The Clipper chip proposal has aroused much controversy and has been the
subject of much criticism. Unfortunately two distinct issues have
become confused in the large volume of public comment and discussion.
First there is controversy about the whole idea of escrowed keys. Those
in favor of escrowed keys see it as a way to provide secure
communications for the public at large while allowing law-enforcement
agencies to monitor the communications of suspected criminals. Those
opposed to escrowed keys see it as an unnecessary and ineffective
intrusion of the government into the private lives of citizens. They
argue that escrowed keys infringe their rights of privacy and free
speech. It will take a lot of time and much public discussion for
society to reach a consensus on what role, if any, escrowed keys should
have.
The second area of controversy concerns various objections to the specific
Clipper proposal, that is, objections to this particular implementation of
escrowed keys, as opposed to the idea of escrowed keys in general. Common
objections include: the Skipjack algorithm is not public (see Questions
3.6.5) and may not be secure; the key escrow agencies will be
vulnerable to attack; there are not enough key escrow agencies; the keys on
the Clipper chips are not generated in a sufficiently secure fashion; there
will not be sufficient competition among implementers, resulting in
expensive and slow chips; software implementations are not possible; and
the key size is fixed and cannot be increased if necessary.
Micali has recently proposed an alternative system that also attempts to balance the privacy concerns of law-abiding citizens with the investigative concerns of law-enforcement agencies. Called fair public-key cryptography, it is similar in function and purpose to the Clipper chip proposal but users can choose their own keys, which they register with the escrow agencies. Also, the system does not require secure hardware, and can be implemented completely in software.