From the Technology section of Time Magazine

Headline: WHO SHOULD KEEP THE KEYS?

Sub heading: The U.S. Government wants the power to tap into every
phone, fax and computer transmission

By Philip Elmer-Dewitt

UNTIL QUITE RECENTLY, CRYPTOGRAPHY-the science of making and breaking
and breaking codes-was, well secret. In the U.S. the field was dominated
by the National Security Agency, a government outfit so clandestine that
the U.S. for many years denied its existence. The NSA, which gathers
intelligence for national security purposes by eavesdropping on overseas
phone calls and cables, did everything in its power to make sure nobody
had a code that it couldn't break. It kept tight reins on the "keys"
used to translate coded text, prohibiting the export of secret codes
under U.S. munitions laws and ensuring that the encryption scheme used
by business-the so-called Digital Encryption Standard-was weak enough
that NSA supercomputers could cut through it like butter.
But the past few years have not been kind to the NSA. Not only has its
cover been blown, but so has its monopoly on encryption technology. As
computers-the engines of modern cryptology-have proliferated, so have
ever more powerful encryption algorithms. Telephones that offered nearly
airtight privacy protection began to appear on the market, and in
January U.S. computermakers said they were ready to adopt a new
encyption standard so robust that even the NSA couldn't crack it.
Thus the stage was set for one of the most bizarre technology-policy
battles ever waged: the Clipper Chip war. Lined up on one side are the
three-letter cloak-and-dagger agencies-the NSA, the CIA and the FBI-and
key policy makers in the Clinton Administration (who are taking a
surprisingly hard line on the encryption issue).
Opposing them is an equally unlikely coalition of computer firms, civil
libertarians, conservative columnists and a strange breed of
cryptoanarchists who call themselves the cypherpunks.
t the center is the Clipper Chip, a semiconductor device that the NSA
developed and wants installed in every telephone, computer modem and fax
machine.  The chip combines a powerful encryption algorithm with a
"backdoor"-the crypotographic equicalint of the master key that opens
schoolchildren's padlocks when they forget their combinations.  A
"secure" phone equipped with the chip could, withe proper authorization,
be cracked by the government.  Law-enforcement agencies say they need
this capability to keep tabs on drug runners, terrorists and spies.
Crutucs debiybce tge Clipper-and a bill before Congress that would
require phone companies to make it easy to tap the new digital phones-as
Big Brotherly tools that will strip citizens of whatever privacy they
still have in the computer age.  In a Time/Cnn poll of 1,000 Americans
conducted last week by Yankelovich Partmers, two-thirds said it was more
important to protect the privacy of phone calls than to preserve the
ability of police to conduct wiretaps.  When informed about the Clipper
Chip, 80% said they opposed it.  The battle lines were first drawn last
April, when the Administration unveiled the Clipper plan and invited
public comment.  For nine months opponents railed againstthe scheme's
many flaws: criminals wouldn't use phones equipped with the government's
chip; foreign customers wouldn't buy communications gear for which the
U.S. held the keys; the system for giving investigators  access to the
back-door master codes was open to abuse; there was no guarantee that
some clever hacker wouldn't steal the keys.  But in the end the
Administration ignored the advice.  In early Febuary, after
computer-industry leaders had made it clear that they wanted to adopt
their own encryption standard, the Administration announced that it was
putting the NSA plan into effect.  Government agencies will phase in use
of Clipper techbology for all unclassified communications.  Commercial
use of the chip will be voluntary-for now.  It was tantamount to a
declaration of war, not just to a small group of cryptoactivists but to
all citizens who value their privacy, as well as to telecommunications
firms that sell their products abroad.  Foreign customers won't want
equipment that U>S> spies can tap into, particularly since powerful,
uncompromised encryption isavailabe overseas.  "Industry is unanimous of
this," say's Jim Burger, a lobbyist Apple Computer, one of two dozen
companies and trade groups opposing the Clipper.  A petition circulated
on the Internet electronic network by Computer Professinnals for Social
Responsibility gathered 45,000 signatures, and some activists are
planning to boycott companies that use the chips and thus, in effect,
hand over their encryption keys to the government.  "You cna have my
encryption algorithm," said John Perry Barlow, co-founder of the
Electronc Frontier Foundation, "when you pry my cold dead fingers from
my private key."  The seeds of the present conflict were planted nearly
20 years ago, when a young M.I.T. student maned Whitfield Diffie set out
to plug the glaring loophole in all traditional encryption schemes:
their reliance on a single password or key to encode and decode
messages.  Ultimately the privacy of coded messages is a function of how
carefully the secret decoder keys are kept.  But people exchanging
messages using conventional coding schemes must also find a way to
exchange the key, which immediately makes it vulnerable to interception.
The problem is compounded when encryption is employed on a vast scale
andlists of keys are kept in a central registry. Diffie's solution was
to give everybody two keys-one that could be widely distrbuted or even
publishedin a book, and a private key known only to the user.  For
obscure mathematical reasons, a message scrambled with someone's public
key, it can be turned back into plain text only with that person's
private key.  The Diffie public-key encryption system could solve one of
the big problems facing companies that want to do business on the
emerging information highway: how to collect the cash.  On a computer or
telephone network, it's not easy to verify that the person whose name is
on a credit card is the one who is using it to buy a new stereo
system-which is one of the reasons catalog sales are rife with fraud.
But if an ofder confirmation encoded with someone's public key can be
decoded by his or her private key-and only his or her private key- that
comfirmation becomes like an unforgeable digital signature.  However,
public-key encryption created a headache for the NSA by giving ordinary
citizens-and savvy criminals-a way to exchange coded messages that could
not be easily cracked.  That headache became a nightmare in 1991, when a
cypherpunk programmer named Phil Zimmerman combined public-key
encryption with some conventional algorithms in a piece of software he
called-pgp-pretty good privacy-and proceeded to give it away, free if
charge, on the Internet.  Rather than outlaw PGP and other such
programs, a policy that would probably be unconstitutional, the
Administration is taking a marketing approach.  By using its purchasing
power to lower the cost of Clipper technology, and by vigilantly
enforcing restrictiong against overseas sales of competing encryption
systems, the government is trying to make it diffcult for any
alternative schemes to become widespread.  If Clipper manages to
establish itself as a market standard-if, for example, it is built into
almost every telephone, modem and fax machine sold-people who buy a
nonstandard system might find themselves with an untappable phone but no
one to call.  That's still a big if.  Zimmerman is already working on a
version of PGA for voice communications that could compete  directly
with Clipper, and if it finds a mrket, similar products are sure to
follow.  "The crypto genie is out of the bottle," saysmSteven Levy, who
is writing a book about encryption.  If that's true, even the NSA may
not have the power to put it back.-Reported by David S. Jackson/San
Francisco and Suneel Ratan/Washington
