IP: While cda-II diverts attention, end run around clipper

[Dave Farber <farber () cis upenn edu>]

Date: Thu, 30 Jul 1998 15:30:38 -0800
From: mech () eff org (Stanton McCandlish)




The referred-to articles in the constituent letter blow are interesting,
and the govt. officials spew some really amazing double-speak.   Some of
the more relevant passages from both articles are excerpted below.


<snippets>


"I'd also ask American business not to make a campaign out of just
trying to bust through export controls as though somehow there was a
God-given, inherent right to send the strongest encryption to anybody in
the world, no matter who they are,"  [US Deputy Secretary of Defense
John] Hamre said.


"I would ask you to step past this debate that we're having on cyber
liberties vs. law enforcement," Hamre said. "We're going to have to get
to a more sophisticated understanding of this problem, and we don't have
a lot of time.


"I do not believe that it's more important to protect ourselves against
terrorists if it means it comes at the expense of civil liberties in the
United States," [US Deputy Secretary of Defense John] Hamre said.


Hamre admitted that strong encryption was dangerous but also essential
to protecting the country's communications and enabling commerce and
secure transmissions on the Internet. "We have to protect ourselves in
this environment and it's got to be with encryption and some form of
security management, key recovery in our case," Hamre said. "But
we're going to make it voluntary.... It's something we all have to do,
frankly, for the country."


Hamre went on to say that 56-bit encryption was good enough for most
applications. "I mean, there isn't anybody in the world that could
routinely bust that level of encryption in the same time sequence it
takes to issue it," he said. "[W]e're not prohibiting anybody from using
enormously strong encryption today."


Despite his reservations about strong crypto, which could protect
critical systems, Hamre said that the nation is currently "wide open to
attack electronically."


<end snippet>


We're mentioned prominently with a link to the DES Cracker stuff.


Some other very intersting material:


<snippets>


Despite his reservations about strong crypto, which could protect
critical systems, Hamre said that the nation is currently "wide open to
attack electronically." He revealed further details of Operation
"Eligible Receiver," a Defense Department information warfare exercise
conducted last year. The Pentagon hired a team of 30 to 35 crackers to
see how far they could penetrate government and critical infrastructure
systems. The hackers worked for three months, using only off-the-shelf
hardware and software and programs downloaded from what Hamre
characterized as "hacker Web sites." "We didn't really let them take
down the power system in the country, but we made them prove that they
knew how to do it," he said. Hamre admitted that the Defense Department
is "surprisingly vulnerable" as well, since most government
communication is now conducted over commercial channels.


<end snippets>


This is worth reading too:


<snippets>


The industry is facing a year-end deadline to add a government-approved
back door into network gear. Vendors that don't provide this access risk
losing export privileges.


Cruising up and down Silicon Valley, NSA spooks from the agency's Fort
Meade headquarters have been making pit stops at companies ranging from
industry leaders Netscape Communications Corp. and Sun Microsystems,
Inc. to start-ups such as VPNet Technologies, Inc. in order to get a peek at
products still on the drawing board.


The NSA wants software vendors to make sure that any product with strong
encryption have some way for the government to tap into the data. And
because practically every commercial network application, router or switch
these days includes encryption or an option for it, almost every vendor now
has to answer to the NSA if it wants to export.


It's gotten to the point where no vendor hip to the NSA's power will even
start building products without checking in with Fort Meade first. This
includes even that supposed ruler of the software universe, Microsoft Corp.
"It's inevitable that you design products with specific [encryption] algorithms
and key lengths in mind," said Ira Rubenstein, Microsoft attorney and a top
lieutenant to Bill Gates. By his own account, Rubenstein acts as a "filter"
between the NSA and Microsoft's design teams in Redmond, Wash. "Any
time that you're developing a new product, you will be working closely with
the NSA," he noted.


According to Bill Reinsche, Department of Commerce undersecretary for
the Bureau of Export Controls, about 50 vendors have submitted plans for
government-approved key-recovery, also called data-recovery. These
companies, which include IBM, were rewarded with Key Management
Infrastructure (KMI) export licenses to export products with 56-bit or
stronger encryption until year-end.


But some companies are discovering that dealing with the Commerce
Department for a KMI license means more involvement with the NSA.


The Bureau of Export Control is actually just a front for the NSA, said
Alison Giacomelli, director of export compliance at VPNet Technologies,
Inc., a San Jose, Calif.-based vendor of IP-based encryption gateways.
"The NSA has sign-off authority on these KMI licenses," Giacomelli said.
In return for the KMI license, VPNet opened itself up for an NSA audit.


"They've already come out once, and they'll be coming out again,"
Giacomelli said. VPNet remains committed to meeting the deadline for
adding key-recovery to its product but has one major problem:
uncertainty about what the NSA really wants. The confusion means
"there's a lot of risk . . . in terms of engineering and resources,"
Giacomelli said.


Clearly wary of granting the government supervision
over its products, Microsoft has stubbornly refused to submit a
data-recovery plan, even though the Redmond giant already includes a
data-recovery feature in its Exchange Server. "The Exchange Server can
only be used when this feature is present," Rubenstein said. "Because we
haven't filed a product plan, it's harder for us to export this than for
companies that have filed plans."


