Interesting People mailing list archives
Critics Belittle Data Security Probe A bit late but ... from sci.crypt
From: David Farber <farber () central cis upenn edu>
Date: Mon, 26 Jul 1993 21:01:33 -0500
San Lose Mercury News - July 16, 1993 Critics Belittle Data Security Probe By Lee Gomes A federal effort to answer complaints about a controversial government data security plan apparently has fallen short of its goal, with critics saying the effort isn't dealing with all of their concerns. On Thursday, the National Institute of Standards and Technology, or NIST, an agency of the Comerce Department, named five outside computer researchers to evaluate software being used in the "Clipper" program, a proposed federal standard to encode computer messages in order to keep them secret. Clipper, which uses both software and a special chip, has been criticized by some cryptography experts for being an inferior technology, and for potentially having a hidden "trap door" that might allow law enforcement agencies to surreptitiously peek at computer messages. While the program would directly apply to only federal agencies, many predict the standard would also come to dominate the commercial market. In an effort to convince people no such trap door exists, the five experts working with NIST will evaluate the classified software used in Clipper and then report publicly on their findings. But Jim Bidzos, of RSA Data Security in Redwood City, a company that sells a private encryption plan and which is one of the government's main critics in the controversy, said the work of the five outsiders will be of limited value, since they will only be looking at a protion of Clipper software. "There are a million other places where you can do some funny business to grab messages," he said, including by copying or tampering with Cliper hardware. NIST has always maintained there is no trap door and that including one would be superfluous because law enforcement agencies would be able to get the "keys" to Clipper with a court order. NIST spokeswoman Janice E. Kosko said the agency had invited 11 experts to examine the actual encryption software, called Skipjack, provided they would agree to obtain a security clearance and to speak publicly about their findings without revealing the detailed workings of the software. Six declined. The five who accepted are Ernest Brickell of Sandia National Laboritories, Dorothy Denning of the computer science department of Georgetown University, Stephen T. Kent of BBN Communications Corp., David P. Maher of AT&T, and Walter Tuchman of Amperif Corp. The five outsiders have been asked to submit individual findings by the end of the month. Because Clipper software is secret, the work of the five will take place at a classified government laboratory in Bowie, MD. ---
Current thread:
- Critics Belittle Data Security Probe A bit late but ... from sci.crypt David Farber (Jul 26)