Slashdot Mirror

← Back to Stories (view on slashdot.org)

The Feds Thoughts on Clipper

Posted by CmdrTaco on from the stuff-to-think-about dept.

An anonymous reader sent us this article which describes a bunch of stuff released as part of the freedom of information act regarding the clipper chip. Its an interesting look into the government's view of encryption (or at least, what it thought 10 years ago anyway. Now that they have the quantum computer that can crack all all communications, and the quantum disk drives that they use to store every packet ever, they already know your underwear size, to say nothing of a complete copy of your DNA for their cloning efforts).

4 of 100 comments (clear)

  1. clipper technology by suhit · · Score: 4
    For those that dont know what Clipper is, here is an interesting set of points from cpsr.org describing it in a fair bit of detail. This is basically the AT&T description of Clipper and is written out fairly well.

    CLIPPER is an NSA developed, hardware oriented, cryptographic device that implements a symmetric encryption/decryption algorithm and a law enforcement satisfying key escrow system. While the key escrow management system design is not completely designed, the cryptographic algorithm (SKIPJACK) is completely specified (and classified SECRET).

    The crytographic algorithm (called CA in this PAPER) has the following characteristics:

    1. Symmetric, 80-bit key encryption/decryption algorithm;
    2. Similar in function to DES (i.e., basically a 64-bit code book transformation that can be used in the same four modes of operation as specified for DES in FIPS 81);
    3. 32 rounds of processing per single encrypt/decrypt operation;
    4. Design started by NSA in 1985; evaluation completed in 1990.

    The CLIPPER CHIP is just one implementation of the CA. The CLIPPER CHIP designed for the AT&T commercial secure voice products has the following characteristics:

    1. Functions specified by NSA; logic designed by MYKOTRONX; chip fabricated by VLSI, INC.: manufactured chip programmed (made unique) by MYKOTRONX to security equipment manufacturers willing to follow proper security procedures for handling and storage of the programmed chip; equipment sold to customers;

    2. Resistant to reverse engineering against a very sophisticated, well funded adversary;

    3. 15-20 MB/S encryption/decryption constant throughout once cryptographic synchronization is established with distant CLIPPER Chip;

    4. The chip programming equipment writes (one time) the following information into a special memory (called VROM or VIA-Link) on the chip:

      1. (unique) serial number
      2. (unique) unit key
      3. family key
      4. specialized control software

    5. Upon generation (or entry) of a session key in the chip, the chip performs the following actions:

      1. Encrypts the 80-bit session key under the unit key producing an 80-bit intermediate rsult;

      2. Concatenates the 80-bit result with the 25-bit serial number and a 23-bit authentication pattern (total of 128 bits);

      3. Enciphers this 128 bits with family key to produce a 128-bit cipher block chain called the Law Enforcement Field (LEF);

      4. Transmits the LEF at least once to the intended receiving CLIPPER chip;

      5. The two communicating CLIPPER chips use this field together with a random IV to establish Crytographic Synchronization.

    6. Once synchronized, the CLIPPER chips use the session key to encrypt/decrypt data in both directions;

    7. The chips can be programmed to not enter secure mode if the LEF field has been tampered with (e.g., modified, superencrypted, replaced);
  2. Re:So what? by stup · · Score: 5
    The FBI knowing your underwear size is a GOOD thing. It means that when they handcuff you, they can use custom-made handcuffs that'll be more comfortable for you. Same goes for straitjackets - the taylor-made ones are FAR superiour to the Off-The-Shelf variety.

    It's an interesting lifestyle choice that considers handcuffs and straitjackets to be underwear, but hey, I'm not judging anyone. :)

    "If you tell me all your secrets, I promise not to blackmail you."
    StuP

  3. Missing Info by SomeoneGotMyNick · · Score: 5

    What about the 4000+ pages of clipper chip information that hasn't been found by FBI personnel yet?

  4. The whole concept of clipper was flawed by MarkusQ · · Score: 5
    What everyone seems to have forgotten was that Clipper wouldn't have worked (at least, not as intended, and provided the "bad guys" were reasonably smart). You can embed hardware encryption with as many built in backdoors as you like in every device I use--then I just send software encrypted message over the channel just as I would with a regular phone line. When you tap the line and do your sneaky best, what you wind up with is still encrypted.

    -- MarkusQ