The Clipper chip was a
chipset
In a computer system, a chipset is a set of electronic components in one or more integrated circuits known as a "Data Flow Management System" that manages the data flow between the processor, memory and peripherals. It is usually found on the mo ...
that was developed and promoted by the United States
National Security Agency
The National Security Agency (NSA) is a national-level intelligence agency of the United States Department of Defense, under the authority of the Director of National Intelligence (DNI). The NSA is responsible for global monitoring, collecti ...
(NSA) as an
encryption
In cryptography, encryption is the process of encoding information. This process converts the original representation of the information, known as plaintext, into an alternative form known as ciphertext. Ideally, only authorized parties can d ...
device that secured "voice and data messages"
with a built-in
backdoor that was intended to "allow Federal, State, and local law enforcement officials the ability to decode intercepted voice and data transmissions."
It was intended to be adopted by telecommunications companies for voice transmission. Introduced in 1993, it was entirely defunct by 1996.
Key escrow
The Clipper chip used a data encryption
algorithm
In mathematics and computer science, an algorithm () is a finite sequence of rigorous instructions, typically used to solve a class of specific problems or to perform a computation. Algorithms are used as specifications for performing ...
called
Skipjack to transmit information and the
Diffie–Hellman key exchange
Diffie–Hellman key exchangeSynonyms of Diffie–Hellman key exchange include:
* Diffie–Hellman–Merkle key exchange
* Diffie–Hellman key agreement
* Diffie–Hellman key establishment
* Diffie–Hellman key negotiation
* Exponential key exc ...
-algorithm to distribute the cryptokeys between the peers. Skipjack was invented by the
National Security Agency
The National Security Agency (NSA) is a national-level intelligence agency of the United States Department of Defense, under the authority of the Director of National Intelligence (DNI). The NSA is responsible for global monitoring, collecti ...
of the U.S. Government; this algorithm was initially
classified
Classified may refer to:
General
*Classified information, material that a government body deems to be sensitive
*Classified advertising or "classifieds"
Music
*Classified (rapper) (born 1977), Canadian rapper
* The Classified, a 1980s American ro ...
SECRET, which prevented it from being subjected to
peer review
Peer review is the evaluation of work by one or more people with similar competencies as the producers of the work ( peers). It functions as a form of self-regulation by qualified members of a profession within the relevant field. Peer revie ...
from the encryption research community. The government did state that it used an
80-bit key, that the algorithm was
symmetric, and that it was similar to the
DES
Des is a masculine given name, mostly a short form (hypocorism) of Desmond. People named Des include:
People
* Des Buckingham, English football manager
* Des Corcoran, (1928–2004), Australian politician
* Des Dillon (disambiguation), sever ...
algorithm. The Skipjack algorithm was declassified and published by the NSA on June 24, 1998. The initial cost of the chips was said to be $16 (unprogrammed) or $26 (programmed), with its logic designed by
Mykotronx
SafeNet, Inc. was an information security company based in Belcamp, Maryland, United States, which was acquired in August 2014 by the French security company Gemalto. Gemalto was, in turn, acquired by Thales Group in 2019. The former SafeNet' ...
, and fabricated by
VLSI Technology, Inc
VLSI Technology, Inc., was an American company that designed and manufactured custom and semi-custom integrated circuits (ICs). The company was based in Silicon Valley, with headquarters at 1109 McKay Drive in San Jose. Along with LSI Logic, ...
.
At the heart of the concept was
key escrow
Key escrow (also known as a "fair" cryptosystem) is an arrangement in which the keys needed to decrypt encrypted data are held in escrow so that, under certain circumstances, an authorized third party may gain access to those keys. These third pa ...
. In the factory, any new telephone or other device with a Clipper chip would be given a
cryptographic key
A key in cryptography is a piece of information, usually a string of numbers or letters that are stored in a file, which, when processed through a cryptographic algorithm, can encode or decode cryptographic data. Based on the used method, the key ...
, that would then be provided to the government in
escrow
An escrow is a contractual arrangement in which a third party (the stakeholder or escrow agent) receives and disburses money or property for the primary transacting parties, with the disbursement dependent on conditions agreed to by the transacti ...
. If government agencies "established their authority" to listen to a communication, then the key would be given to those government agencies, who could then decrypt all data transmitted by that particular telephone. The newly formed
Electronic Frontier Foundation
The Electronic Frontier Foundation (EFF) is an international non-profit digital rights group based in San Francisco, California. The foundation was formed on 10 July 1990 by John Gilmore, John Perry Barlow and Mitch Kapor to promote Internet ...
preferred the term "key surrender" to emphasize what they alleged was really occurring.
Clinton Administration
The Clinton Administration argued that the Clipper chip was essential for law enforcement to keep up with the constantly progressing technology in the United States.
While many believed that the device would act as an additional way for terrorists to receive information, the Clinton Administration said it would actually increase national security.
They argued that because "terrorists would have to use it to communicate with outsiders — banks, suppliers, and contacts — the Government could listen in on those calls."
