From msuinfo!uwm.edu!linac!att!att!allegra!ulysses!ulysses!smb Mon Apr 19 11:51:21 1993
Newsgroups: sci.crypt,alt.privacy.clipper
Path: msuinfo!uwm.edu!linac!att!att!allegra!ulysses!ulysses!smb
From: smb@research.att.com (Steven Bellovin)
Subject: Clipper chip -- technical details
Message-ID: <1993Apr18.200737.14815@ulysses.att.com>
Date: Sun, 18 Apr 1993 20:07:37 GMT
Organization: AT&T Bell Laboratories
Lines: 121

I received the following two notes from Martin Hellman with details
on how Clipper will work. They are posted with his permission. The
implications of some details are fascinating.

-------
Date: Sat, 17 Apr 93 23:05:23 PDT
From: "Martin Hellman" <hellman@isl.stanford.edu>
To: (a long list of recipients)
Subject: Clipper Chip


Most of you have seen the announcement in Friday's NY Times,
etc. about NIST (National Institute of Standards & Technology)
announcing the "Clipper Chip" crypto device. Several messges
on the net have asked for more technical details, and some have
been laboring under understandable misunderstandings given
the lack of details in the news articles. So here to help out
is your friendly NSA link: me. I was somewhat surprised Friday
to get a call from the Agency which supplied many of the missing
details. I was told the info was public, so here it is (the cc of this
to Dennis Branstad at NIST is mostly as a double check on my
facts since I assume he is aware of all this; please let me know
if I have anything wrong):

The Clipper Chip will have a secret crypto algorithm embedded in
Silicon. Each chip will have two secret, 80-bit keys. One will be the
same for all chips (ie a system-wide key) and the other will be unit
specific. I don't know what NIST and NSA will call them, but I will
call them the system key SK and unit key UK in this message.
The IC will be designed to be extremely difficult to reverse so
that the system key can be kept secret. (Aside: It is clear that
they also want to keep the algorithm secret and, in my opinion,
it may be as much for that as this stated purpose.) The unit key
will be generated as the XOR of two 80-bit random numbers K1
and K2 (UK=K1+K2) which will be kept by the two escrow
authorities. Who these escrow authorities will be is still to be
decided by the Attorney General, but it was stressed to me that
they will NOT be NSA or law enforcement agencies, that they
must be parties acceptable to the users of the system as unbiased.
When a law enforcement agency gets a court order, they will
present it to these two escrow authorities and receive K1 and
K2, thereby allowing access to the unit key UK.

In addition to the system key, each user will get to choose his
or her own key and change it as often as desired. Call this key
plain old K. When a message is to be sent it will first be
encrypted under K, then K will be encrypted under the unit key UK,
and the serial number of the unit added to produce a three part
message which will then be encrypted under the system key SK
producing

E{ E[M; K], E[K; UK], serial number; SK}

When a court order obtains K1 and K2, and thence K, the law
enforcement agency will use SK to decrypt all information
flowing on the suspected link [Aside: It is my guess that
they may do this constantly on all links, with or without a
court order, since it is almost impossible to tell which links
over which a message will flow.] This gives the agency access to

E[M; K], E[K; UK], serial number

in the above message. They then check the serial number
of the unit and see if it is on the "watch list" for which they
have a court order. If so, they will decrypt E[K; UK] to obtain K,
and then decrypt E[M; K] to obtain M.

I am still in the process of assessing this scheme, so please do
not take the above as any kind of endorsement of the proposed
scheme. All I am trying to do is help all of us assess the scheme
more knowledgably. But I will say that the need for just one court
order worries me. I would feel more comfortable (though not
necessarily comfortable!) if two separate court orders were
needed, one per escrow authority. While no explanation is
needed, the following story adds some color: In researching
some ideas that Silvio Micali and I have been kicking around,
I spoke with Gerald Gunther, the constitutional law expert
here at Stanford and he related the following story: When
Edward Levi became Pres. Ford's attorney general (right
after Watergate), he was visited by an FBI agent asking
for "the wiretap authorizations." When Levy asked for
the details so he could review the cases as required by
law, the agent told him that his predecessors just turned
over 40-50 blank, signed forms every time. Levi did not
comply and changed the system, but the lesson is clear:
No single person or authority should have the power to
authorize wiretaps (or worse yet, divulging of personal
keys). Sometimes he or she will be an Edward Levi
and sometimes a John Mitchell.

Martin Hellman

----

Date: Sun, 18 Apr 93 11:41:42 PDT
From: "Martin Hellman" <hellman@isl.stanford.edu>
To: smb@research.att.com
Subject: Re: Clipper Chip

It is fine to post my previous message to sci.crypt
if you also post this message with it in which:

1. I ask recipients to be sparse in their requesting further info
from me or asking for comments on specific questions. By
this posting I apologize for any messages I am unable to
respond to. (I already spend too much time answering too much
e-mail and am particularly overloaded this week with other
responsibilities.)

