back to table of contents
****************************************************************************** ****************************************************************************** ****************************************************************************** Part 4: Why unlimited cryptography must be legislated NOW ---- - --- --------- ------------ ---- -- ---------- --- o Key Recovery Means No Cryptography o Key Recovery Isn't Even Feasible o Government Steamroller o Feds' Wacky Pro-GAK Logic - Business Will Demand It - To Safeguard Your Privacy * C-SPAN [U.S. Congressional television coverage], Friday June 20, 1997 * Marc Andreessen, Netscape Co-founder * * "The McCain-Kerrey bill is completely flawed. Unlimited strength crypto * has been available for years worldwide over the Internet and from some * companies. Terrorists and other criminals already have it. * * The genie is out of the bottle. * * The only thing the McCain-Kerrey bill does is cripple American companies' * abilities to compete worldwide." As FBI director Louis Freeh said: "We are at a crossroads." Indeed we are. Netscape has had to ink a deal with a German crypto company. Sun has arranged a third-party deal in Europe too. RSA has announced similar plans. It is estimated the U.S. crypto companies and employees will lose four billion dollars by the year 2000. But as you know, there is a larger concern too. The level of our nakedness before the government's massive surveillance systems. * Privacy: Experience, Understanding, Expression * by Orlo Strunk, Jr., 1982, ISBN 0-8191-2688-8 * * I make decisions and commitments on the basis of my own inner subjective * feelings --- not regarding popular opinion or the requirements of social * role very much. I tend to keep the nature of my personal relationships * very private --- I don't bring my family life, love life, etc into public * view. * * When I invite others into my home for social occasions, it means an offer * of great intimacy to me and is not a casual event to be taken lightly. My * possessions and living area are private to me --- that is, very personal. * I feel offended when I find someone has been handling them or looking at * them without invitation. * * I am often offended by information requested of me by government, school, * employer: identification numbers, financial history, marital status, age. * * The right to so much information seems questionable to me, and I feel I * am being asked to reveal very personal things about myself in doing so. * * This always seems to me to represent a lack of respect for personal privacy. How quaint, to want privacy. Our privacy has been fading into a distant memory over the last twenty years. And that's not even figuring ECHELON. Just try leaving the hospital without naming your baby. The government wants 'it' to be issued a social security number too, otherwise no tax deducting it. Gosh, a birth certificate won't do, will it? * Source #1: HBO Undercover Special Report * Source #2: Computer Security Journal Vol IV #1, * "Peeping Sam: Uncle Is Watching Us", by George B. Trubow * * "We started getting letters from the Federal Government's Selective * Service System, telling us that our dog had to register." the father * explained. The letters became quite demanding. * * Shown are three children and their dog. One of the boys had an ice cream * cake birthday special at a popular national ice cream parlor chain, which * asks for your social security number to get the special. * * They were working with the government to spot unregistered children. * * The children had gone back in a week later and used their dog's name * to get the special again. * * Since it was not the government collecting the social security numbers, * participants weren't told they were registering for the draft. * * Said one of the surprised children: "How cheesy of our government!" NSA's ECHELON goes beyond any system Americans would EVER approve. That's why we weren't asked. If the full scope of ECHELON had been made public and debated in Congress and passed: civil war would have broken out. The CALEA bill was suddenly brought to a quick vote on the last day of Congress' session. Congress should be ashamed of itself. Have you NO IDEA what is at stake? We ARE at a crossroads. Passage of pro-crypto legislation is an important first step for backing away from the abyss of having every single aspect of our lives --- including our telephone calls --- monitored by computer for the UKUSA International Secret Government. Even the Prime Minister of New Zealand wasn't told about it. Even the director of the NSA wasn't told about it, until after a year [ Puzzle Palace, p333 ] of UKUSA deciding if he was "one of them". And, as documented in the books I've been referencing, when the director of the NSA knows about it and testifies before Congress, UKUSA not only lies about their activities, they also do so with impunity. A Secret Government? : The Puzzle Palace, Author James Bamford, 1983 revision, p206 : : Bypassing not only the Joint Chiefs but even the