Other proponents
There were several advocates of the Clipper chip who argued that the technology was safe to implement and effective for its intended purpose of providing law enforcement with the ability to intercept communications when necessary and with a warrant to do so. Howard S. Dakoff, writing in the ''
John Marshall Law Review'', stated that the technology was secure and the legal rationale for its implementation was sound.
Stewart Baker
Stewart Abercrombie Baker (born July 17, 1947) was the first Assistant Secretary (acting as Under Secretary-equivalent) for Policy at the United States Department of Homeland Security under the Presidency of George W. Bush.
Baker is the former G ...
wrote an opinion piece in ''
Wired
''Wired'' (stylized as ''WIRED'') is a monthly American magazine, published in print and online editions, that focuses on how emerging technologies affect culture, the economy, and politics. Owned by Condé Nast, it is headquartered in San ...
'' magazine debunking a series of what he purported to be myths surrounding the technology.
Backlash
Organizations such as the
Electronic Privacy Information Center
Electronic Privacy Information Center (EPIC) is an independent nonprofit research center in Washington, D.C. EPIC's mission is to focus public attention on emerging privacy and related human rights issues. EPIC works to protect privacy, freed ...
and the
Electronic Frontier Foundation
The Electronic Frontier Foundation (EFF) is an international non-profit digital rights group based in San Francisco, California. The foundation was formed on 10 July 1990 by John Gilmore, John Perry Barlow and Mitch Kapor to promote Internet ...
challenged the Clipper chip proposal, saying that it would have the effect not only of subjecting citizens to increased and possibly illegal government
surveillance
Surveillance is the monitoring of behavior, many activities, or information for the purpose of information gathering, influencing, managing or directing. This can include observation from a distance by means of electronic equipment, such as ...
, but that the strength of the Clipper chip's encryption could not be evaluated by the public as its design was classified secret, and that therefore individuals and businesses might be hobbled with an insecure communications system. Further, it was pointed out that while American companies could be forced to use the Clipper chip in their encryption products, foreign companies could not, and presumably phones with strong data encryption would be manufactured abroad and spread throughout the world and into the United States, negating the point of the whole exercise, and, of course, materially damaging U.S. manufacturers en route. Senators
John Ashcroft
John David Ashcroft (born May 9, 1942) is an American lawyer, lobbyist and former politician who served as the 79th U.S. Attorney General in the George W. Bush administration from 2001 to 2005. A former U.S. Senator from Missouri and the 50th ...
and
John Kerry
John Forbes Kerry (born December 11, 1943) is an American attorney, politician and diplomat who currently serves as the first United States special presidential envoy for climate. A member of the Forbes family and the Democratic Party, he ...
were opponents of the Clipper chip proposal, arguing in favor of the individual's right to encrypt messages and export encryption software.
The release and development of several strong cryptographic software packages such as
Nautilus
The nautilus (, ) is a pelagic marine mollusc of the cephalopod family Nautilidae. The nautilus is the sole extant family of the superfamily Nautilaceae and of its smaller but near equal suborder, Nautilina.
It comprises six living species in ...
,
PGP
PGP or Pgp may refer to:
Science and technology
* P-glycoprotein, a type of protein
* Pelvic girdle pain, a pregnancy discomfort
* Personal Genome Project, to sequence genomes and medical records
* Pretty Good Privacy, a computer program for the ...
and
PGPfone was in response to the government push for the Clipper chip. The thinking was that if strong cryptography was freely available on the internet as an alternative, the government would be unable to stop its use.
Technical vulnerabilities
In 1994,
Matt Blaze
Matt may refer to:
* Matt (name), people with the given name ''Matt'' or Matthew, meaning "gift from God", or the surname Matt
*In British English, of a surface: having a non-glossy finish, see gloss (material appearance)
* Matt, Switzerland, a ...
published the paper ''Protocol Failure in the Escrowed Encryption Standard''.
It pointed out that the Clipper's escrow system had a serious vulnerability: the chip transmitted a 128-bit "Law Enforcement Access Field" (LEAF) that contained the information necessary to recover the encryption key. To prevent the software that transmitted the message from tampering with the LEAF, a 16-bit
hash
Hash, hashes, hash mark, or hashing may refer to:
Substances
* Hash (food), a coarse mixture of ingredients
* Hash, a nickname for hashish, a cannabis product
Hash mark
*Hash mark (sports), a marking on hockey rinks and gridiron football fiel ...
was included. The Clipper chip would not decode messages with an invalid hash; however, the 16-bit hash was too short to provide meaningful security. A
brute-force attack
In cryptography, a brute-force attack consists of an attacker submitting many passwords or passphrases with the hope of eventually guessing correctly. The attacker systematically checks all possible passwords and passphrases until the correc ...
would quickly produce another LEAF value that would give the same hash but not yield the correct keys after the escrow attempt. This would allow the Clipper chip to be used as an encryption device, while disabling the key escrow capability.