2. I note a probably correction sent to me by Dorothy Denning.
She met with the person from NSA that
I talked with by phone, so her understanding is likely to
better than mine on this point: Where I said the transmitted
info is E{ E[M; K], E[K; UK], serial number; SK}
she says the message is not double encrypted. The system
key (or family key as she was told it is called) only encrypts
the serial number or the serial number and the encrypted
unit key. This is not a major difference, but I thought it
should be mentioned and thank her for bringing it to
my attention. It makes more sense since it cuts down
on encryption computation overhead.

From msuinfo!uwm.edu!linac!att!att!allegra!ulysses!ulysses!smb Mon Apr 19 11:51:21 1993
Newsgroups: sci.crypt,alt.privacy.clipper
Path: msuinfo!uwm.edu!linac!att!att!allegra!ulysses!ulysses!smb
From: smb@research.att.com (Steven Bellovin)
Subject: Re: Clipper chip -- technical details
Message-ID: <1993Apr19.052005.20665@ulysses.att.com>
Date: Mon, 19 Apr 1993 05:20:05 GMT
References: <1993Apr18.200737.14815@ulysses.att.com> <1667.Apr1821.58.3593@silverton.berkeley.edu>
Organization: AT&T Bell Laboratories
Lines: 20
Xref: msuinfo sci.crypt:15242 alt.privacy.clipper:1

In article <1667.Apr1821.58.3593@silverton.berkeley.edu>, djb@silverton.berkeley.edu (D. J. Bernstein) writes:
> Short summary of what Bellovin says Hellman says the NSA says: There is
> a global key G, plus one key U_C for each chip C. The user can choose a
> new session key K_P for each phone call P he makes. Chip C knows three
> keys: G, its own U_C, and the user's K_P. The government as a whole
> knows G and every U_C. Apparently a message M is encrypted as
> E_G(E_{U_C}(K_P),C) , E_{K_P}(M). That's it.
>
> The system as described here can't possibly work. What happens when
> someone plugs the above ciphertext into a receiving chip? To get M
> the receiving chip needs K_P; to get K_P the receiving chip needs U_C.
> The only information it can work with is C. If U_C can be computed
> from C then the system is cryptographically useless and the ``key
> escrow'' is bullshit. Otherwise how is a message decrypted?

Via K_P, of course. Nothing was said about where K_P comes from. It's
the session key, though, and it's chosen however you usually choose
session keys --- exponential key exchange, shared secret, RSA, etc.
But however you choose it, the chip will apparently emit the escrow
header when you do.

From msuinfo!uwm.edu!linac!att!att!allegra!ulysses!ulysses!smb Mon Apr 19 11:54:56 1993
Newsgroups: sci.crypt,alt.privacy.clipper
Path: msuinfo!uwm.edu!linac!att!att!allegra!ulysses!ulysses!smb
From: smb@research.att.com (Steven Bellovin)
Subject: More technical details
Message-ID: <1993Apr19.134346.2620@ulysses.att.com>
Date: Mon, 19 Apr 1993 13:43:46 GMT
Organization: AT&T Bell Laboratories
Lines: 116
Xref: msuinfo sci.crypt:15268 alt.privacy.clipper:3

Here are some corrections and additions to Hellman's note, courtesy of
Dorothy Denning. Again, this is reposted with permission.

Two requests -- first, note the roles of S1 and S2. It appears to me
and others that anyone who knows those values can construct the unit
key. And the nature of the generation process for K1 and K2 is such
that neither can be produced alone. Thus, the scheme cannot be
implemented such that one repository generates the first half-key, and
another generates the second. *That* is ominous.

Second -- these postings are not revealed scripture, nor are they
carefully-crafted spook postings. Don't attempt to draw out hidden
meanings (as opposed to, say, the official announcements of Clipper).
Leave Denning out of this; given Hellman's record of opposition to DES,
which goes back before some folks on this newsgroup knew how to read, I
don't think you can impugn his integrity.

Oh yeah -- the folks who invented Clipper aren't stupid. If you think
something doesn't make sense, it's almost certainly because you don't
understand their goals.

--Steve Bellovin

-----

Date: Sun, 18 Apr 93 07:56:39 EDT
From: denning@cs.georgetown.edu (Dorothy Denning)
Subject: Re: Clipper Chip
To: (a long list of folks)

I was also briefed by the NSA and FBI, so let me add a few comments to
Marty's message:

The Clipper Chip will have a secret crypto algorithm embedded in

The algorithm operates on 64-bit blocks (like DES) and the chip supports
all 4 DES modes of operation. The algorithm uses 32 rounds of scrambling
compared with 16 in DES.

In addition to the system key, each user will get to choose his
or her own key and change it as often as desired. Call this key
plain old K. When a message is to be sent it will first be

K is the session key shared by the sender and receiver. Any method
(e.g., public key) can be used to establish the session key. In the
AT&T telephone security devices, which will have the new chip, the key
is negotiated using a public-key protocol.

encrypted under K, then K will be encrypted under the unit key UK,
and the serial number of the unit added to produce a three part
message which will then be encrypted under the system key SK
producing

E{ E[M; K], E[K; UK], serial number; SK}

My understanding is that E[M; K] is not encrypted under SK (called the
"family key") and that the decrypt key corresponding to SK is held by
law enforcement. Does anyone have first hand knowledge on this? I
will also check it out, but this is 7am Sunday so I did not want to wait.

