Nervous System: Clipping the Wings of the Clipper Chip

September 3, 2019

Online

Nervous System: Clipping the Wings of the Clipper Chip In this month’s look at the history of cybersecurity, David Kalat examines the government’s efforts to come to a consensus with government access to encrypted technologies, only for outside forces to get in the way. By David Kalat, BRG With the aggressive pace of technological change and the onslaught of news regarding data breaches, cyber-attacks, and technological threats to privacy and security, it is easy to assume these are fundamentally new threats. The pace of technological change is slower than it feels, and many seemingly new categories of threats have actually been with us longer than we remem- ber. Nervous System is a monthly blog that approaches issues of data privacy and cybersecurity from the digital economy needed reliably consisted of privacy advocates fear- context of history—to look to the past secure communications; on the ful of government surveillance. That for clues about how to interpret the other, legitimate law enforcement community would never accept sim- present and prepare for the future. needed the ability to conduct ply including a backdoor for gov- As assistant deputy director of wiretaps. For years, the govern- ernment surveillance. So Brooks the National Security Agency (NSA), ment had tried—ineffectively— to planned to include two enticements. Clinton Brooks had watched with restrict the sale and distribution of First, this new NSA-approved crypto- growing alarm the rise of strong cryptographic tools. Once cryptographic technology would be signif- cryptography. Part of the NSA’s graphic technologies began to cir- icantly more powerful than anything mission was to eavesdrop on for- culate, they proliferated on their already on the market, and thereby eign spies, but widespread use own outside the reach of regula- would offer a material upgrade in of encryption threatened to put it tions. Brooks proposed an “if you privacy protection. Second, the gov- out of business. Brooks’ “Eureka!” can’t beat ‘em, join ‘em” solution ernment’s key would be broken moment came in 1992. He had a that would actively encourage into halves, to be held in escrow by crazy idea to solve the problem— people to use encryption—but two separate agencies (the Treasury an idea so crazy, it just might work, with a catch. Instead of each user Department’s Automated he thought, hopefully. owning her own unique keys, the Systems Division and the Com- Brooks realized the problem was government would keep a spare merce Department’s National Insti- a fundamental tension between set of keys. tute of Standards and Technology). two competing public needs. On Brooks observed that the commu- If, for example, the NSA wanted to the one hand, an increasingly nity most in favor of cryptography take advantage of the back door September 3, 2019 Online

and decrypt a user’s communica- for the election to play out first. influential voices to rally around tions, it would first have to get court Then came the surprise announce- the fundamentally problematic con- approval directing both agencies ment that AT&T had developed a cept at its core. As Jerry Berman of to share that user’s key with the new encryption algorithm of its the Electronic Frontier Foundation NSA for a specific, limited purpose. own, to be installed in new secure put it, “The idea that government Unauthorized, warrantless wire- phones that were expected to sell holds the keys to all our locks, even tapping would be impossible. For in huge volumes to privacy-seeking before anyone has been accused of most users, the escrow-based sys- customers. By the time the Skip- committing a crime, doesn’t parse tem would offer the highest level of jack chips were actually released, with the public.” security then available. however far into the future, they Meanwhile, Matthew Blaze, a Both sides had to buy-in to have would be an afterthought to a pub- young computer scientist in AT&T’s any hope of success. The law lic already happily secure from gov- cryptology division, obtained enforcement agencies had to stand ernment snoops. access to prototype Clipper Chips in unison, and the idea had to be The Federal Bureau of Investiga- for testing and discovered fairly presented compellingly to the pub- tions (FBI) was concerned that the quickly an easy, inexpensive hack lic. This would take a monumental AT&T phones would all but close that disabled the escrow key. In act of public relations and a slow, off wiretapping options in the the rush to engineer the chips, prolonged public debate to develop future. What self-respecting criminal some sloppy technological corner- mutual trust between governed and wouldn’t outfit themselves with one? cutting had left a critical vulner- government. To Brooks’ chagrin, After some hasty engineering ability. The error was fixable, but events outside his control soon shortcuts to make stripped-down a New York Times front-page story short-circuited that public relations chips available quickly, FBI Director washed away the last slivers of campaign and all but ensured the William Sessions personally called public trust the Clipper Chip had plan would fail. AT&T CEO Robert Allen to persuade enjoyed. NSA technicians had developed him to retool the AT&T phones The passing of the Clipper Chip a secure algorithm, called Skipjack, with these rush-order encryption left agencies like the NSA and the on which the new system would be chips, called Clipper Chips. AT&T FBI exactly in a world they had based. To execute the complicated agreed—so long as the key escrow technical aspects in the most secure provision became a national stan- most feared—where the private use way, it was decided that Skipjack dard, for which AT&T would be a of encryption increasingly secured would be managed through tam- market leader. communications from government perproof computer chips to be Brooks’ hope for a thoughtful eavesdropping. It was a pointed les- installed by manufacturers. All par- national debate immediately fell by son that the needs of law enforce- ties to any given encrypted com- the wayside. There was no time to ment do not outweigh individual munication would have to have carefully build up public support. liberties, even in the digital age. these chips installed, and the chips Instead, government policy had to would exchange critical information follow an artificial timetable created David Kalat is Director, Global needed to establish and maintain by AT&T’s production schedule. Investigations + Strategic Intelli- the cryptographic channel, while Newly elected President Bill Clin- gence at Berkeley Research Group. also keeping a path open for the ton and Vice President Al Gore sup- David is a computer forensic inves- escrowed key to be deployed if ported the Clipper Chip but were tigator and e-discovery project man- authorized. unprepared for the immediate and ager. Disclaimer for commentary: As the country approached the intense public opposition that the The views and opinions expressed 1992 presidential election, however, proposal met. No effort had been in this article are those of the author no one’s list of priorities included made to persuade consumers or and do not necessarily reflect the introducing a complicated debate businesses that this was a superior opinions, position, or policy of about computer privacy. The cre- cryptographic solution, and the new Berkeley Research Group, LLC or its ators of Skipjack expected to wait administration had not rallied any other employees and affiliates.

Originally published on Corporate Counsel. Reprinted with permission from the September 3, 2019 edition of Legaltech News. © 2019 ALM Media Properties, LLC. All rights reserved. Further duplication without permission is prohibited. For information, contact 877-257-3382 or [email protected]. #LTN-09042019-414446-Berkeley