[ In 1995 Yair Frankel and Moti Yung published another attack which is inherent to the design and which shows that the key escrow device tracking and authenticating capability (namely, the LEAF) of one device, can be attached to messages coming from another device and will nevertheless be received, thus bypassing the escrow in real time. In 1997, a group of leading cryptographers published a paper, "The Risks of Key Recovery, Key Escrow, and Trusted Third-Party Encryption", analyzing the architectural vulnerabilities of implementing key escrow systems in general, including but not limited to the Clipper chip Skipjack protocol. The technical flaws described in this paper were instrumental in the demise of the Clipper chip as a public policy option. While many leading voices in the computer science community expressed opposition to the Clipper chip and key recovery in general, some supported the concept, including ]Dorothy E. Denning
Dorothy Elizabeth Denning (née Robling, born August 12, 1945) is a US-American information security researcher known for lattice-based access control (LBAC), intrusion detection systems (IDS), and other cyber security innovations. She publishe ...
.
Lack of adoption
The Clipper chip was not embraced by consumers or manufacturers and the chip itself was no longer relevant by 1996; the only significant purchaser of phones with the chip was the United States Department of Justice. The U.S. government continued to press for key escrow
Key escrow (also known as a "fair" cryptosystem) is an arrangement in which the keys needed to decrypt encrypted data are held in escrow so that, under certain circumstances, an authorized third party may gain access to those keys. These third pa ...
by offering incentives to manufacturers, allowing more relaxed export controls if key escrow were part of cryptographic software that was exported. These attempts were largely made moot by the widespread use of strong cryptographic technologies, such as PGP
PGP or Pgp may refer to:
Science and technology
* P-glycoprotein, a type of protein
* Pelvic girdle pain, a pregnancy discomfort
* Personal Genome Project, to sequence genomes and medical records
* Pretty Good Privacy, a computer program for the ...
, which were not under the control of the U.S. government.
However, strongly encrypted voice channels are still not the predominant mode for current cell phone communications. Secure cell phone devices and smartphone
A smartphone is a portable computer device that combines mobile telephone and computing functions into one unit. They are distinguished from feature phones by their stronger hardware capabilities and extensive mobile operating systems, whi ...
apps exist, but may require specialized hardware, and typically require that both ends of the connection employ the same encryption mechanism. Such apps usually communicate over secure Internet pathways (e.g. ZRTP
ZRTP (composed of Z and Real-time Transport Protocol) is a cryptographic key-agreement protocol to negotiate the keys for encryption between two end points in a Voice over IP (VoIP) phone telephony call based on the Real-time Transport Protocol. ...
) instead of through phone voice data networks.
Later debates
Following the Snowden disclosures from 2013, Apple
An apple is an edible fruit produced by an apple tree (''Malus domestica''). Apple trees are cultivated worldwide and are the most widely grown species in the genus '' Malus''. The tree originated in Central Asia, where its wild ancest ...
and Google
Google LLC () is an American Multinational corporation, multinational technology company focusing on Search Engine, search engine technology, online advertising, cloud computing, software, computer software, quantum computing, e-commerce, ar ...
stated that they would lock down all data stored on their smartphones with encryption, in such a way that Apple and Google themselves could not break the encryption even if ordered to do so with a warrant. This prompted a strong reaction from the authorities, including the chief of detectives for the Chicago Police Department
The Chicago Police Department (CPD) is the municipal law enforcement agency of the U.S. city of Chicago, Illinois, under the jurisdiction of the City Council. It is the second-largest municipal police department in the United States, behind t ...
stating that "Apple s_iPhone.html"_;"title="iPhone.html"_;"title="s_iPhone">s_iPhone">iPhone.html"_;"title="s_iPhone">s_iPhonewill_become_the_phone_of_choice_for_the_Think_of_the_children.html" "title="iPhone">s_iPhone.html" ;"title="iPhone.html" ;"title="s iPhone">s iPhone">iPhone.html" ;"title="s iPhone">s iPhonewill become the phone of choice for the Think of the children">pedophile
Pedophilia ( alternatively spelt paedophilia) is a psychiatric disorder in which an adult or older adolescent experiences a primary or exclusive sexual attraction to prepubescent children. Although girls typically begin the process of pubert ...
". An editorial in the ''Washington Post'' argued that "smartphone users must accept that they cannot be above the law if there is a valid search warrant", and after claiming to agree that backdoors would be undesirable, then suggested implementing a "golden key" backdoor which would unlock the data with a warrant. The members of "The Risks of Key Recovery, Key Escrow, and Trusted Third-Party Encryption" 1997 paper, as well as other researchers at MIT, wrote a follow-up article in response to the revival of this debate, arguing that mandated government access to private conversations would be an even worse problem now than twenty years ago.
*Bullrun (decryption program)
*Cryptoprocessor
*''Crypto: How the Code Rebels Beat the Government—Saving Privacy in the Digital Age'' by Steven Levy
*Trusted Platform Module
*Hardware backdoor
Michael Schwartzbeck, ''Encryption Technologies,'' circa 1997, formerly Top Secret, approved for release by NSA with redactions September 10, 2014, C06122418
Oral history interview 2004, Palo Alto, California.
, University of Minnesota, Minneapolis.
at Stanford University in the mid-1970s. He also relates his subsequent work in cryptography with
) and others. Hellman addresses key escrow (the so-called Clipper chip). He also touches on the commercialization of cryptography with