January 22, 2016 at 03:15Clipper Chip Project
Clipper Chip is an encryption chip developed and advanced by the US government. The existence of this device became known in 1993. But literally three years later, the project was closed.
The unveiling of the Clipper Chip has caused a lot of controversy over whether the technology will become publicly available. On the one hand, the widespread use of encryption could secure network communications, thereby creating a favorable environment for the development of electronic commerce. But on the other ... state agencies of federal and national security (CIA, FBI, NSA) feared that criminal organizations, terrorists and intelligence of hostile countries would also take advantage of the availability of a powerful encryption device.
As a result of numerous debates, the US Presidential Administration decided to transfer the encryption device to federal agencies. It was assumed that CIA and FBI would be able to use Clipper Chip as equipment that supports the EES (escrow encryption standard) standard for encrypting audio and data traffic. This standard provided agencies with copies of the decoding key to read encrypted messages. In fact, the Clipper Chip project involved depositing crypto keys (storing a copy of the cryptosystem key with a trustee in order to restore the cryptosystem to working capacity).
Chip Mykotronx MYK78T
The appearance of the chip was developed by Mykotronx and implemented by VLSI Technology Inc. The initial cost for an unprogrammed device was $ 16, and the programmed cost $ 26.
The American telecommunications company AT&T has developed the TSD-3600 model - the first and only crypto telephone on which the Clipper Chip was used (before the project covered itself).
TSD-3600
Clipper Chip inserted in TSD-3600
Clipper Chip used Skipjack encryption algorithm to transmit information. This algorithm was a block cipher developed by the US National Security Agency (NSA). It was intended for the Clipper Chip chip, which was built into secure equipment and was used for encryption. Thanks to the Law Enforcement Access Field mechanism, the key was deposited with the authorized authorities. An 80-bit key was used to encrypt and decrypt 64-bit data blocks. In addition, a symmetric encryption algorithm similar to DES was used.
The Skipjack algorithm was declassified and published by the NSA in 1998.
The Diffie-Hellman cryptographic protocol was also used, which allowed the parties to obtain a shared secret key using an unprotected communication channel. The secret key was used to encrypt further information exchange using symmetric encryption algorithms. Thus, it was possible to ensure maximum safety of the entire process.
At the center of the Clipper Chip concept was a key escrow system. On each device with an encryption chip, a crypto key was installed, which was transferred to the government for deposit.
To implement the ESS standard and to protect a closed algorithm, hardware was required that was protected from unauthorized access. All possible precautions have been taken to protect the Clipper Chip and its associated key escrow system. This system did not give permissions to the user to restore their data. They could be decrypted using the programmed key located on the chip.
The deposited key consisted of two parts, separately stored by me in authorized government departments. The microcircuit generated a session key with which it encrypted an open text message. The received key was encrypted using the deposited key. Then, in encrypted form, together with the identification number of the chip, he joined the encrypted text. If it was necessary to see the contents of the message encrypted with Clipper Chip, law enforcement agencies requested a deposit key from the relevant departments. And already using it, they decrypted the session key and read the desired plain text message.
Data encryption with key escrow was implemented using a cryptographic protocol. The process should have been as follows. The user generated a pair of keys consisting of public and secret and divided them into a certain number of parts. Then he sent each part of the secret key and the corresponding part of the public key to a specific department. The received parts of the public and secret keys were tested and placed in storage. If law enforcement agencies received permission to read this user's data, they contacted the agency and reconstructed the corresponding secret key.
In 1993, AT&T produced the first and only TSD-3600 crypto telephone based on the Clipper chip. A year later, in 1994, company researcher Matt Blaze wrote about the main drawback of the project. With the help of certain manipulations, it was possible to use the Clipper Chip as an encryption device, while disabling the deposit.
They tried to solve the problem using hashing. In the case where the hash code did not find matches, the Clipper Chip did not decrypt the messages. However, the 16-bit hash code could not provide adequate protection. Users who want to illegally use the Clipper Chip could also create a fake key using hashing.
Security experts criticized the reliability of the escrow system. Law enforcement agencies considered key access schemes as an opportunity to access encrypted messages. But in this case, too many contradictions and problems arose. The most basic of them are security, cost and system efficiency. After all, the use of any scheme opened up additional opportunities to penetrate the cryptographic system. The wider the circle of those who knew about secret keys became, and the more people dedicated in particular to the system, the more vulnerable it was to attacks. In addition, key access schemes could be outwitted and simply circumvented. Yes, and the implementation of key access schemes is expensive.
Clipper Chip interior image posted by Travis Goodspeed in his Flirk
As already mentioned, the project was curtailed in 1996. In response to the Clipper Chip initiative, the US government increased the number of encryption software packages such as Nautilus, PGP and PGPfone.
By tradition, there is a bit of advertising in the basement, where it will not hurt anyone. We remind you that due to the fact that the total network capacity of the Dutch data center in which we provide services has reached 5 Tbps (58 points of presence, inclusion in 36 exchange points, in more than 20 countries and 4,213 peer-to-peer inclusions ), we offer dedicated servers for rent at incredibly low prices, until the end of the month!