But in an odd-couple sort of joint-partner arrangement, Microsoft and
the NSA did work together to build what's called Server Gated
Cryptography. Primarily intended to help banks use Web servers to
do business internationally, the technology lets a server with a special
digital certificate provide 128-bit encryption support to a Web browser
outside the U.S.


Sybase, Inc., which also submitted a plan to add key-recovery to its products,
found it hard to satisfy the government's demands. "They approved our
technological approach but disapproved each of our applications with
it," said Sybase President and CEO Mitchell Kertzman. "It's been
frustrating."


Documents recently obtained under the Freedom of Information Act
(FOIA) by the Washington, D.C.-based Electronic Privacy
Information Center contain the data-recovery plan Netscape filed at the
Commerce Department last year. Netscape's plan explains that the "escrow
of private encryption keys" could be achieved by developing client and
server products that can only issue an X.509 digital certificate after
the private key has been escrowed. The key can only be held by an entity
chosen by the intranet administrator who handles security policy. The
Netscape plan called for introducing a certificate server with recovery
capabilities in the first quarter of this year, with the introduction of
S/MIME clients with basic recovery features in the second quarter.
Netscape hasn't actually carried out this plan, and the company declined
to discuss it. Netscape attorney Peter Harter would only say officially,
"We had no choice but to submit the plan, no matter how much we opposed
key-escrow, in order to be part of the ongoing dialog."


Other FOIA documents show that Netscape was regularly briefing the NSA
on its product plans since 1996 and that then NSA Deputy Director William
Crowell took a special interest in trying to dissuade Netscape from
using strong encryption. Crowell, now vice president for product
marketing and strategy at Cylink Corp., said he had frequent discussions
with Netscape, especially concerning changes to Netscape Navigator.
"Their product didn't have a separate signature key, so if the
government used the product for key-escrow later, you'd have to store
the signature key with a third party, which we thought was a bad idea,"
Crowell said. He added that Netscape Navigator 3.0 adopted the changes
the NSA wanted.


According to Crowell, the NSA has a great deal of expertise in
securing communications, and it wants to ensure that
products bought by the Defense Department meet NSA standards. "In
addition, as part of the NSA's intelligence mission, [the agency needs]
to have a thorough understanding of where commercial products are
headed."


Taher Elgamal, author of the Netscape data-recovery plan, who
recently left Netscape to start his own venture, said Netscape had no
choice but to maintain constant contact with the NSA. "They're costing
the industry a lot of money," Elgamal said. Others agree. "Everyone in
Silicon Valley, including us, has to have specific staff - highly paid
experts - to deal with them," said Chris Tolles, security group product
manager at Sun. "Their job is to wrangle this from a policy standpoint."
Sun has had run-ins with the NSA in the past. Two years ago, the NSA
objected to Sun including encryption in the exportable version of Java
1.1. The end result was that Sun stripped encryption out of Java 1.1 and
the software was delayed by about six months.


<end snippets>


<< start of forwarded material >>




Date: Thu, 30 Jul 1998 11:35:04 -0600 (MDT)
From: Bruce Gingery <bruce () gtcs com>
Reply-To: bgingery () gtcs com
To: Stanton McCandlish <mech () eff org>
Subject: While cda-II diverts attention, end run around clipper resistance




Mech,
  I'm not sure if you're even at EFF any more.  Yet, we communicated a
  bit about CDA-I, and your moves were extremely beneficial to civil
  and cyber liberties.  While I don't subscribe to hysteria WRT plots
  and conspiracies, I _do_ see at least a coincidence here, that while
  cyber-liberties groups are focused on CDA-II, other ``game is afoot''.


  Now, it seems, there is an end run around public resistance to
  cryptographic back doors.


  In a wired article today, US Deputy Secretary of Defense John Hamre
  confirmed in Aspen, last week, the reports of strong DOD/NSA
  interference in software designs, insuring that back doors are
  included - reported days earlier in IDG/CNN...


(URLs: http://www.wired.com/news/news/technology/story/14098.html
       http://www.cnn.com/TECH/computing/9807/27/security.idg/  )


  Now, put that together with the anti ``reverse-engineering''
  clauses in the Copyright bills in both the House, and the WIPO
  treaty just passed (if I understand correctly) the Senate, and
  we've got a real problem.  They seem to be worded to SPECIFICALLY
  include detecting and closing these back doors.  Even if foreign
  patches were available to close such back doors, the wording would
  appear to be easily perverted to make it illegal to have a copy
  of such patches, let alone apply them.


  Presuming all of these reports are correct, not only will everything
  but open source software have back doors, but it will be illegal to
  look for them and close them.  (Oh, after a two year wait, one MIGHT
  get permission from Commerce to investigate security of new software
  in one compromise house amendment).


  It would seem that there's more cats to lock into their bags, before
  UNDOING the damage is far harder than preventing it.


        Bruce Gingery   <bgingery () gtcs com>


<< end of forwarded material >>





--
Stanton McCandlish      mech () eff org       http://www.eff.org/~mech
Program Director, Electronic Frontier Foundation
voice: +1 415 436 9333 x105   fax: +1 415 436 9333
PGPfone: 204.253.162.21