secretaries of the : branches of the armed forces, the NSCID devolves incredible authority : and responsibility on the NSA director, giving him, at least where : SIGINT is concerned, his own Army, Navy, Marines, and Air Force. Let's just say lots of secrecy, Military power, Military and civilian personnel, MANY BILLIONS of dollars of funding per year and no accountability. Called UKUSA. * "A Spy Agency Admits Accumulating $4 Billion in Secret Money" * By Tim Weiner, The New York Times, May 16, 1996 * * In a complete collapse of accountability, NRO, the Government agency that * builds spy satellites, accumulated about $4 billion in uncounted secret * money. [First they said it was $1 billion, then $2 billion...] * * The new head of the agency, John Nelson, said that the secret agency had * undergone "a fundamental financial meltdown." * * The agency's secrecy made Congressional oversite next to impossible, * intelligence officials said. * * Just two years previously, the NRO constructed a "stealth building". * It was a $300 million new headquarters. The agency had explained that * happened because they treated the construction of the building as a * covert operation. A covert operation against whom? The Pentagon was in operational charge of the NRO. The NRO is a sister agency to the NSA. ****************************************************************************** Key Recovery Means No Cryptography --- -------- ----- -- ------------ It's one way or the other. Zero or One. We either have uncrackable crypto, or crackable crypto, meaning no crypto. # "White House Challenged on Data Security" # By John Markoff, The New York Times, May 31, 1996 # # The United States Government should IMMEDIATELY relax export controls on # software products containing encryption and allow industries to set their # own standards. # # The report was prepared by the National Research Council of the National # Academy of Sciences, and stands in direct opposition to the Clinton # Administration. # # The National Research Council provides science and technology advice # under a Congressional charter. # # The report was commissioned by Congress. Clipper III is a Key Recovery plan. We know what Key Recovery means... : The Puzzle Palace, Author James Bamford, 1983 revision, p407-409 : : Crypto A.G. was owned by Boris Hagelin, who made his first million : selling his machines to the United States Army. He had close ties : to the NSA... Covert Action Quarterly, #59: * In October 1996, after being endorsed by CIA director John Deutch, * this method of maintaining the government's ability to spy on * encrypted communications REPLACED KEY ESCROW as the favored * technology. KEY RECOVERY works by locating information that is * woven into the header of each message. This mechanism allows * a recovery 'agent' to extract or reconstruct the message's key * and decrypt its contents. * * Key recovery may have been the basis for NSA's most successful * post-Cold War project for deciphering coded messages. Since the * 1940's, the NSA reportedly rigged encryption systems sold by the * Swiss firm Crypto A.G. so that the agency retained the ability * to break the codes of anyone using the machines. * * Thus, Fort Meade was able to listen in on the coded military and * diplomatic traffic of the more than 130 countries that were Crypto * A.G. customers. Initially, the NSA tried to say they couldn't decrypt Key Recovery impaired traffic on the fly: ! The New York Times, December 29, 19??, by David Burnham ! "Vast Coding of Data is Urged to Hamper Electronic Spies" ! ! Because the National Security Agency is actively involved in the ! design [of Key Recovery cryptography], the agency will have the ! technical ability to decipher the messages. ! ! Walter G. Deeley, NSA deputy director for communications security ! said, "It is technically possible for the Government to read such ! messages, but it would be insane for it to do so. It would be an ! extraordinarily expensive undertaking and would require a massive ! increase in computer power." Probably since noone believed that, they admitted it, and said why they needed to decrypt in real-time: # Encryption and Law Enforcement # # Dorothy E. Denning # Georgetown University # # February 21, 1994 # # To implement lawful interceptions of encrypted communications, they # need a real-time or near real-time decryption capability in order # to keep up with the traffic and prevent potential acts of violence. # Since there can be hundreds of calls a day on a tapped line, any # solution that imposes a high overhead per call is impractical. And if uncrackable crypto were in widespread use within the U.S., the FBI would demand that it be outlawed. For 'public safety and national security'. : * "Above the Law" : * ISBN 0-684-80699-1, 1996 : * by David Burnham : * : * The suspicion that the government might one day try to outlaw any : * encryption device which did not provide easy government access was : * reinforced by comments made by FBI Director Freeh at a 1994 Washington : * conference on cryptography. "The