Flashback Friday: The Clipper Chip
The recent terrorist attack in France has once again reignited debate over encrypted communications. Many people in law enforcement and government have come out in favor of building a “backdoor” accessible only to authorities. This recent controversy over cryptography and the UK government’s attempt at banning encryption entirely reminded me of a much older effort: the Clipper chip.
The Clipper chip appeared at the very beginning of the modern Internet. The NSA announced its existence in 1993, a year before the first graphical browser was introduced.
The chip was to be used in conjunction with Skipjack, an encryption algorithm that the NSA had also developed. There was also this addendum: the NSA would have a copy of the cryptographic key in every chip. This was to be an example of key recovery where the government would be the key holder. In other words, the government would have a digital skeleton key to unlock all messages.
The Clipper chip immediately became the subject of intense scrutiny. Privacy advocates such as the Electronic Frontier Foundation objected to the idea of a device which could facilitate an abuse of power. American businesses feared losing money. Such a device would limit the strength of any encryption software they could produce. Many consumers – searching for something better – would simply import stronger software from other countries.
An analysis of Skipjack by computer security expert Matt Blaze [pdf link] showed that the algorithm could be easily broken. Manufacturers by and large refused to use the Clipper chip. It was defunct by 1996; Skipjack itself was declassified in 1998.
In response to the creation of the Clipper chip, computer experts created new forms of encrypted communications, such as Nautilus and PGP (Pretty Good Privacy).
Sharing is caring: