U.S. Encryption Policy
"Clipper II" (Commercial Key Escrow): September 6, 1995
In September 1995, the National Institute for Standards and Technology (NIST) held a conference on encryption policy, at which the Clinton Administration announced plans for a new export control policy. The Commercial Key Escrow initiative, dubbed "Clipper II" for its similarity to its policy predecessor, relaxed export controls on key lengths up to 64 bits provided that an encryption key was escrowed with a US government certified agent.
The proposal met with widespread disapproval from industry representatives and civil liberties groups. Responding to criticisms about the lack of privacy protections in the initial policy, the Administration presented a revised version of their proposed "Key Escrow Export Criteria" at another meeting at the National Institute for Standards and Technology (NIST) on December 5, 1995. The revised proposal maintained the existing export ban on strong cryptography, and allowed for the export of 64-bit keylength systems while still requiring that strict key escrow criteria be met.
Reference documents on Clipper II
Three papers on key escrow that were the subject of discussions at the September 1995 NIST conference:
New York Times coverage of the NIST conference by Peter Lewis
Draft Software Key Escrow Encryption Export Criteria (November 1995 version, discussed at December 1995 conference)
Privacy and Security Concerns
The new proposal did not adhere to promises made in July 1994 letter from Vice President Gore to Rep. Maria Cantwell.
Every principle except the first (software implementation) and second (public algorithms), outlined in the Gore letter to Cantwell was violated or, in one case, left in doubt, by the September 1995 policy statement. The September 1995 policy statement diverged from the July 1994 letter in the following critical respects. In CDT's view, these divergences represented fundamental defects in the proposed policy.
Not Voluntary The proposal effectively compelled all domestic
users to use key escrow systems if they ever intended to communicate
internationally. Point 6 of the export criteria required that an
exportable system must not interoperate with any non-escrow systems. Thus, in order for a user in the United States to
communicate with anyone who used a United States-made system on the
Internet but outside of the United States, the American user was required to
employ a key escrow system. Domestic users were not legally compelled
to use key escrow products, but the proposed policy forced, in
practice, all but the most insular Internet user toward a key escrow
system. Moreover, this proposal further illustrated that the
Administration sought to use export controls to push the domestic use
of escrowed cryptography. A policy based on such compulsion could hardly
have been called voluntary.
Inadequate Security Point 1 precluded export of systems with key
lengths beyond 64 bits. Though this key size was larger than what was
previously exportable, it was a level of security already judged
inadequate for some applications. Given the rate at which computing
power increases, even a 64 bit key would be subject to attack before
long. Ironically, even the Clipper Chip provided a stronger (80 bit)
key length. The premise of the key escrow policy was to provide law enforcement
and national security agencies a "front door" to be used to decrypt
messages when the agency obtains proper legal authorization. Yet, the
architects of the policy apparently were not willing to trust
that key escrow systems will meet law enforcement needs inasmuch as
the key length limit suggests that the Administration was intent on
maintaining an extra-legal method of decrypting communications. The
Gore letter contained no suggestion that key escrow systems would also
be subject to key length limits but the Administration seemed to have
lost faith in its own proposal. Such a half-hearted effort could not have been
the basis of a long-lasting policy.
No Privacy Protections for Users of Escrowed Systems The ten export
principles made no mention of privacy safeguards which the Vice
President previously recognized as necessary to safeguard individual
privacy and Fourth Amendment principles. Any escrow policy would have neded
safeguards against abuse and statutory liability provisions for the operators of private escrow systems.
Fails to Promote International Interoperability Points 6 and 10 of
the export criteria raised grave doubts as to the likelihood that the
proposal would give rise to a secure global communications
environment. Point 10 forced users in other countries (and their
governments) to accept United States-based escrow of all keys until
bilateral access agreements were entered into. Such tactics seemed
unlikely to produce satisfactory international agreements, and hold
global communications security hostage to the completion of such
agreements.
Highlights of the Debate
Testimony of CDT Deputy Director Daniel Weitzner on "Privacy and Security Policy Issues Raised by Commercial Key Escrow Systems"
Letter to Vice President Gore criticizing the proposed regulations, signed by a broad coalition of industry and public interest groups
Letter to Speaker Newt Gingrich from Ad-hoc Taxpayer Coalition for Computer Privacy expressing concerns over "Clipper II".
CDT Policy Post regarding reactions of public interest groups and industry to Clipper II regs
Testimony of Daniel Weitzner at December 1995 conference on "NIST's Proposed Key Escrow Export Criteria and the Search for a National Cryptography Policy"
| |
The Center For Democracy & Technology
1634 Eye Street NW, Suite 1100
Washington, DC 20006
(v) 202.637.9800
(f) 202.637.0968
Contact CDT
Copyright © 2005 by Center for Democracy and Technology.
The content throughout this Web site that originates with CDT can be freely copied and used as long as you make no substantive changes and clearly give us credit. Details.
|