The unit key
will be generated as the XOR of two 80-bit random numbers K1
and K2 (UK=K1+K2) which will be kept by the two escrow

The unit key, also called the "chip key," is generated from the
serial number N as follows. Let N1, N2, and N3 be 64 bit blocks
derived from N, and let S1 and S2 be two 80-bit seeds used as keys.
Compute the 64-bit block

R1 = E[D[E[N1; S1]; S2]; S1]

(Note that this is like using the DES in triple encryption mode with
two keys.) Similarly compute blocks R2 and R3 starting with N2 and N3.
(I'm unlear about whether the keys S1 and S2 change. The fact that
they're called seeds suggests they might.) Then R1, R2, and R3 are
concatenated together giving 192 bits. The first 80 bits form K1 and
the next 80 bits form K2. The remaining bits are discarded.

authorities. Who these escrow authorities will be is still to be
decided by the Attorney General, but it was stressed to me that
they will NOT be NSA or law enforcement agencies, that they
must be parties acceptable to the users of the system as unbiased.

Marty is right on this and the FBI has asked me for suggestions.
Please pass them to me along with your reasons. In addition to Marty's
criteria, I would add that the agencies must have an established record
of being able to safeguard highly sensitive information. Some suggestions
I've received so far include SRI, Rand, Mitre, the national labs (Sandia,
LANL, Los Alamos), Treasury, GAO.

When a court order obtains K1 and K2, and thence K, the law
enforcement agency will use SK to decrypt all information
flowing on the suspected link [Aside: It is my guess that
they may do this constantly on all links, with or without a
court order, since it is almost impossible to tell which links
over which a message will flow.]

My understanding is that there will be only one decode box and that it
will be operated by the FBI. The service provider will isolate the
communications stream and pass it to the FBI where it will pass through
the decode box, which will have been keyed with K.

for "the wiretap authorizations." When Levy asked for
the details so he could review the cases as required by
law, the agent told him that his predecessors just turned
over 40-50 blank, signed forms every time. Levi did not
comply and changed the system, but the lesson is clear:
No single person or authority should have the power to
authorize wiretaps

No single person does, at least for FBI taps. After completing a mound
of paperwork, an agent must get the approval of several people on a chain
that includes FBI legal counsel before the request is even taken to the
Attorney General for final approval.

Dorothy Denning

From: denning@guvax.acc.georgetown.edu
Newsgroups: sci.crypt
Subject: THE CLIPPER CHIP: A TECHNICAL SUMMARY
Date: 19 Apr 93 18:23:27 -0400
Distribution: world
Organization: Georgetown University


The following document summarizes the Clipper Chip, how it is used,
how programming of the chip is coupled to key generation and the
escrow process, and how law enforcement decrypts communications.
Since there has been some speculation on this news group about my
own involvement in this project, I'd like to add that I was not in
any way involved. I found out about it when the FBI briefed me on
Thursday evening, April 15. Since then I have spent considerable
time talking with the NSA and FBI to learn more about this, and I
attended the NIST briefing at the Department of Commerce on April 16.
The document below is the result of that effort.

Dorothy Denning
---------------

THE CLIPPER CHIP: A TECHNICAL SUMMARY

Dorothy Denning

April 19, 1993


INTRODUCTION

On April 16, the President announced a new initiative that will bring
together the Federal Government and industry in a voluntary program
to provide secure communications while meeting the legitimate needs of
law enforcement. At the heart of the plan is a new tamper-proof encryption
chip called the "Clipper Chip" together with a split-key approach to
escrowing keys. Two escrow agencies are used, and the key parts from
both are needed to reconstruct a key.


CHIP STRUCTURE

The Clipper Chip contains a classified 64-bit block encryption
algorithm called "Skipjack." The algorithm uses 80 bit keys (compared
with 56 for the DES) and has 32 rounds of scrambling (compared with 16
for the DES). It supports all 4 DES modes of operation. Throughput is
16 Mbits a second.

Each chip includes the following components:

the Skipjack encryption algorithm
F, an 80-bit family key that is common to all chips
N, a 30-bit serial number
U, an 80-bit secret key that unlocks all messages encrypted with the chip


ENCRYPTING WITH THE CHIP

To see how the chip is used, imagine that it is embedded in the AT&T
telephone security device (as it will be). Suppose I call someone and
we both have such a device. After pushing a button to start a secure
conversation, my security device will negotiate a session key K with
the device at the other end (in general, any method of key exchange can
be used). The key K and message stream M (i.e., digitized voice) are then
fed into the Clipper Chip to produce two values:

E[M; K], the encrypted message stream, and
E[E[K; U] + N; F], a law enforcement block.

The law enforcement block thus contains the session key K encrypted
under the unit key U concatenated with the serial number N, all
encrypted under the family key F.