objective for us is to get those : * conversations...wherever they are, whatever they are", he said in : * response to a question. : * : * Freeh indicated that if five years from now the FBI had solved the : * access problem but was only hearing encrypted messages, further : * legislation might be required. : * : * The obvious solution: a federal law prohibiting the use of any : * cryptographic device that did not provide government access. : * : * Freeh's hints that the government might have to outlaw certain kinds : * of coding devices gradually became more explicit. "The drug cartels : * are buying sophisticated communications equipment", he told Congress. : * "Unless the encryption issue is RESOLVED soon, criminal conversations : * over the telephone and other communications devices will become : * indecipherable by law enforcement. This, as much as any issue, : * jeopardizes the public safety and national security of this country." Louis Freeh, banging the Drums of War. It's official: * * * SECRET FBI report * * NEED FOR A NATIONAL POLICY * * A national policy embodied in legislation is needed which insures * that cryptography use in the United States should be forced to be * crackable by law enforcement, so such communications can be monitored * with real-time decryption. * * All cryptography that cannot meet this standard should be prohibited. The U.S. asked the OECD to agree to internationally required Key Recovery. * What Is The OECD * * The Organization for Economic Co-operation and Development, based in * Paris, France, is a unique forum permitting governments of the * industrialized democracies to study and formulate the best policies * possible in all economic and social spheres. : From owner-firewalls-outgoing@GreatCircle.COM Wed May 14 18:54:15 1997 : Received: from osiris ( []) by : ( MTA v1.9.3 ID# 0-13592) with SMTP id AAA322 : for <firewalls@GreatCircle.COM>; Wed, 14 May 1997 12:56:13 -0400 : Date: Wed, 14 May 1997 12:58:46 -0400 : To: firewalls@GreatCircle.COM : From: (Research Unit I) : Subject: Re: Encryption Outside US : : : I was part of that OECD Expert Group, and believe I may shine at least : some light on what exactly was said and happened at the meetings. : : The main conflict during all sessions was the demand of the US to be : able to decrypt anything, anywhere at any time versus the European : focus: we want to have the choice - with an open end - to maintain : own surveillance. The US demand would have caused an immediate : ability to tap into what the European intelligence community believes to : be its sole and exclusive territory. In fact the Europeans were not at all : pleased with the US view points of controlling ALL crypto. Germany and : France vigorously refused to work with the US on this issue. : : The Clipper initiative (at the time not readily developed) was completely : banned, except for the Australian and UK views that felt some obligation : from the 1947 UKUSA treaty (dealing with interchange of intelligence). : : With a vast majority the US was cornered completely, and had to accept : the international views. And actually adopted those as well. EFF, EPIC and : other US organizations were delighted to see the formal US views barred, : but expressed their concern on the development of alternate political : pressure that would cause the same effects. : : As time went by that was indeed what the US did, and up to now with minor : success. : : Bertil Fortrie : Internet Security Review : == There it is yet again: "anytime, anywhere", and "UKUSA". There is absolutely no doubt whatsoever that Netscape and other companies --- the U.S. is a world leading producer of software technology --- are having their products outlawed for world-wide distribution because of ECHELON. Ubiquitous full-strength crypto --- in all our email products and web browsers --- would immediately begin to lessen ECHELON's ability to spy in such a massive dragnet fashion. There is an ugly implication to ECHELON being the reason Netscape and company are being held hostage by the NSA. "Only with a court authorized warrant..." --- Louis Freeh, FBI Director Louis Freeh is lying. ****************************************************************************** Key Recovery Isn't Even Feasible --- -------- ----- ---- -------- Distinguished cryptographers and computer scientists have released a new report, "The Risks of Key Recovery, Key Escrow, and Trusted Third-Party Encryption." The report follows an earlier recommendation of the OECD that the risks of key escrow encryption be considered before key escrow infrastructures are established. The report concludes "The deployment of a global key-recovery- based encryption infrastructure to meet law enforcement's stated specifications will result in substantial sacrifices in security and greatly increased costs to the end-user." The Risks of Key Recovery, Key Escrow, and Trusted Third-Party Encryption Hal Abelson[1] Ross Anderson[2] Steven M. Bellovin[3] Josh Benaloh[4] Matt Blaze[5] Whitfield Diffie[6] John Gilmore[7] Peter