Talk:Clipper chip

Page contents not supported in other languages.
From Wikipedia, the free encyclopedia

removed unsourced claim of greater security[edit]

On September 5, 67.150.244.2 added the following to the article:

Had Clipper chip been realized, all communications in the United States would have been more secure. Casual eavesdropping would have been severely impacted. Against anyone except duly authorized law enforcement, privacy would have been greatly enhanced.

I don't believe this is correct, and a claim like that should not be included in the article without a source, so I removed it. Capedia (talk) 11:49, 27 October 2008 (UTC)[reply]

Cell phone transmissions would almost certainly be more secure than they are today, since cell phone transmissions are not currently encrypted between the cell phone and the cell tower. I.e., casual eavesdropping is no more inhibited than it was before the Clipper chip was being considered. Or, to look at it from the other direction, did the failure of the Clipper chip make cell phone communications any more secure today? I think not. Are there any sources that claim today's cell phones are more secure?—Loadmaster (talk) 02:19, 4 May 2011 (UTC)[reply]

One Problem[edit]

If Skipjack was classified then how could companies use it to encrypt data? It seems paradoxical to me. Plus, is the weakness in that a key is included for each chip or that there's a weakness in the algorithm? Because, if the government were to use the unique cryptographic key on each chip to decrypt the message couldn't they just use the backdoor that was planted in it? --Melab±1 16:37, 22 December 2008 (UTC)[reply]

They could buy the Clipper chip without knowing how the algorithm (Skipjack) worked. I could tell you, "Put your key on these inputs, and all your information coming out is encrypted." If you trust that I've designed a competent algorithm, then I don't need to tell you how it works. The weakness was 16-bits of hash. That's a trivial size for a computer to brute-force. Mmernex (talk) 22:13, 17 February 2009 (UTC)[reply]

Aftermath[edit]

The "Backlash" section ends with:

The thinking was that if strong cryptography was freely available on the internet as an alternative, the government would be unable to stop its use. This strategy was mostly effective; and key escrow in the form of the Clipper chip died.

The last statement implies that strongly-encrypted cell phones are widely available for public consumer use, when in fact this is obviously not the case. Saying that the "strategy was effective" is misleading. It's true that key escrow by the government was abandoned, but the vacuum of secure consumer cell phones was never filled. I could be wrong, but as far as I know, no major cell phone manufacturer or cell phone service provider offers any kind of secure transmission or device. In fact, it would probably be accurate to say that killing the Clipper chip effectively killed any chance of consumers having secure telephones. Killing the chip certainly did not throw up any new hurdles to government surveillance of private phone calls.—Loadmaster (talk) 15:47, 9 September 2010 (UTC)[reply]

Indeed, no new hurdles, as seen in the controversial NSA warrantless surveillance programs of 2013. — Loadmaster (talk) 22:12, 25 July 2013 (UTC)[reply]

Accuracy?[edit]

In the "Lack of Adoption" section, we have this unreferenced statement:

The U.S. government continued to press for key escrow by offering incentives to manufacturers, allowing more relaxed export controls if key escrow were part of cryptographic software that was exported. These attempts were largely made moot by the widespread use of strong cryptographic technologies, such as PGP, which were not under the control of the U.S. government.

But is that statement about mootness true? See the revelations in Der Spiegel today about NSA backdoors in routers and hard drives. Then ponder the difficulty of NSA adding those backdoors in hardware without the knowledge of at least some staffers of each of the manufacturer. Marbux (talk) 06:43, 31 December 2013 (UTC)[reply]

I don't like the wording of that sentence, either. Stating that the government attempts were "made moot" by the use of PGP implies that everyone now uses unregulated crypto schemes like PGP to export data, and that therefore government attempts to encourage/force the use of key-escrowed devices are no longer relevant today. This is a non sequitur. It also ignores the fact, alluded to by Marbux, that there are always points within secure data streams where the data is not encrypted (i.e., at the source and at the final destination) that could possibly be tapped. — Loadmaster (talk) 18:07, 23 June 2014 (UTC)[reply]

No backdoor[edit]

There have been a couple of edits [1][2] attempting to describe the Clipper chip as having a built-in backdoor. Calling it a "backdoor" implies that there was an intentional weakness added to the encryption algorithm which could be exploited to allow decryption without the keys, which is not the case. It also implies that there were deliberate covert cracking operations (by the NSA or FBI), which is incorrect, or at least inaccurate. The Clipper encryption protocol used a key escrow system, which required a federal court order to allow decryption of messages. — Loadmaster (talk) 17:55, 23 June 2014 (UTC)[reply]

I agree that there is no NSA backdoor, and those edits are incorrect and misleading. Someone should revert them. Roger (talk) 05:41, 22 July 2014 (UTC)[reply]
I wholeheartedly disagree. It is a technical backdoor that is supposed to be protected by requiring a court order to be able to use, but we have seen examples of NSA agents violating laws like the Fourth Amendment willy-nilly (see LOVEINT, for example.) Jesse Viviano (talk) 22:03, 14 January 2015 (UTC)[reply]

PGP anachronism[edit]

This page states that PGP was a response to the Clipper chip, but PGP was released 2 years before Clipper was announced. Note that the reference is not the original 1991 version of "Why I Wrote PGP" but a revised 1999 edition. Zimmermann does mention the correct dates in his piece.

It's likely that efforts like Clipper encouraged the adoption of PGP, maybe the article ought to mention something along those lines instead? --174.62.177.218 (talk) 14:34, 11 April 2016 (UTC)[reply]

How could it be the "Bush Administration?"[edit]

If the Clipper Chip was announced 16-Apr-1993, that would be the Clinton Administration. Granted, it would be only months into Clinton's Presidency, meaning George H. W. Bush may have had something to do with it, but it is unclear that this is a Bush Administration item. -- Joe (talk) 20:23, 25 August 2017 (UTC)[reply]

You're right, Bush had nothing to do with it. It was related to plans for a health plan smart card, for a forthcoming Clinton health care program. Roger (talk) 05:07, 27 August 2017 (UTC)[reply]