Interesting People mailing list archives
tex version of USACM Crypto report. Note The IEEE US Activities committee also took a position. Sorr
From: David Farber <>
Date: Mon, 4 Jul 1994 14:58:09 -0400
\documentstyle[12pt]{report} \begin{document} \thispagestyle{empty} \begin{flushleft} {\Huge \bf Codes, Keys and Conflicts:\\ \makebox[\textwidth]{\huge \bf \hfill Issues~in~U.S.~Crypto~Policy}\\} \rule{5in}{.01in} {\Large\bf Report of a Special Panel of the {\it ACM U.S. Public Policy Committee (USACM) June 1994}}\\ \vspace{2.0in} {\large \hspace*{2.94in}{\it by\ } Susan Landau\\ \hspace*{3.2in} Stephen Kent, chair\\ \hspace*{3.2in} Clint Brooks\\ \hspace*{3.2in} Scott Charney\\ \hspace*{3.2in} Dorothy Denning\\ \hspace*{3.2in} Whitfield Diffie\\ \hspace*{3.2in} Anthony Lauck\\ \hspace*{3.2in} Doug Miller\\ \hspace*{3.2in} Peter Neumann\\ \hspace*{3.2in} David Sobel\\} \vspace{.75in} {\Large \bf Association for Computing Machinery, Inc.} \end{flushleft} \newpage \thispagestyle{empty} \bigskip \begin{center} \Large{ The Association for Computing Machinery, Inc.\\} \large{ 1515 Broadway\\ New York, NY 10036} \end{center} \bigskip \noindent Copyright \copyright 1994 by the Association for Computing Machinery, Inc. Copying without fee is permitted provided that the copies are not made or distributed for direct commercial advantage and credit to the source is given. Abstracting with credit is permitted. To copy otherwise, or republish, requires a fee and/or specific permission. \bigskip \noindent ACM ISBN: 0-89791-677-8 \bigskip \noindent Additional print copies of this report can be ordered prepaid from the ACM Order Department, P.O. Box 12114, Church Street Station, New York, NY 10257; Tel: 1-800-342-6626 (U.S.A. and Canada), 1-212-626-0500 (all other countries); Fax: 1-212-944-1318; E-mail: acmhelp () acm org; Price: \$10.00 per copy; reference ACM Order Number 207940. \medskip \noindent The report can also be obtained in various electronic formats from ACM's Internet host. Internet users can access the report through any of the following URLs: \begin{verbatim} http://Info.acm.org/reports/acm_crypto_study.html ftp://Info.acm.org/reports/acm_crypto_study/ gopher://gopher.acm.org/11[the_files.reports.acm_crypto_study] \end{verbatim} \newpage \noindent{\huge \bf Contents} \thispagestyle{empty} \vspace*{0.6in} {\bf \noindent\begin{tabular}{r l @{\hfill\hspace*{0.13in}}r} & Executive Summary & i\\[3ex] & Preface & iv\\[3ex] & About the Authors & vii\\[3ex] 1 & Information Protection in the Information Age & 1\\[3ex] & Diffie-Hellman Key Exchange & 8\\[3ex] 2 & Integrating Cryptography & 9\\[3ex] 3 & A Law Enforcement View of Encryption: The Problems & 14\\[3ex] 4 & A National Security View of Encryption: The Complexities & 22\\[3ex] 5 & The Privacy View: The Importance of Encryption& 30\\[3ex] 6 & Cryptography in Public: A Brief History& 36\\[3ex] & Using Clipper & 46\\[3ex] 7 & The Government Solution: The Escrowed Encryption &\\ & Standard& 47\\[3ex] 8 & Issues Highlighted by the Escrowed Encryption Standard & 53\\[3ex] 9 & Codes, Keys, and Conflicts: The Questions& 64\\[3ex] & Bibliography & 67\\ \end{tabular}} \newpage \pagenumbering{roman} \begin{center} \noindent {\Large \bf Executive Summary} \end{center} \medskip \noindent On April 16, 1993, the White House announced the Escrowed Encryption Initiative, ``a voluntary program to improve security and privacy of telephone communications while meeting the legitimate needs of law enforcement.'' The initiative included a chip for encryption (Clipper), to be incorporated into telecommunications equipment, and a scheme under which secret encryption keys are to be escrowed with the government; keys will be available to law enforcement officers with legal authorization. The National Security Agency (NSA) designed the system and the underlying cryptographic algorithm SKIPJACK, which is classified. Despite substantial negative comment, ten months later the National Institute of Standards and Technology approved the Escrowed Encryption Standard (EES) as a voluntary Federal standard for encryption of voice, fax, and computer information transmitted over circuit-switched telephone systems. Underlying the debate on EES are significant issues of conflicting public needs. Every day, millions of people use telephones, fax machines, and computer networks for interactions that were once the province of written exchanges or face-to-face meetings. Private citizens may want to protect their communications from electronic eavesdroppers. Law enforcement seeks continuation of its legally authorized access to communications of suspected criminals. In order to compete in the global marketplace, U.S. manufacturers want to include strong cryptography in their products. Yet national security interests dictate continued access to foreign intelligence. Both the EES and the controversy surrounding it are but the latest and most visible developments of a conflict inherent in the Information Age. The issues EES raises are fundamental. When the Constitutional protections of the Bill of Rights became law in 1791, speech took place in the streets, the market, the fields, the office, the bar room, the bedroom, etc. It could be used to express intimacy, conduct business, or discuss politics. Privacy was an indispensable component of the character of many of these conversations. In the two hundred years since then, electronic communications have taken the place of many of those face-to-face meetings of two centuries ago. The world has undergone a fundamental change in