Cryptographic Key Escrow
The Clipper Chip was a cryptographic chipset developed and promoted by
the US Government.
It was intended for implementation in secure voice equipment, such as
crypto phones, and required its users to surrender their cryptographic keys
in escrow to the government.
This would allow law enforcement agencies (CIA, FBI), to decrypt any
traffic for surveillance and intelligence purposes.
The controversial Clipper Chip was announced in 1993 and was already defunct by 1996 .
The physical chip was designed by Mykotronx (USA) and
manufactured by VLSI Technology Inc. (USA). The initial cost for an unprogrammed
chip was $16 and a programmed one costed $26.
The image on the right shows the Mykotronx MYK78T chip as it is present
inside the AT&T's TSD-3600-E telephone encryptor.
The chip is soldered directly to the board (i.e. not socketed)
and was thought to be tamper-proof (see below under 'Weakness').
The AT&T TSD-3600 was the first and only
telephone encryptor that featured the ill-fated Clipper Chip
before it was withdraw.
In order to provide a level of protection against misuse of the key by
law enforcement agencies, it was agreed that the Unit Key of each device
with a clipper chip, would be held in escrow jointly by two federal agencies.
This means that the actual Unit Key was split in two parts, each of which was
given to one of the agencies. In order to reconstruct the actual Unit Key,
the database of both agencies had to be accessed and the two half-Unit Keys
had to be combined by bitwise XOR .
The Clipper Chip used the Skipjack encryption algorithm
for the transmission
of information, and the Diffie-Hellman key exchange algorithm for the
distribution of the cryptographic session keys between peers.
Both algorithms are believed to provide good security.
The Skipjack algorithm was developed by the NSA and was classed
an NSA Type 2 encryption device.
The algorithm was initially
classified as SECRET, so that it could not be examined in the usual manner by
the encryption research community.
After much debate, the Skipjack algorithm was finally declassified and
published by the NSA on 24 June 1998 .
It uses an 80-bit key and a symmetric cipher algorithm, similar to DES.
More about Skipjack
The heart of the concept was key escrow.
Any device with a Clipper Chip inside (e.g. a
crypto phone) would be assigned a
cryptographic key, which would be given to the government in escrow.
The user would then assume the government to be the so-called
trusted third party.
If government agencies "established their authority" to
intercept a particular communication, the key would be given to that agency,
so that all data transmitted by the subject could be decrypted.
The concept of Key Escrow raised much debate and became heavily disputed.
The Electronic Frontier Foundation (EFF), established in 1990, preferred the
term Key Surrender to stress what, according to them, was actually
happening. Together with other public interest organizations,
such as the Electronic Privacy Information Center, the EFF challenged
the Clipper Chip proposal, saying that it would be illegal and ineffective
as criminals wouldn't use it anyway.
In response to the Clipper Chip initiative by the US Government,
a number of very strong encryption packages were released, such as
Nautilus, PGP and PGPfone. It was thought that if strong cryptography was
widely available to the public, the government would be unable to stop its use.
This approach appeared to be effective, causing the premature 'death' of
the Clipper Chip, and with it the death of Key Escrow in general.
In 1993, AT&T Bell produced the first and only telephone encryptor based
on the Clipper Chip: the TSD-3600.
A year later, in 1994, Matt Blaze, a researcher at AT&T, published a major
design flaw in the Escrowed Encryption System (EES). A malicious party
could tamper the software and use the Clipper Chip as an encryption device,
whilst disabling the key escrow capability.
When establishing a connection, the Clipper Chip transmits a 128-bit
Law Enforcement Access Field (LEAF). The above diagram shows how the
LEAF was established.
The LEAF contained information needed by the intercepting agency to
establish the encryption key.
To prevent the software from tampering with the LEAF, a 16-bit hash code
was included. If the hash didn't match, the Clipper Chip would not
decrypt any messages. The 16-bit hash, however, was too short to be safe,
and a brute force attack would easily produce the same hash for a fake
session key, thus not revealing the actual keys
If a malicious user would tamper the device's software in this way,
law enforcement agencies would not be able to reproduce the actual
session key. As a result, they would not be able to decrypt the
Since the Clipper-project has failed, we think it is safe to show you
the contents of the chip. Although this is something we would not normally
do, this one is too good to be missed. Below, Travis Goodspeed  shows us
how easy it is to open the package and reverse-engineer a chip.
Luckily, according to Kerckhoff's principle, the secret is in the key
and not in the device .
The black dots along the four edges are the connection pads of the chip.
The image was publised on
Travis' photostream on Flickr
and is reproduced here with his kind permission. Click the image for a
hi-res version. Note that this is a large file
(18MB!) which may take some time to download.
Any links shown in red are currently unavailable.
If you like this website, why not make a donation?|
© Copyright 2009-2015, Crypto Museum. Last changed: Tuesday, 08 September 2015 - 09:19 CET