------------------------------ Date: Tue, 25 Jan 1994 10:17:19 +0200 (WET) From: anonymous Subject: File 4--Re: Clipp[er]ed again (fwd) U.S. CODE AGENCY IS JOSTLING FOR CIVILIAN TURF New York Times, Monday, January 24, 1994 By John Markoff The National Security agency is trying to establish a standard tor electronically scrambling computer communications, a move that would go far beyond the agency's usual military and intelligence domain to include civilian activities like electronic tax returns and computerized medical payments. The plan by the N.S.A., which may be announced as early as today, worries business executives, who fear a Government encroachment on privacy. And some officials in the Clinton Administration believe that the N.S.A. is overstepping its bounds. The N.S.A. is the Federal agency responsible for electronic surveillance of global communications, though usually not civilian communications, within the United States. ((The article explains in a few paragraphs how the government prefers a government and civilian standard approach to scrambling in order to crack codes authorized by court-approved wiretaps)) Bidding Process The agency will seek bids from companies to produce circuit cards based on its technology, which would be used to scramble electronic messages for Government agencies and, eventually, private companies. Agency employees confirmed the plan late Friday, though no agency officials could be reached over the weekend for further details. ((A few paragraphs deleted)) Many computer industry executives oppose the National Security Agency's effort, saying there is no way for industry experts and outsiders to determine the reliability and security of the underlying scrambling technology, which the agency intends to keep secret. Privacy-rights advocates, meanwhile, are wary of the system because of the electronic "back door" it contains, permitting Government eavesdropping. And some other Administration officials say the agency is going too far by pushing the standard into civilian computing "What these guys are trying to do is run ahead of the blocking," an Administration official who spoke on the condition of anonymity said. "Trying to sell this as the wave of the future is premature as Administration policy. The circuit card, which is designed to fit into a personal computer and which the agency calls Tessera, is based on technology similar to a device known as the Clipper Chip, a telephone voice-scrambling chip that provides a back-door means for letting law-enforcement officials eavesdrop. ((The article explains that the Clipper plan was developed by the NSA, NIST, and CDA, and has been strongly opposed by professionals and public policy groups)) In a letter to be sent to President Clinton today, which was released on Friday to The New York Times, a group of 38 of the nation's leading computer scientists, computer-security specialists and privacy experts have urged that the Clipper program be stopped. "The current proposal was developed in secret by Federal agencies primarily concerned about electronic surveillance, not privacy protection," the letter states. "Critical aspects of the plan remain classified and thus beyond public review." ((The article notes that lots of influential crypto-pioneers signed the letter)) Moreover, the Government could insure widespread use of the Clipper and Tessera technologies by insisting that they be used by businesses and individuals when communicating electronically with Federal agencies. Official Reasoning Law-enforcement officials say the technologies are intended to resolve a longstanding problem of the information age: how to preserve the right of businesses and citizens to use codes to protect all sorts of digital communications without letting criminals and terrorists conspire beyond the law's reach. Businesses and individuals who often communicate over computer networks already make use of a variety of scrambling systems-either of their own devising or those commercially available. Many of these scrambling systems are unbreakable by anyone who does not hold the electronic keys to the code, something generally known only by the sender and the recipient of scrambled messages. That is a problem for the National Security Agency, which routinely listens to many of the world's telephone and computer conversations - although it has no jurisdiction for monitoring non-Government conversations within the United States. The N.S.A.'s Tessera and Clipper systems would have an independent agency hold master keys to the codes, which could be obtained with a court's permission for surveillance by law-enforcement officials. ((For a few paragraphs, the article notes that the agency intends to purchase between 10,000-70,000Tessera cards and notes that the card can be used for civilian functions such as e-mail and cable tv scrambling)) The National Security Agency's new standard-setting effort is being introduced a couple of weeks before the Clinton Administration completes a classified review of the Clipper proposal, and several industry executives said the announcement had been timed to apply pressure to the Administration's decision making. The proposal angers industry executives who believe that the agency is rushing to establish a de facto standard that will undercut efforts to adopt a competing commercial standard without a built-in back door. That standard, being developed by RSA Data Security, a Redwood City, ((A bunch of background information paragraphs deleted)) Secret Formula These companies are particularly troubled by the National Security Agency's refusal to disclose the mathematical formula, or algorithm, on which-its scrambling technology is based. "The issue here is: Should a secret algorithm developed by the intelligence community be used for unclassified civilian uses?" said Stephen Walker, a computer security industry executive and a member of the Government's Computer System Security and Privacy Advisory Board. l think the answer is it should not. ((A bunch more deleted summarizing some of the conflict the agency has experienced regarding the surveillance issue. Marc Rotenberg of CPSR is quoted as saying that the proposals are going in the wrong direction)) "These guys are fighting for job security," said William Ferguson, vice president of Semaphore Inc., a , Santa Clara, Calif., computer network security firm. "Now that the K.G.B. has gone commercial, the N.S.A. is trying to start its own initiatives that say, 'all we're trying to do i is keep up with the K.G.B.' " White House officials said the agency's actions would not necessarily force the Administration to authorize, an unpopular coding technology. One official said the Administration policy review was likely to establish a permanent working group that, would limit the National Security, Agency's role in policy making. ((The article concludes by explaining that the NSA intended to announce its RFPs last week, but was delayed by a snow storm)) =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ + END THIS FILE + +=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+===+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=