerpts may be re-posted with permission of <[email protected]>
-----------------------------------------------------------------------------
(1) CLINTON ADMINISTRATION FLOATS 'CLIPPER III' KEY ESCROW PROPOSAL

The Clinton Administration Tuesday (5/21) unveiled a new encryption policy
proposal which would use a government-sanctioned key certification system
as an incentive to virtually impose key escrow on domestic users.

The draft proposal, "Achieving Privacy, Commerce, Security and Public
Safety in the Global Information Infrastructure" (already dubbed Clipper
III), seeks to establish a "public key infrastructure" for encryption.
Broadly speaking, a public key infrastructure would enable users to clearly
identify the people they are communicating with and facilitate key
management, and is widely viewed as an important component of a secure and
trusted communications environment. However, the Clipper III would
establish this infrastructure at a price: All users of the public key
infrastructure would have to ensure government access to their encryption
keys through an approved key escrow authority.

A detailed analysis of the Administration's latest draft proposal is
attached below. Among other concerns:

* The proposal is hardly voluntary - Key-escrow would become a
  prerequisite for participation in the Global Information
  Infrastructure.

* The proposal contains few guidelines for how keys would be shared with
  foreign governments.

* The proposal encourages the collection of highly sensitive private key
  information.

* The proposal does not address major privacy concerns such as liability
  for key holders, limitations on law enforcement access, audit
  requirements, and other concerns that many have already identified as
  crucial to protecting individual privacy even in a voluntary key
  escrow system.

CDT believes that the Administration's draft proposal does not meet the
privacy and security needs of Internet users or the demands of the
marketplace.  While the proposal represents real progress by the
Administration in recognizing the importance of encryption and the value of
a public key infrastructure, in reality it provides few provisions to
protect individual privacy.  Moreover, the Clipper III proposal, like its
predecessors, continues to put law enforcement and national security
concerns above the privacy and security needs of the American public.

The latest Administration proposal comes in the midst of Congressional
efforts to relax encryption export controls and encourage the widespread
use of strong, easy-to-use encryption and prohibit the government from
imposing key escrow domestically.  It also comes in the wake of a letter
signed by over 27 Representatives last week urging the Administration to
abandon its key-escrow initiative (See CDT Policy Post 2.19)

A copy of the Draft proposal is available on CDT's encryption policy web
page (http://www.cdt.org/crypto).

SUMMARY OF THE PROPOSAL:
------------------------

Taking a nod from the efforts currently under way through the European
Commission to establish a Public Key Infrastructure (PKI) in Europe, the
Clipper III seeks to establish a means of ensuring authentication and key
management for Americans.

Among other things, the Clipper III draft proposal:

* RECOGNIZES THAT THE GOVERNMENT SHOULD NOT IMPOSE ENCRYPTION STANDARDS
  ON MARKET: One positive element of the new proposal is an explicit
  recognition of the importance of encryption and the need for private
  sector, as opposed to government solutions.  The draft states,
  "Government can no longer monopolize state of the art cryptography ...
  It is unrealistic to believe that government can produce solutions
  which keep ahead of today's rapidly changing information technology".

* ESTABLISHES KEY MANAGEMENT INFRASTRUCTURE: The draft proposal would
  create a new public key infrastructure designed to tie individuals
  and entities to their public keys.

* RELAXES EXPORT CONTROLS FOR KEY ESCROW PRODUCTS: The new draft would
  continue and expand the effort started with the Clipper II proposal by
  allowing the export of software with 64 bit key lengths (80 bits for
  hardware) on the condition that products contain a key-escrow
  function. Keys could be escrowed in the United States or where the
  US has a bilateral escrow agreement. Other exports to certain markets
  would be considered on a case-by-case basis.

* PROVIDES FOR 'SELF ESCROW' OF ENCRYPTION KEYS:  Self Escrow (where
  a corporation or individual could become an escrow agent for its own
  private keys) would be permitted, though the exact conditions of and
  obligations are not specified in the draft.

MAJOR FLAWS IN THE CLIPPER PROPOSAL RENDER IT A NON-STARTER
-----------------------------------------------------------

* CLIPPER III IS NOT VOLUNTARY & MAKES KEY-ESCROW A PRECONDITION FOR
  PARTICIPATION IN THE GLOBAL INFORMATION INFRASTRUCTURE

While the Administration deserves credit for recognizing that a trusted
public key infrastructure is an important component of a workable National
Encryption policy, the latest proposal attempts to use the need for a
public key infrastructure as a means to impose key escrow domestically.
Although the Administration has repeatedly stressed that any key-escrow
initiative would be a voluntary system, the text of the latest draft
directly contradicts that contention.

The proposal states that in order to participate in the Global Information
Infrastructure, users will need to escrow their keys; if they choose not to
participate in the key infrastructure, "users cannot know with whom they
are dealing on the network, or sending money too, or who signed a document,
or if the document was intercepted and changed by a third party." (page 3).

The proposal goes on to state:

  "To participate in the network a user needs a public key certificate
  signed by a CA [Certification Authority] which 'binds' the user's
  identity to their public key.  One condition of obtaining a
  certificate is that sufficient information (e.g., private keys or
  other information as appropriate) has been escrowed with a certified
  escrow authority to allow access to a user's data or communications."
  (page 5)

In other words, the Clipper III proposal would require individuals and
businesses to use key-escrow encryption as a condition of participating in
the Global Information Infrastructure.  Under the proposal, an individual
cannot obtain certification by a Key Certification Authority (a necessity
under the Clipper III scheme) unless he or she registers with a "certified
escrow authority".

