Clipper chip
|
The Clipper chip is a chipset that was developed and promoted by the U.S. Government as an encryption device to be adopted by telecommunications companies for voice transmission.
Contents |
Background
In the early 1990s, the increasing popularity of the Internet and of digitized communications caused concern to many in the law enforcement community because of the implications for wiretapping. Before the 1980s, in the days of analog telephone system equipment, it was a simple task, from a technical standpoint, to eavesdrop on a telephone conversation; a police officer could attach two alligator clips to the appropriate circuit, and listen in at will. The installation of electronic switching systems in the phone network made this a more complicated task, but ultimately the data transmitted was a simple unencrypted signal that, once accessed, could be understood immediately.
With the continuing increase in computer speed and the development of such public-key cryptography algorithms as RSA, it became evident that in the short term, telephones could be invented which would digitize voice data, and then transmit that digital data using strong encryption, such that eavesdropping would be impossible. The previously valuable technique of wiretapping would be useless.
Key Escrow
The Clipper chip, announced in 1993, used a data encryption algorithm invented by the National Security Agency of the U.S. Government; this algorithm was classified secret so that it could not be subjected to the peer review that was usual in the encryption research community. Part of the technique was that when a telephone with a Clipper chip was manufactured, a password, or "key", that could be used to decrypt the data was to be given to the government in "escrow". If government agencies "established their authority" to listen to a communication, then the password would be given to those government agencies, who could then decrypt all data transmitted by that particular telephone.
Although the algorithm was classified, the government did state that it used an 80-bit key, that the algorithm was symmetric, and that it was similar to the DES algorithm. The initial cost of the chips was said to be $16 (unprogrammed) or $26 (programmed), with its logic designed by Mykotronx, and fabricated by VLSI, Inc.
Backlash
In announcing the Clipper chip initiative, the government did not state that it intended to try to make data encryption illegal, but several statements seemed to point in this direction, such as one paragraph from the government's fact sheet:
- In making this decision, I do not intend to prevent the private sector from developing, or the government from approving, other microcircuits or algorithms that are equally effective in assuring both privacy and a secure key-escrow system.
Such "electronic civil liberties" organizations as the Electronic Privacy Information Center and the Electronic Frontier Foundation challenged the Clipper chip proposal, saying that it would have the effect not only of subjecting citizens to increased and possibly illegal government surveillance, but that the strength of the Clipper chip's encryption could not be evaluated by the public, as its design was classified secret, and that therefore individuals and businesses might be hobbled with an insecure communications system. Furthermore, it was pointed out, while American companies could be forced to use the Clipper chip in their encryption products, foreign companies could not, and presumably phones with strong data encryption would be manufactured abroad and would spread throughout the world and into the United States, defying the point of the whole exercise, and materially damaging U.S. manufacturers en route.
Vulnerability
In 1994, Matt Blaze published the paper Protocol Failure in the Escrowed Encryption Standard[1] (http://www.crypto.com/papers/). The Clipper's escrow system has a serious vulnerability; the hash for the 128-bit LEAF field was too short (mere 16 bits), allowing a brute force attack to find another value of LEAF that would give the same hash, but won't yield the correct keys after the escrow attempt.
Dead on the Vine
The Clipper chip was not embraced by consumers or manufacturers, and the chip itself was a dead issue by 1996. The government continued to press for key escrow by using incentives to manufacturers, allowing more relaxed export controls if key escrow were part of cryptographic software that was exported. These attempts were largely mooted by the widespread use of such strong cryptographic technologies as PGP, which was not under the control of the U.S. government.
In 1998, the encryption algorithms used in Clipper were declassified: Skipjack and KEA.