Matt BlazeApr 9, 2023

This month is the 30th anniversary of the announcement of the Clipper Chip, the first of many bad ideas for weakening cryptography with "key escrow" backdoors. Clipper is long dead, but its ghost continues to haunt us from time to time.

https://gizmodo.com/life-and-death-of-clipper-chip-encryption-backdoors-att-1850177832

The Short Life and Humiliating Death of the Clipper Chip

Thirty years ago, the U.S. government first floated the idea of a backdoor into public-key encryption, an idea it's been obsessed with ever since.

Gizmodo
Show threadMatt BlazeApr 9, 2023
The worst thing about the Clipper fiasco wasn't the specifics of the design. It was that it stalled development and integration of cryptography and other essential security tech into the basic standards of the Internet by a decade, during exactly the time when robust network security was becoming crucial for protecting our daily lives.
author_is_ShrikeTronđź” đź’‰x5Apr 10, 2023
Show threadMatt Blaze

Clipper also gave rise to an escalating series of official euphemisms, continuing to this day, that all mean the same thing:

- Weak Cryptography
- Backdoored Cryptography
- Key Escrow
- Key Recovery
- Trusted-Third-Party Encryption
- Lawful Access Encryption
- Etc

Don't be fooled by new names for the same thing.

Apr 9, 2023 at 3:13amWeb
Show threadMatt BlazeApr 9, 2023

About a dozen years ago I was asked to write up my recollections of Clipper. Given recent proposals for weakening encryption, it seems perhaps timely to revisit once again.

https://www.mattblaze.org/papers/escrow-acsac11.pdf

Show threadTim KelloggApr 9, 2023
@mattblaze key escrow would’ve taken me a while to figure out, but lawful access encryption would’ve been a real head scratcher without this tl;dr, thanks