G. Neumann[8] Ronald L. Rivest[9] Jeffrey I. Schiller[10] Bruce Schneier[11] Final Report -- 27 May 1997[12] Executive Summary A variety of ``key recovery,'' ``key escrow,'' and ``trusted third-party'' encryption requirements have been suggested in recent years by government agencies seeking to conduct covert surveillance within the changing environ- ments brought about by new technologies. This report examines the fundamental properties of these requirements and attempts to outline the technical risks, costs, and implications of deploying systems that provide government access to encryption keys. The deployment of key-recovery-based encryption infrastructures to meet law enforcement's stated specifications will result in substantial sacrifices in security and greatly increased costs to the end-user. Building the secure computer-communication infrastructures necessary to provide adequate technological underpinnings demanded by these requirements would be enormously complex and is far beyond the experience and current competency of the field. Even if such infrastructures could be built, the risks and costs of such an operating environment may ultimately prove unacceptable. In addition, these infrastructures would generally require extraordinary levels of human trustworthiness. These difficulties are a function of the basic government access requirements proposed for key-recovery encryption systems. They exist regardless of the design of the recovery systems - whether the systems use private-key crypto- graphy or public-key cryptography; whether the databases are split with secret- sharing techniques or maintained in a single hardened secure facility; whether the recovery services provide private keys, session keys, or merely decrypt specific data as needed; and whether there is a single centralized infrastruc- ture, many decentralized infrastructures, or a collection of different approaches. All key-recovery systems require the existence of a highly sensitive and highly-available secret key or collection of keys that must be maintained in a secure manner over an extended time period. These systems must make decryption information quickly accessible to law enforcement agencies without notice to the key owners. These basic requirements make the problem of general key recovery difficult and expensive - and potentially too insecure and too costly for many applications and many users. Attempts to force the widespread adoption of key-recovery encryption through export controls, import or domestic use regulations, or international standards should be considered in light of these factors. The public must carefully consider the costs and benefits of embracing government-access key recovery before imposing the new security risks and spending the huge investment required (potentially many billions of dollars, in direct and indirect costs) to deploy a global key recovery infrastructure. ****************************************************************************** Government Steamroller ---------- ----------- Force anyone receiving government money to use crackable crypto? Import restrictions in the U.S.? Outlaw all non-government approved crypto? That would never happen...would it? : [search for article title] : : The Netly News : : Bill of Goods : : by Declan McCullagh May 9, 1997 : : Senate Democrats are preparing legislation : that requires universities and other groups : receiving Federal grants to make their : communication networks snoopable by the : government, The Netly News has learned. The : draft also includes penalties for "unauthorized : breaking of another's encryption codes," and : restrictions on importing encryption products. : : At a Democratic leadership press briefing, : Sen. Bob Kerrey (D-Neb.) yesterday said his bill : slightly relaxed export rules in exchange for : greater federal control over crypto imports. But : what he appears to be truly aiming for is a : full-scale assault on your right to use whatever : encryption software you want in your own home. : [snip] : : It's diabolical. Researchers already have to : comply with a legion of rules to qualify for grants. : Kerrey's proposed bill, called "The Secure Public : Network Act," would add yet another provision to : the fine print. It requires that "all encryption : software purchased with federal funds shall be : software based on a system of key recovery" and : "all encrypted networks established with the use : of federal funds shall use encryption based on a : system of key recovery." Key recovery, or key : escrow, technology enables law-enforcement : officials to obtain copies of the mathematical keys : needed to decipher messages. In other words, : someone else keeps a copy of your secret key : -- and some proposed bills say that the cops : may not even need a search warrant to seize it. : [snip] : : What about the penalties for "unauthorized : breaking of another's encryption codes?" That : would criminalize cryptanalysis, the way to verify : the security of encryption software you buy. "The : only way to know the strength