Question 80. What is Skipjack?

Skipjack is the encryption algorithm contained in the Clipper chip (see Question 151), and it was designed by the NSA (see Question 148). It uses an 80-bit key to encrypt 64-bit blocks of data. Skipjack can be more secure than DES (see Question 64), since it uses 80-bit keys and scrambles the data for 32 steps, or "rounds"; by contrast, DES uses 56-bit keys and scrambles the data for only 16 rounds.

The details of Skipjack are classified. The decision not to make the details of the algorithm publicly available has been widely criticized. Many people are suspicious that Skipjack is not secure, either due to oversight by its designers, or by the deliberate introduction of a secret trapdoor. By contrast, there have been many attempts to find weaknesses in DES over the years, since its details are public. These numerous attempts (and the fact that they have failed) have made people confident in the security of DES. Since Skipjack is not public, the same scrutiny cannot be applied towards it, and thus a corresponding level of confidence may not arise.

Aware of such criticism, the government invited a small group of independent cryptographers to examine the Skipjack algorithm. They issued a report [BDK93] which stated that, although their study was too limited to reach a definitive conclusion, they nevertheless believed that Skipjack was secure.

Another consequence of Skipjack's classified status is that it cannot be implemented in software, but only in hardware by government-authorized chip manufacturers. An algorithm called S1 was anonymously posted over the Internet in summer 1995, and it was claimed that S1 was the Skipjack algorithm. It is believed, however, to be a hoax.