CHIP PROGRAMMING AND ESCROW

All Clipper Chips are programmed inside a SCIF (secure computer
information facility), which is essentially a vault. The SCIF contains
a laptop computer and equipment to program the chips. About 300 chips
are programmed during a single session. The SCIF is located at
Mikotronx.

At the beginning of a session, a trusted agent from each of the two key
escrow agencies enters the vault. Agent 1 enters an 80-bit value S1
into the laptop and agent 2 enters an 80-bit value S2. These values
serve as seeds to generate keys for a sequence of serial numbers.

To generate the unit key for a serial number N, the 30-bit value N is
first padded with a fixed 34-bit block to produce a 64-bit block N1.
S1 and S2 are then used as keys to triple-encrypt N1, producing a
64-bit block R1:

R1 = E[D[E[N1; S1]; S2]; S1] .

Similarly, N is padded with two other 34-bit blocks to produce N2 and
N3, and two additional 64-bit blocks R2 and R3 are computed:

R2 = E[D[E[N2; S1]; S2]; S1]
R3 = E[D[E[N3; S1]; S2]; S1] .

R1, R2, and R3 are then concatenated together, giving 192 bits. The
first 80 bits are assigned to U1 and the second 80 bits to U2. The
rest are discarded. The unit key U is the XOR of U1 and U2. U1 and U2
are the key parts that are separately escrowed with the two escrow
agencies.

As a sequence of values for U1, U2, and U are generated, they are
written onto three separate floppy disks. The first disk contains a
file for each serial number that contains the corresponding key part
U1. The second disk is similar but contains the U2 values. The third
disk contains the unit keys U. Agent 1 takes the first disk and agent
2 takes the second disk. The third disk is used to program the chips.
After the chips are programmed, all information is discarded from the
vault and the agents leave. The laptop may be destroyed for additional
assurance that no information is left behind.

The protocol may be changed slightly so that four people are in the
room instead of two. The first two would provide the seeds S1 and S2,
and the second two (the escrow agents) would take the disks back to
the escrow agencies.

The escrow agencies have as yet to be determined, but they will not
be the NSA, CIA, FBI, or any other law enforcement agency. One or
both may be independent from the government.


LAW ENFORCEMENT USE

When law enforcement has been authorized to tap an encrypted line, they
will first take the warrant to the service provider in order to get
access to the communications line. Let us assume that the tap is in
place and that they have determined that the line is encrypted with
Clipper. They will first decrypt the law enforcement block with the
family key F. This gives them E[K; U] + N. They will then take a
warrant identifying the chip serial number N to each of the key escrow
agents and get back U1 and U2. U1 and U2 are XORed together to produce
the unit key U, and E[K; U] is decrypted to get the session key K.
Finally the message stream is decrypted. All this will be accomplished
through a special black box decoder operated by the FBI.


ACKNOWLEDGMENT AND DISTRIBUTION NOTICE. All information is based on
information provided by NSA, NIST, and the FBI. Permission to
distribute this document is granted.

From msuinfo!agate!howland.reston.ans.net!bogus.sura.net!darwin.sura.net!guvax.acc.georgetown.edu!denning Thu Apr 22 10:44:52 1993
Path: msuinfo!agate!howland.reston.ans.net!bogus.sura.net!darwin.sura.net!guvax.acc.georgetown.edu!denning
From: denning@guvax.acc.georgetown.edu
Newsgroups: sci.crypt
Subject: REVISED TECHNICAL SUMMARY OF CLIPPER CHIP
Message-ID: <1993Apr21.192615.3465@guvax.acc.georgetown.edu>
Date: 21 Apr 93 19:26:15 -0400
Distribution: world
Organization: Georgetown University
Lines: 167

Here is a revised version of my summary which corrects some errors
and provides some additional information and explanation.


THE CLIPPER CHIP: A TECHNICAL SUMMARY

Dorothy Denning

Revised, April 21, 1993


INTRODUCTION

On April 16, the President announced a new initiative that will bring
together the Federal Government and industry in a voluntary program
to provide secure communications while meeting the legitimate needs of
law enforcement. At the heart of the plan is a new tamper-proof encryption
chip called the "Clipper Chip" together with a split-key approach to
escrowing keys. Two escrow agencies are used, and the key parts from
both are needed to reconstruct a key.


CHIP CONTENTS

The Clipper Chip contains a classified single-key 64-bit block
encryption algorithm called "Skipjack." The algorithm uses 80 bit keys
(compared with 56 for the DES) and has 32 rounds of scrambling
(compared with 16 for the DES). It supports all 4 DES modes of
operation. The algorithm takes 32 clock ticks, and in Electronic
Codebook (ECB) mode runs at 12 Mbits per second.

Each chip includes the following components:

the Skipjack encryption algorithm
F, an 80-bit family key that is common to all chips
N, a 30-bit serial number (this length is subject to change)
U, an 80-bit secret key that unlocks all messages encrypted with the chip

The chips are programmed by Mykotronx, Inc., which calls them the
"MYK-78." The silicon is supplied by VLSI Technology Inc. They are
implemented in 1 micron technology and will initially sell for about
$30 each in quantities of 10,000 or more. The price should drop as the
technology is shrunk to .8 micron.


