THE KEYS TO THE KINGDOM THE GOVERNMENT WANTS TO BE ABLE TO SEE PRIVATE COMPUTER

[David Farber <farber () central cis upenn edu>]

This was sent to me and I pass it on for your education. I have no real
idea of whether such redistribution to IP is covered under the Fair Use
doctrine. I get no money etc. Any ideas so I can stop waffleing djf


Here is the SJMerc Story, for those who didn't see it.
(reposted w/o permission)


------------------------------------------------


                             SAN JOSE MERCURY NEWS
                     Copyright 1994, San Jose Mercury News


 DATE: Monday, June 27, 1994
 PAGE: 1D                         EDITION: Morning Final
 SECTION: Business                LENGTH:  47 in. Long
 ILLUSTRATION: Photo
 SOURCE: DAVID BANK, Mercury News Staff Writer


                            THE KEYS TO THE KINGDOM
                 THE GOVERNMENT WANTS TO BE ABLE TO SEE PRIVATE
                   COMPUTER COMMUNICATIONS. A SILICON VALLEY
                ENTREPRENEUR IS LEADING THE FIGHT TO KEEP SECRET
                                MESSAGES SECRET


    JIM BIDZOS says he's not paranoid. It's just that the government is out
to get him.
    Bidzos' Redwood City company makes software for encrypting electronic
mail and other computer communications that even the master code breakers at
the National Security Agency can't crack. That drives the agency, one of the
most powerful and secretive of all the federal intelligence agencies, crazy.
    Take a meeting in April, for example, when three NSA agents dropped in on
Bidzos, president of RSA Data Security Inc. For two hours, Bidzos said, the
agents were civil and pleasant as he drew diagrams, told jokes and tried to
convince them that the agency's attempts to promote an alternative encryption
scheme would fail.
    He must have said something wrong. One of the agents threatened to run
him over in the parking lot, Bidzos said.
    ''He looked at me and very coldly said he would do me in,'' Bidzos said.
''He clearly threatened me.''
    To Bidzos, the incident -- which could not be confirmed independently --
was another indication that tensions are increasing as his eight-year
struggle with the government moves into its final stages.
    The struggle is over how to secure the pri-vacy of computer
communications, an obscure field of arcane mathematical algorithms and
endless ''what-ifs?'' that has become a vital issue as more and more
financial, legal and other sensitive transactions are conducted
electronically.
    The issue is a classic contest between security and freedom. Both sides
say that what's at stake is nothing less than the future of American
democracy. Bidzos, a 39-year-old Greek who grew up in Ohio, runs RSA, a
privately held company with 30 employees and annual revenues of less than $10
million.
    RSA licenses the patented formulas used to create unbreakable codes for
securing computer communications from eavesdropping. The software, which also
is used to create and verify digital signatures, has been licensed by
companies such as Apple Computer Inc., Microsoft Corp., Lotus Development
Corp. and Novell Inc. and is in use in nearly 4 million copies of software.
    Bidzos explains RSA's products this way: Unprotected computer
communications are the electronic equivalent of typewritten postcards. They
can be read by anybody and no one can be sure who wrote them. RSA sells
signatures, so that the writer can be verified, and envelopes, so the
messages cannot be read except by those to whom they are addressed.
    The NSA is responsible for protecting both the government's secure
communications and its ability to monitor international
communications. RSA's  signatures for the electronic postcards are not so
bad, in the NSA's view, but the company's envelopes drive the agency into a
frenzy.
    The NSA was not able to respond to requests for interviews or to written
questions in time for this article.
    In the past, agency officials have argued that the widespread use of
unbreakable encryption such as that sold by RSA serves to provide a safe
haven for terrorists and drug kingpins and other criminals by giving them a
way to conduct their business without fear of government surveillance.
    To avoid that nightmare situation, the NSA has sought to limit the spread
of encryption technology such as that sold by RSA. The encryption algorithms
officially are classified as sensitive munitions, just as are nuclear
triggers. The NSA, as technical consultant to the U.S. State Department, has
barred the export of software containing the full-strength versions of RSA's
cryptography, except to overseas subsidiaries of U.S. companies.
    ''I once ran into a senior official from the NSA and I asked him,
'Obviously some people there don't really like us. What's the problem?' ''
Bidzos said. ''He said, 'The problem with you is that you exist.' ''
    Bidzos claims the NSA has overstepped its role in export control and has
interfered domestically in his relations with customers and potential
customers.
    The NSA is barred by law from operating domestically. In 1991, he said,
he concluded that an NSA official had tried to persuade executives at
Microsoft not to sign a licensing agreement with RSA. Bidzos said that after
he placed an angry telephone call, the NSA official backed off and the deal
was signed.
    In another case, Bidzos said the NSA directly interfered in the
activities of two companies with which RSA was dealing. He refused to provide
details of the incident because he said it will be the subject of a lawsuit
against the government.
    ''They crossed the line. They used export (controls) as a club to
discourage people from doing business with us,'' Bidzos said. ''I hate to use
the word, but there are some interesting conspiracy aspects to all of this.
I've claimed that this is a covert action on the part of the NSA.''
    The struggle moved into a new phase last year, when the NSA unveiled its
own alternative method of encryption, making the government the chief
competition to RSA, which had become the de facto industry standard.
    The NSA's ''Clipper'' chip, announced last year, is intended to satisfy
users' demand for protection against unauthorized interception, while still
allowing law enforcement authorities -- with the appropriate court-ordered
warrants -- to obtain the keys to decode the electronic conversations and
computer files.
    The announcement of the Clipper, and particularly its endorsement by the
Clinton administration last spring, has ignited a firestorm of debate. Many
in the computer industry have aligned themselves with civil liberties groups
in arguing that a built-in loophole to computer security is an unacceptable
breach of constitutional freedoms and a huge disincentive to exports as well.
    Others reluctantly have accepted the arguments of law enforcement
officials that the government's continued ability to wiretap is a necessary
safeguard in