the way it conducts its business, both personal and professional. The EES is primarily for use with telephones and fax machines. The broad public debate it has sparked is primarily, though not exclusively, concerned with the expected extension of escrowed encryption to other forms of electronic communications. This debate has provided many press clippings -- but fewer facts. Proponents of EES argue that escrowed encryption using a secret algorithm is a reasonable and logical way to provide security for electronic communications without unleashing cryptography that will thwart law enforcement and national security. Critics of EES see the Federal program as nothing less than a large step in the direction of Big Brother. The fact is that the issue of cryptography is complex. All who have thought seriously about the issues of communications security -- from civil libertarians to law enforcement officials to the computer industry and national security experts -- agree that strong cryptography is necessary for protecting the confidentiality, integrity, and authenticity of the information infrastructure and that this protection is extremely important for economic stability and national security. The disagreements are partially disputes over potential costs: What would be the cost to society if criminals concealed their communications using codes the government cannot decipher? How will U.S. economic competitiveness be affected by export controls on cryptographic systems? It is even more a disagreement on values: How important is protecting society from abuses by criminals and terrorists versus protecting personal privacy from all threats -- including potential eavesdropping by the government? In this report, we attempt to remove the rhetoric, lay bare the facts, and frame the issues. We examine the issues of communications security from a variety of viewpoints: (i) we explain the technical considerations of communications security; (ii) we consider the dual-edged sword cryptography presents to both law enforcement and national security; (iii) we present the history of wiretap law in the United States; and (iv) we put the current policy on cryptography in the context of decisions over the last twenty years. We explain the anticipated impact of EES on the computer and cryptography industries, on privacy, and on law enforcement and national security, and we raise a number of questions that deserve examination in this discussion. We hope to have laid a foundation on which an informed public debate can begin. The discussion on solutions to the problems of communications security encompasses broad issues and values, and the choices that will be made should be made in full consideration of the facts. President Franklin Delano Roosevelt eloquently stated the balance that should underlie fundamental policy decisions: \begin{quote} The only sure bulwark of continuing liberty is a government strong enough to protect the interests of the people, and a people strong enough and well enough informed to maintain its sovereign control over the government.\footnotemark \end{quote} In order to determine policy for the protection of communications, the public deserves full information on the issues.\footnotemark\ That is what this report seeks to provide. \vspace{4.7in} \rule{2in}{.01in} \begin{center} Notes \end{center} {\small \begin{enumerate} \item Fireside Chat, April 14, 1938. \item Note, however, that the information provided in this report is derived from unclassified sources only. \end{enumerate}} \addtocontents{toc}{Executive Summary}{} \newpage \begin{center} \noindent{\Large \bf Preface} \end{center} \medskip \noindent Cryptography is being debated in public -- again. One wag claims that every few years there is a study on cryptography and public policy, whether it is needed or not.\footnotemark[1] \ With the increasing use of distributed networks for computing, the emerging National Information Infrastructure and its need for communications security, the international availability of two strong cryptographic algorithms, DES and RSA, the Federal ``Clipper'' Initiative, many unresolved issues have come to the fore. It is clear that a public debate on these issues is necessary. This report, by a panel convened by the Association for Computing Machinery's U.S. Public Policy Committee (USACM), is an attempt to clarify the technical and policy issues surrounding cryptography, so that a careful and clear public debate may result. This panel, which includes members of the U.S. government, attorneys, and members of the computer industry and academia, has not come to conclusions about the direction of cryptography in the public domain, or about the appropriateness of the government-proferred Escrowed Encryption Standard. While not always reaching consensus, we have attempted to present the issues carefully and correctly, removing rhetoric and replacing it with facts. This report represents the work of the panel members as individuals, and does not necessarily represent the opinions of their organizations, nor of the ACM, which sponsored this study. Funding was provided in part by the National Science Foundation, under grant number CDA-9400157. ACM, the first society in computing (founded in 1947), is a 85,000-member nonprofit educational and scientific society dedicated to the development and use of information technology, and to addressing the impact information technology has on the world's major social challenges. The Association's major programs and services include its scholarly journals (currently 18), which are world-class repositories of the finest computing literature, and Special Interest Groups (34) that specialize in providing educational resources and help to establish the standard of excellence in specific computing disciplines through technical conferences and newsletters. USACM was created by ACM to provide a means for presenting and discussing technological issues to and with U.S. policy makers and the general public. Presentation of this information includes white papers, news releases, journal articles, and expert testimony for Congressional hearings. This report is the first major undertaking of USACM. A brief road map is in order. Chapter 1 provides background on information protection in the Information Age, including an explanation of the different functions cryptography provides, and the algorithms currently being used. Chapter 2 describes the way cryptography secures electronic communications, both for computers and for telephones. The description provided in this chapter is somewhat more technical than the remaining ones, and can be skipped by those who are less concerned with detail on the technological issues. Chapter 3 explains the problems of cryptography from a law-enforcement perspective; it includes a brief history of wiretapping in the United States. Chapter 4 explains the dual nature of cryptography in the context of national security. Chapter 5 discusses the value and importance of privacy in the United States. Cryptography is not a new issue for the public forum, and Chapter 6 presents the policy issues, resolved and unresolved, that have been debated over the last twenty years. Chapter 7 presents the Escrowed Encryption Standard (EES), a cryptographic scheme in which government agencies hold the keys. This controversial standard, approved by the National Institute of Standards and Technology earlier this year, is part of the reason for the current report. Chapter 8 discusses the issues highlighted by the EES, including privacy concerns, export policy, interoperability issues, and the impact of EES on the U.S. computer industry. Chapter 9 concludes the report, by placing the issues in a broader context. Notes appear on the last page of the chapter. \begin{center} Acknowledgements \end{center} \noindent This report is the idea of Dr. Barbara Simons, chair of USACM. Within days of the White House announcement of the Escrowed Encryption Initiative, Dr. Simons conceived of this panel, and it was she who arranged a chair and initial funding from ACM. This report would not have occurred without her efforts. This report benefitted from the review by members of USACM and the ACM Committee on Computers and Public Policy. We greatly appreciate their help. The panel would like to thank those individuals who provided guidance and information. These include: David Banisar, James Bidzos, Dennis Branstad, Lewis Branscomb, James Burrows, John Cherniavsky, Geoffrey Greiveldinger, Doris Lidtke, Alan McDonald, Douglas McIlroy, Marc Rotenberg, Herman Schwartz, James Simons, and Barry Smith. \vspace{4.5in} \rule{2in}{.01in} \begin{center} Notes \end{center} {\small \begin{enumerate} \item Panel studies include American Council on Education, ``Report of the Public Cryptography Study Group,'' February 7, 1981; U.S. Department of Commerce, National Telecommunications and Information Administration, ``White Paper: Analysis of National Policy Options for Cryptography,'' October 29, 1980; Office of Technology Assessment, ``Defending Secrets, Sharing Data, New Locks and Keys for Electronic Information,'' 1987; Final Report of the Industry Information Security Task Force Industry Information Protection, June 13, 1988. There have also been numerous studies by individuals, including several done at the Harvard University Program on Information Resources Policy. \end{enumerate}} \addtocontents{toc}{Preface}{} \newpage \begin{center} \noindent {\Large{\bf About the Authors}} \end{center} \medskip \noindent Susan Landau is Research Associate Professor at the University of Massachusetts. She works in algebraic algorithms. \smallskip \noindent Stephen Kent is Chief Scientist-Security Technology for Bolt Beranek and Newman Inc. For over 18 years, he has been an architect of computer network security protocols and technology for use in the government and commercial sectors. \smallskip \noindent Clinton C. Brooks is an Assistant to the Director of the National Security Agency. He is responsible for orchestrating the Agency's technical support for the government's key-escrow initiative. \smallskip \noindent Scott Charney is Chief of the Computer Crime Unit in the Criminal Division in the Department of Justice. He supervises five federal prosecutors who are responsible for implementing the Justice Department's Computer Crime Initiative. \smallskip \noindent Dorothy E. Denning is Professor of Computer Science at Georgetown University. She is author of ``Cryptography and Data Security'' and one of the outside reviewers of the Clipper system. \smallskip \noindent Whitfield Diffie is Distinguished Engineer at Sun Microsystems. He is the co-inventor of public-key cryptography, and has worked extensively in cryptography and secure systems. \smallskip \noindent Anthony Lauck is a Corporate Consulting Engineer at Digital Equipment and its lead network architect since 1978. His contributions span a wide range of networking and distributed-processing technologies. \smallskip \noindent Douglas Miller is Government Affairs Manager for the Software Publishers Association. \smallskip \noindent Peter G. Neumann has been a computer professional since 1953, and involved in computer-communication security since 1965. He chairs the ACM Committee on Computers and Public Policy and moderates the Risks Forum. \smallskip \noindent David L. Sobel is Legal Counsel to the Electronic Privacy Information Center (EPIC). He specializes in civil liberties, information, and privacy law and frequently writes about these issues. \addtocontents{toc}{About the Authors}{} \newpage \pagenumbering{arabic} \chapter{ Information Protection in the Information Age} If this is the Information Age, how do we protect information? Many times a day people transmit sensitive data over insecure channels: reciting credit card numbers over cellular phones (scanners are ubiquitous), having private exchanges over electronic mail (Internet systems are frequently penetrated), charging calls from airports and hotel lobbies (our Personal Identification Numbers (PINs) easily captured). The problem is magnified at the corporate level. For several years in the 1970s, IBM executives conducted thousands of phone conversations about business on the company's private microwave network -- and those conversations were systematically eavesdropped upon by Soviet intelligence agents [Broa].\footnotemark IBM is not unique in having suffered from electronic eavesdroppers. Weak links exist throughout electronic communications, in networks and in distributed computer systems. An Alaskan oil company kept losing leasing bids by small amounts to competitors. The line between a computer in the Alaska office and one at the home base in Texas was being tapped, and a competitor was intercepting pricing advice transmitted from the Texas office [Park, pg. 322]. Computer systems themselves can be a weak link. Employees at British Airways read Virgin Atlantic Airlines' passenger records. From that information the employees carried on systematic efforts to induce Virgin's travelers to switch their flights to British Air [Stev]. Deceptive communications can easily undermine users' confidence in a system. For example, a group of students at the University of Wisconsin forged an E-mail letter of resignation from the Director of Housing to the Chancellor of the University [Neu]. There can be denials of service because of altered or jammed communications; ``video pirates'' have disrupted satellite television programs a number of times [Neu]. Electronic communications are now an unavoidable component of modern life. Every day, millions of people use telephones, fax machines, and computer networks for interactions that were once the province of written exchanges or face-to-face meetings. Private citizens may want to protect their communications from electronic eavesdroppers. Privacy is a fundamental value of this society, reflected in the Fourth Amendment -- which provides safeguards for the security of our ``persons, houses, papers and effects'' against intrusion by the government. Over the past five years, thousands of mainframe computers have been replaced by networked computing systems. This process is accelerating, and that change will increase the importance of secure electronic communications. The National Information Infrastructure (NII), the ``information superhighway,'' will have an even greater effect. Businesses will teleconnect with customers to sell and bill. Manufacturers will electronically query suppliers to check product availability. Insurance companies, doctors, and medical centers will carry on electronic exchanges about patient treatment. Much of the information being sent on the NII will be sensitive. At the same time, most of its users will be quite unsophisticated in the complexities of the networks they access, or in the problems that can arise from intercepted communications. Protecting the confidentiality, integrity, and authenticity of the information infrastructure is extremely important to economic stability and national security. \begin{center} Cryptography as a Solution \end{center} \noindent How can communications security be achieved? A very important part of the solution is cryptography. It has long been the military solution to the problem of transmitting sensitive information over insecure channels. Cryptography can help prevent penetration from the outside. It can protect the privacy of users of the system so that only authorized participants can comprehend communications. It can ensure integrity of communications. It can increase assurance that received messages are genuine.
Current thread:
- tex version of USACM Crypto report. Note The IEEE US Activities committee also took a position. Sorr David Farber (Jul 04)
- <Possible follow-ups>
- tex version of USACM Crypto report. Note The IEEE US Activities committee also took a position. Sorr David Farber (Jul 04)
- tex version of USACM Crypto report. Note The IEEE US Activities committee also took a position. Sorr David Farber (Jul 04)
- tex version of USACM Crypto report. Note The IEEE US Activities committee also took a position. Sorr David Farber (Jul 04)
- tex version of USACM Crypto report. Note The IEEE US Activities committee also took a position. Sorr David Farber (Jul 04)
- tex version of USACM Crypto report. Note The IEEE US Activities committee also took a position. Sorr David Farber (Jul 04)
- tex version of USACM Crypto report. Note The IEEE US Activities committee also took a position. Sorr David Farber (Jul 04)
- tex version of USACM Crypto report. Note The IEEE US Activities committee also took a position. Sorr David Farber (Jul 04)