ENCRYPTING WITH THE CHIP

To see how the chip is used, imagine that it is embedded in the AT&T
telephone security device (as it will be). Suppose I call someone and
we both have such a device. After pushing a button to start a secure
conversation, my security device will negotiate an 80-bit session key K
with the device at the other end. This key negotiation takes place
without the Clipper Chip. In general, any method of key exchange can
be used such as the Diffie-Hellman public-key distribution method.

Once the session key K is established, the Clipper Chip is used to
encrypt the conversation or message stream M (digitized voice). The
telephone security device feeds K and M into the chip to produce two
values:

E[M; K], the encrypted message stream, and
E[E[K; U] + N; F], a law enforcement field ,

which are transmitted over the telephone line. The law enforcement
field thus contains the session key K encrypted under the unit key U
concatenated with the serial number N, all encrypted under the family
key F. The law enforcement field is decrypted by law enforcement after
an authorized wiretap has been installed.

The ciphertext E[M; K] is decrypted by the receiver's device using the
session key:

D[E[M; K]; K] = M .


CHIP PROGRAMMING AND ESCROW

All Clipper Chips are programmed inside a SCIF (Secure Compartmented
Information Facility), which is essentially a vault. The SCIF contains
a laptop computer and equipment to program the chips. About 300 chips
are programmed during a single session. The SCIF is located at
Mykotronx.

At the beginning of a session, a trusted agent from each of the two key
escrow agencies enters the vault. Agent 1 enters a secret, random
80-bit value S1 into the laptop and agent 2 enters a secret, random
80-bit value S2. These random values serve as seeds to generate unit
keys for a sequence of serial numbers. Thus, the unit keys are a
function of 160 secret, random bits, where each agent knows only 80.

To generate the unit key for a serial number N, the 30-bit value N is
first padded with a fixed 34-bit block to produce a 64-bit block N1.
S1 and S2 are then used as keys to triple-encrypt N1, producing a
64-bit block R1:

R1 = E[D[E[N1; S1]; S2]; S1] .

Similarly, N is padded with two other 34-bit blocks to produce N2 and
N3, and two additional 64-bit blocks R2 and R3 are computed:

R2 = E[D[E[N2; S1]; S2]; S1]
R3 = E[D[E[N3; S1]; S2]; S1] .

R1, R2, and R3 are then concatenated together, giving 192 bits. The
first 80 bits are assigned to U1 and the second 80 bits to U2. The
rest are discarded. The unit key U is the XOR of U1 and U2. U1 and U2
are the key parts that are separately escrowed with the two escrow
agencies.

As a sequence of values for U1, U2, and U are generated, they are
written onto three separate floppy disks. The first disk contains a
file for each serial number that contains the corresponding key part
U1. The second disk is similar but contains the U2 values. The third
disk contains the unit keys U. Agent 1 takes the first disk and agent
2 takes the second disk. Thus each agent walks away knowing
an 80-bit seed and the 80-bit key parts. However, the agent does not
know the other 80 bits used to generate the keys or the other 80-bit
key parts.

The third disk is used to program the chips. After the chips are
programmed, all information is discarded from the vault and the agents
leave. The laptop may be destroyed for additional assurance that no
information is left behind.

The protocol may be changed slightly so that four people are in the
room instead of two. The first two would provide the seeds S1 and S2,
and the second two (the escrow agents) would take the disks back to
the escrow agencies.

The escrow agencies have as yet to be determined, but they will not
be the NSA, CIA, FBI, or any other law enforcement agency. One or
both may be independent from the government.


LAW ENFORCEMENT USE

When law enforcement has been authorized to tap an encrypted line, they
will first take the warrant to the service provider in order to get
access to the communications line. Let us assume that the tap is in
place and that they have determined that the line is encrypted with the
Clipper Chip. The law enforcement field is first decrypted with the
family key F, giving E[K; U] + N. Documentation certifying that a tap
has been authorized for the party associated with serial number N is
then sent (e.g., via secure FAX) to each of the key escrow agents, who
return (e.g., also via secure FAX) U1 and U2. U1 and U2 are XORed
together to produce the unit key U, and E[K; U] is decrypted to get the
session key K. Finally the message stream is decrypted. All this will
be accomplished through a special black box decoder.


CAPSTONE: THE NEXT GENERATION

A successor to the Clipper Chip, called "Capstone" by the government
and "MYK-80" by Mykotronx, has already been developed. It will include
the Skipjack algorithm, the Digital Signature Standard (DSS), the
Secure Hash Algorithm (SHA), a method of key exchange, a fast
exponentiator, and a randomizer. A prototoype will be available for
testing on April 22, and the chips are expected to be ready for
delivery in June or July.


ACKNOWLEDGMENT AND DISTRIBUTION NOTICE. This article is based on
information provided by NSA, NIST, FBI, and Mykotronx. Permission to
distribute this document is granted.




