Federal Computer Data Code

* Thanks for your excellent series on encryption for data networks (Oct. 3 and 4). Unfortunately, the situation is far bleaker than your articles indicate. Encryption is used not only for hiding the contents of a message, but also for authenticating the “signature” of the author of the message. If the encryption scheme is not foolproof, not only can all messages be routinely read, but also routinely modified and forged. Documents of historical interest must often preserve their authenticity for decades before being declassified or unsealed. Yet every encryption system can eventually be broken--especially those involving heavy computation which is becoming exponentially cheaper every year. Thus, a poor or compromised encryption system will make suspect every electronic document, and this distrust will invalidate much of the productivity promised by electronic networks.

With the Clipper system, you not only give your letter opener to Big Brother, but also your signature stamp, your checkbook, and all of your credit cards.

HENRY G. BAKER

Encino

* Robert Lee Hotz’s interesting piece on the government’s proposed Skipjack encryption scheme made passing reference to the Data Encryption Standard (DES) developed by IBM and adopted by the National Bureau of Standards in 1977.

DES has been surrounded by controversy since its inception. A number of computer scientists have made the claim that the 56-bit key used in DES was too small, making it vulnerable to brute-force decryption attacks by powerful computers. IBM’s original design called for a 128-bit key that would unquestionably eliminate such a strategy, but oddly enough, this was reduced to 56 bits at the request of the National Security Agency. IBM also claims to have kept secret the reason for choosing the specific “S-boxes” used in the DES cipher at the request of the NSA. This suggests the possibility that DES has a “back door” by which the cipher may be easily broken.

The Skipjack cipher merely carries on this tradition of institutionalized government surveillance of the citizenry, albeit in a much more brazen manner. Anyone who uses either of these NSA-hatched cipher schemes to safeguard important information is both a fool and a dupe.

RANDALL SMITH

Del Mar

* In your article about the Clipper Chip, you make a factual error. The proposed key escrow mechanism does not specifically require a court order for retrieval of the keys. It only requires “legal authorization,” which is not defined within the proposal. This leads many to fear an abuse of government power because a court order is not required. I think such a point is moot. I believe that the proposal is eminently suitable for the government’s internal communications. This will prevent the government from being able to transact business in an unaccountable, untraceable fashion. Any abuse of government power will be open to discovery at an appropriate time. It is fitting that, for example, the Justice Department, hold the keys that allow it to investigate the actions of other branches of the government. Imagine the difficulty of prosecuting in scandals such as Watergate if much of the evidence was encrypted and nobody could decrypt it.

Such a scheme should not be imposed upon private individuals and businesses. The government has no call to impose prior restraint upon the communications of private parties, nor to invade their privacy. Remember that the government is accountable to the people, not the other way around.

MICHAEL THOMPSON

West Hills