of a cipher is : cryptanalysis," says Marc Briceno, a : cryptography guru at Community ConneXion. : : Then there's Kerrey's statement saying "there : will be" restrictions on what encryption products : you're permitted to buy from overseas firms. This : contradicts Justice Department official Michael : Vatis, who told me at a conference this year that : the Clinton administration did not want import : controls. Though Cabe Franklin, spokesperson : for Trusted Information Systems, says Kerrey was : misunderstood. "In the briefing afterwards, I found : out he didn't mean that at all. He meant import : controls, but more regulation than restriction. The : same way they wouldn't let a car with faulty : steering controls in the country. He meant more : quality control," Franklin says. (I don't know : about you, but I'm not convinced.) [ What a bunch of hooey. ] : : Kerrey's sudden interest in cryptologic arcana : likely stems from a recent addition to his staff: : policy aide Chris McLean. : : McLean is hardly a friend of the Net. While in : former Sen. Jim Exon's (D-Neb.) office, McLean : drafted the notorious Communications Decency : Act and went on to prompt Exon to derail : "Pro-CODE" pro-encryption legislation last fall. : Then, not long after McLean moved to his current : job, his new boss stood up on the Senate floor : and bashed Pro-CODE in favor of the White : House party line: "The President has put forward : a plan which in good faith attempts to balance : our nation's interests in commerce, security, and : law enforcement." Kerrey has since introduced a bill that parrots the Clinton administration's philosophy: * * * Comparison: Major Features of the Administration and McCain-Kerrey Bills * * Administration Draft* * McCain-Kerrey** [w. section#] * Federal licensing of certificate * authorities(CA) and key recovery * agents * Yes. Yes. [401-404] * * Linkage of CA's and key recovery: * Encryption public key certificates only * issued to users of key recovery * Yes. Yes. [405] * * Export controls codified: 56-bit limit * on encryption exports, no judicial * review. * No. Yes. [301-308] * * Crime for use of encryption in * furtherance of a crime. * Yes. Use of a licensed KRA * is a defense. * Yes. No KRA defense. [104] * * Crime for issuance of a key in * furtherance of a crime. * No. Yes. [105] * * Gov't access to keys by subpoena * without notice and or judicial approval * Yes. Yes. [106] * * Foreign gov't access to keys * Yes. Yes. [106] * * Federal procurements require key * recovery. * No. Yes. [201-207] * * Federal funding (Internet II, * universities, etc.) requires use of key * recovery. * No. Yes. [201-207] * * "Safe harbor" liability protections for * licensed CA's and recovery agents * Yes. Yes. [501-505] Less extensive * than Administration draft. * * Requires Pres. to negotiate for * international key recovery. * No. Yes. [Title 6] * * New Commerce Dept. enforcement * powers * No. Yes. [701-702] * * Information Security Board * No. Yes. [801] * * Waiver of any provision of Act by * Executive Order. * No. Yes [901] * * * *The Encrypted Data Security Act, draft dated April 29, 1997. * * **The Secure Public Networks Act, as released on June 17 * by Senator Kerrey's office. Crypto is either GAK crackable, or it is real crypto. There is no such thing as "good faith attempts to balance". You either have to choose between the best interests of the people, or the best interests of the ever-paranoid Militia. I mean the ever-paranoid Military. ****************************************************************************** Feds' Wacky Pro-GAK Logic ---- ----- --- --- ----- Here are a couple of the wacky reasons they give for everyone wanting GAK. o Business Will Demand It They say setting up a GAK infrastructure will form a defacto standard for interchange of public encryption keys, which business need for interoperability of the various cryptography products. Noone has clamored for crackable crypto to be the driving force behind such a standard. It's a very silly thing for them to assert. * "Clinton's Encryption Plan Fits Law and Market" * Letters to the Editor, Mickey Kantor, U.S. Secretary of Commerce, 10/9/96 * * Many companies are eager to market Key Recovery [compromised] products. Exact same deal: Here are the actual comments on Key Recovery's predecessor, Key Escrow: : Charles R. Smith, master of FOIA, SOFTWAR, : # "It is essential that the end-user's rights to and expectations # of personal privacy be met by this technology. Multi-national # companies are faced with strong privacy laws in many countries, # some of which are far stricter than U.S. policy. Conversely, # many countries blatantly disregard personal privacy, and might # not respect our personal rights and business needs. Because of # this, foreign governments must not be allowed access to the # escrow key." # - George Fisher - Chairman and CEO Motorola # # "The NIST proposal states that the escrow agents will provide # the key components to a government agency that 'properly # demonstrates legal authorization