From msuinfo!uwm.edu!zaphod.mps.ohio-state.edu!darwin.sura.net!haven.umd.edu!wam.umd.edu!psionic Thu Apr 22 10:47:19 1993
Newsgroups: sci.crypt,alt.security.pgp,alt.privacy.clipper
Path: msuinfo!uwm.edu!zaphod.mps.ohio-state.edu!darwin.sura.net!haven.umd.edu!wam.umd.edu!psionic
From: psionic@wam.umd.edu (Haywood J. Blowme)
Subject: new encryption
Message-ID: <1993Apr21.225435.6292@wam.umd.edu>
Sender: usenet@wam.umd.edu (USENET News system)
Nntp-Posting-Host: rac3.wam.umd.edu
Organization: University of Maryland, College Park
References: <1993Apr20.192105.11751@ulysses.att.com> <1993Apr21.001230.26384@lokkur.dexter.mi.us> <1r4e9d$pdo@sol.TIS.COM>
Date: Wed, 21 Apr 1993 22:54:35 GMT
Lines: 120
Xref: msuinfo sci.crypt:15524 alt.security.pgp:2651 alt.privacy.clipper:72

As promised, I spoke today with the company mentioned in a Washington
Times article about the Clipper chip announcement. The name of the company
is Secure Communicatiions Technology (Information will be given at the end
of this message on how to contact them).

Basically they are disturbed about the announcement for many reasons that
we are. More specifically however, Mr. Bryen of Secure Communications
brought to light many points that might interest most of the readers.

His belief is that AT&T was made known of the clipper well before the
rest of the industry. This is for several reasons, several of which are:

- A company of AT&T's size could never be able to make a decision to use
the new chip on the SAME DAY it was announced.

- Months ago they proposed using their own chip for AT&T's secure telephone
devices. AT&T basically blew them off as being not interested at all.
This stuck them as strange, until now...


Also I spoke with Art Melnick, their cryptographer, he expressed several
concerns over the new Clipper Chip:

- The obvious backdoor will be able to let many people decrypt the code.

- Once the key is released to authorities the security of the crypto
system is lost forever. These keys can end up in the hands of any agency
of the government.

- The fact that the escrowed keys never change means that the algorithm
is vulnerable over time to an attacker.

- The classified algorithm may hide another backdoor. But he feels that
it is probably to keep people from forging fake serial numbers, or
changing the keys themselves.

- Additionally he feels that the NSA has probably spent enough time and
money in working on a way to keep this chip from being reversed
engineered, that he feels that reverse engineering it will be very
difficult to do. He feels that they have developed a suitable technique
to protect the chip from this attack. Also he feels that the chip is
hardware encoded with the algorithm and not microcoded onto the chip.

Additonally I spoke with Mr. Melnick about their algorithm. He couldn't tell
me much about their new agorithm because it hasn't been patented yet.
However he told me a little:

- The algorithm will be released for public review after patents have been
granted for it. This is so the crypto community can see that it is
secure.

- The algorithm is called NEA for New Encryption Algorithm.
The details were sketchy because now it is held as a trade secret
until the patent was issued, but I was told that it will incorporate
the following:

- It will have fast encryption of data (Exact specs not given, but
Mr. Melnick stated "Much faster than what an RS-232 can put out.")

- It is a symmetric cipher, just like IDEA and DES.

- It will use 64 bit data blocks for encryption (like DES and IDEA).

- The key length was not given to me, but Mr. Melnick states that
it is _adujustable_ and is "More than adequate for security."

- The algorithm is written in C and Assembler in software form, and
can be ported to many platforms (Unlike the the Clipper Chip which
is hardware ONLY and cannot be made into software) This I
consider a definite plus for the NEA for widespread use.

- The algorithm will accomodate public key distribution techniques
such as RSA or Diffie-Hellman. This will also be supported in the
hardware chip.

- Right now the projected cost of the NEA chip will be about 10 dollars
for each!! (Clipper will run 25 each chip [that is if it is produced
enough, which probably won't happen]).

- They currently sell a program called C-COM that uses the algorithm
and a special streaming protocol that does not divide the encrypted
data into "blocks." This could prevent plaintext attacks if you know
what the block header is. This program operates at all supported
RS-232 speeds and uses the software implementation of the algorithm.

- Most importantly: IT DOES NOT HAVE A BACKDOOR!!



Right now the company is afraid that the new clipper chip will put them out
of business. This is a very real possibility. So they really need help in
stopping the clipper chip from becoming a standard. If you want to contact
them, they can be reached at..

Secure Communications Technology
8700 Georgia Ave. Suite 302
Silver Spring, MD

(301) 588-2200

I talked to Mr. Bryen who represents the company. He can answer any
questions you have.




Any factual errors occurring in this write up are my own and I apologize for
them ahead of time.



=============================================================================
/// | psionic@wam.umd.edu | Fight the WIRETAP CHIP!! Ask me how!
__ /// C= | -Craig H. Rowland- |
\\\/// Amiga| PGP Key Available | "Those who would give up liberty for
\/// 1200 | by request. | security deserve neither."
=============================================================================
A




CLIPPER CHIP TECHNOLOGY


CLIPPER is an NSA developed, hardware oriented, cryptographic
device that implements a symmetric encryption/decryption
algorithm and a law enforcement satisfying key escrow system.
While the escrow management system design is not completely
designed, the cryptographic algorithm (SKIPJACK) is completely
specified (and classified SECRET).

