ACM Digital Library home
ACM home
Advanced Search
10.1145/191177.191193acmconferencesArticle/Chapter ViewAbstractPublication PagesccsConference Proceedingsconference-collections
Article
Free Access

Protocol failure in the escrowed encryption standard

CCS '94: Proceedings of the 2nd ACM Conference on Computer and communications securityNovember 1994 Pages 59–67https://doi.org/10.1145/191177.191193
Online:02 November 1994Publication History
  • 37citation
  • 603
  • Downloads
Metrics
Total Citations37
Total Downloads603
Last 12 Months38
Last 6 weeks9

ABSTRACT

The Escrowed Encryption Standard (EES) defines a US Government family of cryptographic processors, popularly known as “Clipper” chips, intended to protect unclassified government and private-sector communications and data. A basic feature of key setup between pairs of EES processors involves the exchange of a “Law Enforcement Access Field” (LEAF) that contains an encrypted copy of the current session key. The LEAF is intended to facilitate government access to the cleartext of data encrypted under the system. Several aspects of the design of the EES, which employs a classified cipher algorithm and tamper-resistant hardware, attempt to make it infeasible to deploy the system without transmitting the LEAF. We evaluated the publicly released aspects of the EES protocols as well as a prototype version of a PCMCIA-based EES device. This paper outlines various techniques that enable cryptographic communication among EES processors without transmission of the valid LEAF. We identify two classes of techniques. The simplest allow communication only between pairs of “rogue” parties. The second, more complex methods permit rogue applications to take unilateral action to interoperate with legal EES users. We conclude with techniques that could make the fielded EES architecture more robust against these failures.

References

  1. DH76.W. Diffie and M. E. Hellman. New directions in cryptography. IEEE Trans. on Information Theory, November 1976.Google ScholarGoogle Scholar
  2. Mar93.J. Markoff. Communications plan to balance government access with privacy. New York Times, April 16, 1993.Google ScholarGoogle Scholar
  3. NBS77.National Bureau of Standards. Data Encryption Standard, Federal Information Processing Standards Publication 45, Government Printing Office, Washington, D. C., 1977.Google ScholarGoogle Scholar
  4. NBS80.National Bureau of Standards. Data Encryption Standard Modes of Operation, Federal Informal.ion Processing Standards Publication 81, Government Printing Ofrice, Washington, D.C., 1980.Google ScholarGoogle Scholar
  5. NIST94.National Institute for Standards and Technology. Escrowed Encryption Standard, Federal Information Processing Standards Publicalion 185, U.S. Dept. of Commerce, 1994.Google ScholarGoogle Scholar
  6. NIST94a.National Institute for Standards and Technology. Technical Fact Sheet on Blaze Report and Key Escrow Encryption. June 15, 1994.Google ScholarGoogle Scholar

Index Terms

  1. Protocol failure in the escrowed encryption standard

          Comments

          Login options

          Check if you have access through your login credentials or your institution to get full access on this article.

          Sign in

          Full Access

          Get this Publication

          PDF Format

          View or Download as a PDF file.

          PDF

          eReader

          View online with eReader.

          eReader
          View Table of Contents
          About Cookies On This Site

          We use cookies to ensure that we give you the best experience on our website.

          Learn more

          Got it!