6.805/STS085: 1994: Clipper (The Escrowed Encryption Standard)
In his LA speech, Gore called the development of the NII "a
revolution." And it is a revolutionary war we are engaged in
here. Clipper is a last ditch attempt by the United States, the last
great power from the old Industrial Era, to establish imperial control
over cyberspace. If they win, the most liberating development in the
history of humankind could become, instead, the surveillance system
which will monitor our grandchildren's morality. We can be better
ancestors than that.
--John Perry Barlow, "Jackboots on the Infobahn," Wired,
The Clinton administration has adopted the chip, which would allow law
enforcement agencies with court warrants to read the Clipper codes and
eavesdrop on terrorists and criminals. But opponents say that, if
this happens, the privacy of law-abiding individuals will be a risk.
They want people to be able to use their own scramblers, which the
government would not be able to decode.
If the opponents get their way, however, all communications on the
information highway would be immune from lawful interception. In a
world threatened by international organized crime, terrorism, and
rogue governments, this would be folly.
--Dorothy Denning, "The Clipper Chip will block crime,"
Newsday, Feb. 22, 1994
Of course there are people who aren't prepared to trust the escrow
agents, or the courts that issue warrants, or the officials who
oversee the system, or anybody else for that matter. Rather than rely
on laws to protect us, they say, let's make wiretapping impossible;
then we'll be safe no matter who gets elected. This sort of reasoning
is the long-delayed revenge of people who couldn't go to Woodstock
because they had too much trig homework. It reflects a wide -- and
kind of endearing -- streak of romantic high-tech anarchism that crops
up throughout the computer world.
--Stewart Baker, "Don't Worry Be Happy: Why Clipper Is Good For You,"
Wired, June, 1994
Overview of Clipper during 1994
The debate over the Digital Telephony Bill was carried out in the
shadow of the much more public controversy over the Clipper Chip,
which was authorized by the Clinton White House in April, 1993, and
emerged as a full-fledged approved program -- the Escrowed Encryption
Standard (EES) -- in February, 1994. Clipper, developed by the NSA,
was system of encryption for telephone communications. It provided
security through encryption, but arranged for the encryption keys to
be held (in "escrow") by the government, so that they could be
obtained for conducting wiretaps. This was to be accomplished through
a special chip (the Clipper Chip) that would be installed in every
Clipper sparked enormous criticism. In addition to the overall issues
about encryption and wiretapping, the specific proposal had fatal
These flaws were so serious that in retrospect it one wonders whether
the NSA was so naïve as to seriously believe that Clipper would be
adopted, or whether they merely put it forth as a ploy to elicit the
emergence of practical proposals. In addition, there were several
embarrassing developments, including the discovery of an attack on the
Clipper protocol by Matt Blaze of Bell Labs, which would permit a
determined hacker to subvert the escrow provisions of a Clipper phone
(the NSA said they had known that all along) and the announcement by
Prof. Silvio Micali of MIT that he held a patent on the key-splitting
technique used in Clipper (the National Institute of Standards and
Technology bought him off by licensing the patent).
- The encryption algorithm to be used, called Skipjack, was
classified. (According to the NSA, publishing such a high-quality
algorithm would be detrimental to national security.) This meant that
Clipper implementations must be done in hardware, and, moreover, with
expensive tamper-proof chips.
- Clipper phones would not interoperate with other phones. As a
consequence, there is little economic incentive for anyone to buy one.
- Keys would be held by government agencies in such a way as to
require a complex, centralized, expensive infrastructure. In
addition, the checks and balances that would protect against
unauthorized invasions of privacy by overzealous law-enforcement
officials, or against disclosure of keys to criminal elements from
corrupt officials were never adequately clarified.
In any event, by July of 1994 the Administration was already backing
away from Clipper (note the July 20th letter from Vice President Gore
and the follow-up articles in the
news items from 1994) in favor of software-based "key escrow",
which is the subject of the
More detailed information on Clipper in 1994
Although the details of Clipper changed in subsequent proposals, the
debates during 1994 are still very pertinent, since they surfaced the
general issues concerning government control of cryptography.