The cryptographic algorithm (called CA in this paper) has the
following characteristics:

1. Symmetric, 80-bit key encryption/decryption algorithm;
2. Similar in function to DES (i.e., basically a 64-bit
code book transformation that can be used in the same
four modes of operation as specified for DES in FIPS
81);
3. 32 rounds of processing per single encrypt/decrypt
operation;
4. Design started by NSA in 1985; evaluation completed in
1990.

The CLIPPER CHIP is just one implementation of the CA. The
CLIPPER CHIP designed for the AT&T commercial secure voice
products has the following characteristics:

1. Functions specified by NSA; logic designed by
MYKOTRONX; chip fabricated by VLSI, Inc.: manufactured
chip programmed (made unique) by MYKOTRONX to security
equipment manufacturers willing to follow proper
security procedures for handling and storage of the
programmed chip; equipment sold to customers;

2. Resistant to reverse engineering against a very
sophisticated, well funded adversary;

3. 15-20 MB/S encryption/decryption constant throughout
once cryptographic synchronization is established with
distant CLIPPER Chip;

4. The chip programming equipment writes (one time) the
following information into a special memory (called
VROM or VIA-Link) on the chip:

a. (unique) serial number
b. (unique) unit key
c. family key
d. specialized control software

5. Upon generation (or entry) of a session key in the
chip, the chip performs the following actions:


a. Encrypts the 80-bit session key under the unit key
producing an 80-bit intermediate result;

b. Concatenates the 80-bit result with the 25-bit
serial number and a 23-bit authentication pattern
(total of 128 bits);

c. Enciphers this 128 bits with family key to produce
a 128-bit cipher block chain called the Law
Enforcement Field (LEF);

d. Transmits the LEF at least once to the intended
receiving CLIPPER chip;

e. The two communicating CLIPPER chips use this field
together with a random IV to establish
Cryptographic Synchronization.

6. Once synchronized, the CLIPPER chips use the session
key to encrypt/decrypt data in both directions;

7. The chips can be programmed to not enter secure mode if
the LEF field has been tampered with (e.g., modified,
superencrypted, replaced);

8. CLIPPER chips will be available from a second source in
the future;

9. CLIPPER chips will be modified and upgraded in the
future;

10. CLIPPER chips presently cost $16.00 (unprogrammed) and
$26.00 (programmed).



4/30/93
From msuinfo!agate!howland.reston.ans.net!usc!elroy.jpl.nasa.gov!decwrl!world!dreams!composer Wed May 5 19:42:13 1993
Newsgroups: comp.org.usenix,alt.privacy.clipper,sci.crypt,comp.org.eff.talk,alt.security
Path: msuinfo!agate!howland.reston.ans.net!usc!elroy.jpl.nasa.gov!decwrl!world!dreams!composer
From: composer@Beyond.Dreams.ORG (Jeff Kellem)
Subject: quick non-technical writeup on Clipper Chip announcement
Followup-To: poster
Sender: composer@world.std.com (Jeff Kellem)
Organization: Beyond Dreams
Date: Wed, 5 May 1993 19:32:28 GMT
Message-ID: <COMPOSER.93May5143228@toy.Dreams.ORG>
Reply-To: composer@Beyond.Dreams.ORG
Lines: 196
Xref: msuinfo comp.org.usenix:4074 alt.privacy.clipper:328 sci.crypt:16317 comp.org.eff.talk:17628 alt.security:10277

Included below is an excerpt regarding the Clipper Chip announcement from a
column I write titled "What's Out There?". It's primarily more for
pointers on where to find more information, and a quick non-technical
sketch of the announcement.

[ This excerpt was written over a week ago. ]

I'm posting the excerpt now, since the hardcopy won't be available until
June, 1993 and some people may find this of interest. This excerpt is
posted with permission, of course -- I'm the author. :)

FYI...

-jeff

Jeff Kellem
Internet: composer@Beyond.Dreams.ORG

===CUT HERE===
[ NOTE: Please see the COPYRIGHT/LICENSE notice at the end of this
document before any redistribution. ]

The following is a portion of Volume 1, Issue 03 of "What's Out There?"
written by Jeff Kellem <composer@Beyond.Dreams.ORG>. This is expected
to appear in the May/June 1993 issue of the USENIX Association's
hardcopy newsletter, ";login:".

Excerpted from "What's Out There?", Volume 1, Issue 03...

White House and NSA (Encryption) Clipper Chip Announcement
----------------------------------------------------------

On April 16, 1993, the White House announced the development of an
encryption chip for voice communications developed in conjunction
with the National Security Agency (NSA) called the Clipper Chip, along
with an initiative regarding telecommunications and privacy which
could literally affect almost every citizen in the United States.
On the same day, AT&T announced a "secure" phone which incorporated
this chip.