to conduct electronic # surveillance of communications which are encrypted.' The term # 'legal authorization' leaves open the possibility that court # issued warrants may not be required in some circumstances." # - Robert H. Follett - Program Director IBM # # "If people choose to deposit their keys with the government or # any other escrow agent, they must have some legal recourse in # the event that those keys are improperly released. The most # recent draft of the escrow procedures specifically states, # however: # # 'These procedures do not create, and are not intended to # create, any substantive rights for individuals intercepted # through electronic surveillance, and noncompliance with these # procedures shall not provide the basis for any motion to # suppress or other objection to the introduction of electronic # surveillance evidence lawfully acquired.' # # "Leaving users with no recourse will discourage use of the # system and is a tacit acceptance of unscrupulous government # behavior." # - Jim Hickstein - TERADYNE # # "Wiretap subjects must be notified within 30 days after the # operation is completed. If they are innocent, the government # buys them new equipment to replace that which was compromised # (per Lynn McNulty)... Nothing forces agents to 'forget' a key # and stop using it." # # "Placing all keys in a central location will invite foreign # intelligence services to either (a) impose similar requirements # in their own nations, and/or (b) seek access to keys held by # U.S. escrow agents, through legal or illegal means. American # business has well-publicized problems with industrial espionage # by other nations." # - Michael B. Packer, Managing Director - Bankers Trust Company o To Safeguard Your Privacy * "Clinton's Encryption Plan Fits Law and Market" * Letters to the Editor, Mickey Kantor, U.S. Secretary of Commerce, 10/9/96 * * Users may need a "spare key" to recover information that is lost or * otherwise inaccessible, in much the same way that we give a trusted * neighbor a spare key to our house...and the U.S. will have that key. The government says in case you lose you own decryption key, they will be there to save the day with their LE key. (Key Recovery has a 'Law Enforcement' key, which is a SECOND key to decrypt the same traffic.) Without getting into a lot of technical detail, basically, the LE KEY = Your Key. So, because they have a separate but equivalent key, they are claiming to be your emergency backup key, like a key left with a neighbor. People who have no idea how computer systems work will think like that sounds like a reasonable thing. Like a "good faith attempt to balance...". Now picture it being YOUR business. You have a cryptographic key that needs to be protected. The key itself is a big number you can't memorize. The key itself is protected by a (MD5-like) password to unlock access to it. That means the password can be as long a thing as you'd like to type in, not merely a short password. As long as you can remember it. This is standard...MIT's Kerberos and Phil Zimmerman's PGP use a password to unlock the cryptographic key. So, how do you back up the key without GAK? In other words, what do all companies do for this situation now? A situation that applies to all company data whether or not it is encrypted. A situation that has existed since the invention of the computer. Simple. You back it up. Make backups of the key. You can start by making your own key copy using off-site secure storage backup. Several authorized people can have a copy of the key, and they can each use their own password to get access to the key. The key is backed up not only by being on several different machines, it is also backed up in the off-line backups for these machines. After JUST ONE WEEK, you'll have 24 total copies of the key (3 + 3*7). After the first month: 214 copies. The government somehow thinks you'll clamor for THEM to backup your key by giving them a copy of the key, and if you lose all of yours... contact the Federal Secretary of Lost Keys. And for this great benefit, they want you to give them Key Recovery access to your cryptographic key. We know what Key Recovery means... By the way, the Government is restricting *communications* products, which use public key cryptography. BY DEFINITION the SENDER will NEVER expect to decrypt the traffic once they've encrypted it; that's the basis for public key cryptography. That's how it works mathematically. By design. So this "spare key" argument makes no sense whatsoever. I shudder to think that most Americans will not understand these admittedly technocratic basic details of computer systems and cryptography. If they knew, they would be STUNNED that our leaders would lie so boldly to us, including Mr. Kantor, to protect ECHELON. That the public would misunderstand Kantor and Clinton to think they are offering a "reasonable compromise"...even though what is actually happening is our government demanding you lose all right to privacy, that we must give the government a copy of our personal security key.