Papers, articles, and comments
- John Perry Barlow, Jackboots
on the Infobahn, Wired, April 1994. This is Barlow's
reaction to the reintroduction of the Clipper initiative early in
- Brock Meeks,
The End of Privacy, Wired, April 1994. Another early
(and well written) anti-Clipper article.
- Stewart Baker,
"Don't Worry Be Happy:
Why Clipper Is Good For You", Wired, June 1994.
Baker wrote this when he was Chief Legal Counsel for the National
Security Agency. He has since returned to private practice at the law
firm of Steptoe and Johnson, where he is an expert on the legal
aspects of encryption and export.
- Dorothy E. Denning,
Resolving the Encryption Dilemma: The Case for Clipper,
Technology Review, July 1995. This article gives a good
overview of the issues involved, and argues in favor of escrowed
Adm. Bobby Ray Inman (former director of the NSA) was a guest in this
class in November 1994, and spoke about government control of
cryptography. Here is a
report on his comments to the class, which appeared in Internet
Here are some
items culled from the Net during 1994. Skimming them in
chronological order will give you a good feel for how the Clipper
controversy evolved over that first year.
Clipper was the subject of many debates and panels. Here are two of
The Clipper debates engendered several significant studies of
government encryption policy. (These are of historical interest in
tracking the debate, but they are largely superseded by the 1996 report of the National Research Council.)
Information Security and Privacy in Networked Environments
was a major report released by the Office of Technology Assessment
in September, 1994. The entire study is available on-line and there is a
bound copy of the entire study in on reserve for the
course. This gives a comprehensive overview of cryptography and
security issues, with emphasis on the potential policy actions to be
undertaken by Congress.
Chapter 4 contains a good, unbiased overview of
Escrowed Encryption Standard (Clipper) and US export controls on
A summary of the report
In June 1995, the OTA issued a update of the study that reviewed main
points of the report and updated it in light of developments in the
government and in the private sector during the second half of 1994
and the first half of 1995. This update is also
available on-line, as well as
on reserve for the
A summary of the update
Keys and Conflicts is a Report of a Special Panel of the
Association for Computing Machinery's U.S. Public Policy Committee
(USACM), June 1994. This study, sponsored by the ACM, is a(nother)
comprehensive overview of the issues and options involved. Rumor has
it that the study was originally supposed to make recommendations, but
the panel could not agree, so it restricted itself to laying out the
options. Here is the
ACM press release announcing the study. Simultaneously with the
ACM press release, the
USACM issued a separate press release calling for Clipper to be
withdrawn. The two different press releases, one neutral and one
anti-Clipper, by what seemed to be the same organization, caused a lot
of confusion and a lot of flaming on the Net.
Lance Hoffman, Building in Big Brother: The cryptographic policy
debate, Springer-Verlag, 1995. This book of readings and source
material collects together most of the important documents and
articles on Clipper and export policy that appeared up to the beginning
of 1995. (Many of these are also on line in the archives for this
class.) The book is on
reserve for the course.
EPIC's FOIA request and lawsuit
In August 1995, the Electronic Privacy Information Center obtained
documents under the Freedom of Information Act revealing that the FBI
had concluded in 1993 that the Clipper initiative could succeed only
if alternative security techniques were outlawed, and planned to push
for such legislation (which they have since done). The existence of
these plans, even while while the Administration was assuring people
throughout 1994 that there were no plans to impose domestic control of
encryption, has led to an atmosphere of distrust that continues to
envelop the encryption debate. Here is EPIC's
press release. In September 1995, EPIC filed a
lawsuit against the NSA challenging the "national security"
classification of information concerning the Clipper Chip and the
underlying Skipjack algorithm.
More sources on Clipper
Clipper/EES/Capstone/Tessera/Key Escrow Archive maintained by the
Electronic Frontier Foundation contains extensive source material on
Clipper from 1993 and 1994.
Next section of this essay: 1995-97: From Clipper to
Hal Abelson (firstname.lastname@example.org)
Mike Fischer (email@example.com)
Joanne Costello (firstname.lastname@example.org)
Last modified: Sat, 8 Oct 2005 15:21:41 -0400