The unveiling of the Clipper Chip has caused a lot of controversy over whether the technology will become publicly available. On the one hand, the widespread use of encryption could secure network communications, thereby creating a favorable environment for the development of electronic commerce. But on the other ... state agencies of federal and national security (CIA, FBI, NSA) feared that criminal organizations, terrorists and intelligence of hostile countries would also take advantage of the availability of a powerful encryption device.
As a result of numerous debates, the US Presidential Administration decided to transfer the encryption device to federal agencies. It was assumed that CIA and FBI would be able to use Clipper Chip as equipment that supports the EES (escrow encryption standard) standard for encrypting audio and data traffic. This standard provided agencies with copies of the decoding key to read encrypted messages. In fact, the Clipper Chip project involved depositing crypto keys (storing a copy of the cryptosystem key with a trustee in order to restore the cryptosystem to working capacity).
Chip Mykotronx MYK78T
The appearance of the chip was developed by Mykotronx and implemented by VLSI Technology Inc. The initial cost for an unprogrammed device was $ 16, and the programmed cost $ 26.
The American telecommunications company AT&T has developed the TSD-3600 model - the first and only crypto telephone on which the Clipper Chip was used (before the project covered itself).
TSD-3600
Clipper Chip inserted in TSD-3600
Skipjack Algorithm
Clipper Chip used Skipjack encryption algorithm to transmit information. This algorithm was a block cipher developed by the US National Security Agency (NSA). It was intended for the Clipper Chip chip, which was built into secure equipment and was used for encryption. Thanks to the Law Enforcement Access Field mechanism, the key was deposited with the authorized authorities. An 80-bit key was used to encrypt and decrypt 64-bit data blocks. In addition, a symmetric encryption algorithm similar to DES was used.
The Skipjack algorithm was declassified and published by the NSA in 1998.
The Diffie-Hellman cryptographic protocol was also used, which allowed the parties to obtain a shared secret key using an unprotected communication channel. The secret key was used to encrypt further information exchange using symmetric encryption algorithms. Thus, it was possible to ensure maximum safety of the entire process.
Key Escrow System
At the center of the Clipper Chip concept was a key escrow system. On each device with an encryption chip, a crypto key was installed, which was transferred to the government for deposit.
To implement the ESS standard and to protect a closed algorithm, hardware was required that was protected from unauthorized access. All possible precautions have been taken to protect the Clipper Chip and its associated key escrow system. This system did not give permissions to the user to restore their data. They could be decrypted using the programmed key located on the chip.
The deposited key consisted of two parts, separately stored by me in authorized government departments. The microcircuit generated a session key with which it encrypted an open text message. The received key was encrypted using the deposited key. Then, in encrypted form, together with the identification number of the chip, he joined the encrypted text. If it was necessary to see the contents of the message encrypted with Clipper Chip, law enforcement agencies requested a deposit key from the relevant departments. And already using it, they decrypted the session key and read the desired plain text message.
Data encryption with key escrow was implemented using a cryptographic protocol. The process should have been as follows. The user generated a pair of keys consisting of public and secret and divided them into a certain number of parts. Then he sent each part of the secret key and the corresponding part of the public key to a specific department. The received parts of the public and secret keys were tested and placed in storage. If law enforcement agencies received permission to read this user's data, they contacted the agency and reconstructed the corresponding secret key.
Weaknesses Clipper Chip
In 1993, AT&T produced the first and only TSD-3600 crypto telephone based on the Clipper chip. A year later, in 1994, company researcher Matt Blaze wrote about the main drawback of the project. With the help of certain manipulations, it was possible to use the Clipper Chip as an encryption device, while disabling the deposit.
They tried to solve the problem using hashing. In the case where the hash code did not find matches, the Clipper Chip did not decrypt the messages. However, the 16-bit hash code could not provide adequate protection. Users who want to illegally use the Clipper Chip could also create a fake key using hashing.
Security experts criticized the reliability of the escrow system. Law enforcement agencies considered key access schemes as an opportunity to access encrypted messages. But in this case, too many contradictions and problems arose. The most basic of them are security, cost and system efficiency. After all, the use of any scheme opened up additional opportunities to penetrate the cryptographic system. The wider the circle of those who knew about secret keys became, and the more people dedicated in particular to the system, the more vulnerable it was to attacks. In addition, key access schemes could be outwitted and simply circumvented. Yes, and the implementation of key access schemes is expensive.
Clipper Chip interior image posted by Travis Goodspeed in his Flirk
As already mentioned, the project was curtailed in 1996. In response to the Clipper Chip initiative, the US government increased the number of encryption software packages such as Nautilus, PGP and PGPfone.
By tradition, there is a bit of advertising in the basement, where it will not hurt anyone. We remind you that due to the fact that the total network capacity of the Dutch data center in which we provide services has reached 5 Tbps (58 points of presence, inclusion in 36 exchange points, in more than 20 countries and 4,213 peer-to-peer inclusions ), we offer dedicated servers for rent at incredibly low prices, until the end of the month!