There is no technical or structural reason (beyond law enforcement access)
why key escrow must be a component of a public key infrastructure.  In
fact, a robust example of a public key infrastructure exists today for
exchanging PGP keys (the PGP public key server at MIT
<http://www-swiss.ai.mit.edu/~bal/pks-toplev.html>).

* CLIPPER III TARGETS DOMESTIC USERS

While export controls have ostensibly been aimed at controlling the use of
encryption by foreign users (and indirectly, at domestic users as well),
the Clipper III proposal is aimed directly at the domestic use of
encryption and seeks to establish a system whereby key escrow becomes a
de-facto component of domestic encryption products.

* RAISES MAJOR QUESTIONS WITH RESPECT TO INTERNATIONAL KEY EXCHANGE

In order to work, Clipper III assumes bi-lateral agreements between the US
and other countries with respect to law enforcement access to escrowed
keys, who could legally be an escrow agent, and other factors.  Currently
no such agreements exist.  Bilateral agreements also raise important
privacy issues, including how to deal with releasing keys to foreign
governments, particularly those without any tradition of privacy
protections. Finally, a patchwork of international agreements can create
problems for interoperability.  The same encryption and or authentication
scheme exportable to Germany or England might not be exportable to India or
China in the absence of a appropriate bi-lateral agreements.

* CONTAINS NO PRIVACY PROTECTIONS/RESTRICTIONS ON LAW ENFORCEMENT ACCESS
  TO ESCROWED KEYS:

Like Clipper and Clipper II, the latest proposal does not squarely address
standards for law enforcement access to escrowed keys, unauthorized
disclosure of keys by escrow agents, and other privacy issues associated
with key escrow.

* CREATES VULNERABILITY AND INSECURITY BY ENCOURAGING STORAGE OF PRIVATE
  KEYS:

The proposal suggests that escrow agents hold either a user's private key
or "other information as appropriate".  Allowing escrow agents to
accumulate private keys creates severe vulnerabilities in the network.
Once a private key is disclosed (either to law enforcement or to an
unauthorized third party), *every* communication using that key is
compromised. Although the draft does attempt to limit this concern by
allowing escrow agents to hold "other information", the proposal no where
specifies what that would be.

NEXT STEPS
----------

Congress is currently considering legislation which would head off the
Administration's efforts to encourage domestic key-escrow encryption
schemes and promote the widesprad avaiability of strong, easy-to-ues
encryption technologies.

Several bills, including S.1726 (the Pro-CODE bill) sponsored by Senators
Burns (R-MT), Leahy (D-VT), Dole (R-KS), Pressler (R-SD), Wyden (D-OR) and
others, along with HR 3011, sponsored by Reps Goodlatte (R-VA), Eshoo
(D-CA), Campbell (D-CA) and over 25 others are currently being considered
by Congress. Both bills would relax export restrictions and prohibit the
government from imposing key escrow domestically.

CDT looks forward to working with Members of Congress to pass legislation
that encourages the widespread availability of strong, easy-to-use
encryption technologies based on marketplace, not government, standards.

-----------------------------------------------------------------------

(2) JOIN SENATOR LEAHY TODAY (Wed 5/22) TO DISCUSS PRIVACY AND SECURITY ONLINE

Senator Patrick Leahy (D-VT), the "Senior Senator from Cyberspace", ardent
proponent of Net.Freedom and co-sponsor of 2 bills to repeal encryption
export controls, will hold an online "town meeting" on Wednesday May 22 to
discuss privacy and security online.

DETAILS ON THE EVENT

* Wednesday May 22, 4 - 5 pm ET (1 pm Pacific) on HotWired

   URL: http://www.hotwired.com/wiredside/

 To participate, you must be a registered HotWired member (there
 is no charge for registration).  You must also have RealAudio(tm) and
 a telnet application properly configured to work with your browser.

 Please visit http://www.hotwired.com/wiredside/ for information on how you
 can easily register for Hotwired and obtain RealAudio.

Wednesday's town meeting is another in a series of planned events, and is
part of a broader project coordinated by CDT and the Voters
Telecommunications Watch (VTW) designed to bring the Internet Community
into the debate and encourage members of Congress to work with the
Net.community on vital Internet policy issues.

Events with other members of Congress working on Internet Policy Issues are
currently being planned. Please check http://www.crypto.com for
announcements of future events

------------------------------------------------------------------------
(3) SUBSCRIPTION INFORMATION

Be sure you are up to date on the latest public policy issues affecting
civil liberties online and how they will affect you! Subscribe to the CDT
Policy Post news distribution list.  CDT Policy Posts, the regular news
publication of the Center For Democracy and Technology, are received by
more than 9,000 Internet users, industry leaders, policy makers and
activists, and have become the leading source for information about
critical free speech and privacy issues affecting the Internet and other
interactive communications media.

To subscribe to CDT's Policy Post list, send mail to

     [email protected]

with a subject:

     subscribe policy-posts

If you ever wish to remove yourself from the list, send mail to the
above address with a subject of:

     unsubscribe policy-posts

-----------------------------------------------------------------------
(4) ABOUT THE CENTER FOR DEMOCRACY AND TECHNOLOGY/CONTACTING US

The Center for Democracy and Technology is a non-profit public interest
organization based in Washington, DC. The Center's mission is to develop
and advocate public policies that advance democratic values and
constitutional civil liberties in new computer and communications
technologies.

Contacting us:

General information:  [email protected]
World Wide Web:       URL:http://www.cdt.org/
FTP                   URL:ftp://ftp.cdt.org/pub/cdt/

Snail Mail:  The Center for Democracy and Technology
             1634 Eye Street NW * Suite 1100 * Washington, DC 20006
             (v) +1.202.637.9800 * (f) +1.202.637.0968

-----------------------------------------------------------------------
End Policy Post 2.20                                           5/22/96
-----------------------------------------------------------------------