Some important things to point out:

o the encryption algorithm is remaining classified

[ In the cryptography community, an encryption algorithm is only
considered secure after it has been examined extensively and
independently by a wide array of experts around the world. With an
algorithm which is kept secret, there is no guarantee that it is
secure and that the encryption method has no "back door" (allowing
easy decryption for those, such as the NSA, that know the "back
door"). ]

o though the government has announced plans to use the chip in their
own phones, they do NOT plan to use it for CLASSIFIED information,
only for unclassified information.

o this chip has been in the making for 4 years; it would seem that
the Clinton Administration has already made plans to use the chip,
without public comment or discussion on a matter which is so
important to the privacy of that same public.

o it would seem that the Government might be granting a monopoly to
Mykotronx, Inc. and VLSI Technology. As far as I know, VLSI
fabricates the chip and Mykotronx programs the keys into it.

o the key, which allows the information encrypted with this chip to
be decrypted, is embedded in the chip

[ This means that once the key is known, the chip needs to be
replaced to maintain private communications. This would usually
mean replacing the entire device (e.g. telephone), anytime that
the key was divulged, whether legally or not. The key is also
transmitted along with your encrypted data, so that law enforcement
can obtain it, which would allow them to decrypt your data without
your knowledge. ]

o the 80-bit key is made from the xor of two (2) 80-bit keys, which are
kept in databases at two different escrow agencies

[ It's not clear how the key databases will be kept secure. It
is also unknown if the classified encryption algorithm is any
less secure to brute-force attacks, once half the key is known. ]

o a successor chip has already been announced, called the Capstone
chip. The Capstone chip is supposed to be a "superset" of the
Clipper chip and will include the "digital signature standard" (DSS),
which many in the cyprotgraphy community seem to consider insecure,
as I recall. The NSA also developed DSS, which wasn't disclosed
until CPSR filed a FOIA request with NIST (the National Institute of
Standards & Technology).

This announcement, in one way, is a step in the right direction -- privacy
and encryption technology are important to the general public and for
international economic competitiveness. An inquiry on whether export
restrictions on encryption technology is good or bad is also a good thing.
Currently, companies that want to include encryption as part of their
products need to make two versions -- one for domestic distribution and one
for international distribution.

On the other hand, there are too many things about the announcement which
are bothersome and need to be discussed publicly. Some of these items have
been mentioned above. The Clipper Chip basically seems like it might
provide privacy from some people, but not from the government. I recommend
talking with your local congressman, writing letters, and discussing this
with friends.

Both the Electronic Frontier Foundation (EFF) and the Computer
Professionals for Social Responsibility (CPSR) have made public statements
against the announcement. The EFF supports the idea of reviewing
cryptographic and privacy policies, but believes that the Clipper Chip
announcement was premature and should be delayed until after the overall
review and discussion. The CPSR has filed Freedom of Information Act
(FOIA) requests regarding the plan.

Online discussions of the announcement have been occurring all over the
Net in various USENET newsgroups and mailing lists. Here's a sample of
where you might find discussions of the Clipper Chip:

USENET newsgroups:
alt.privacy.clipper
sci.crypt
alt.security
alt.privacy
comp.org.eff.talk
comp.security.misc
comp.society.cu-digest
comp.risks
Mailing lists:
cypherpunks-request@toad.com

Also, check the archives for the various groups listed above, as things
may have changed by the time this comes to print in hardcopy come June 1993.

The official White House press release of the Clipper Chip can be found via
anonymous ftp from:

csrc.ncsl.nist.gov
in the
/pub/nistnews

directory, or via the NIST Computer Security BBS at +1 301 948 5717. It
should also be available with the rest of the White House press release
archives mentioned above.

The EFF comments were first published in the EFFector Online Issue 5.06,
which is available via anonymous ftp from:

ftp.eff.org
in the
/pub/EFF/newsletters

directory.

Information from CPSR is available online via anonymous ftp from:

ftp.cpsr.org
in the
/cpsr

directory.

The cypherpunks mailing list also maintains an archive. Information
on the Clipper Chip can be found via anonymous ftp from:

soda.berkeley.edu
in the
/pub/cypherpunks/clipper
directory.

Please do read the announcement of the Clipper Chip encryption technology,
think about and discuss the implications of this with your friends,
congressmen, and anyone else.

...End of excerpt.

COPYRIGHT/LICENSE:
This document is Copyright (c) 1993 Jeff Kellem/Beyond Dreams,
composer@Beyond.Dreams.ORG. This copyright notice must be
kept with each document.

You have permission to freely redistribute this for non-commercial
and non-profit purposes. It would be nice if you let the author
know about any redistributions that are expected to reach more
than a single person. :-) (This would include mirroring ftp
sites, etc.)

Please contact the author if you wish to use this document in ANY
other fashion. Most likely, there won't be a problem.

If you wish to redistribute this document for commercial purposes,
you MUST contact the author for permission. Thank you.

Jeff Kellem
Composer of Dreams
Beyond Dreams
Internet: composer@Beyond.Dreams.ORG