The draft paper by Matt Blaze* describes several techniques aimed at circumventing law enforcement access to key escrowed encryption products based on government-developed technologies.
As Blaze himself points out, these techniques only deal with the law enforcement feature, and in no way reduce the key escrow chips' inherent security and data privacy.
Furthermore, Blaze notes that the techniques he is suggesting are of limited use in real-world voice applications. (See attached quotes from draft report.)
Anyone interested in circumventing law enforcement access would most likely choose simpler alternatives (e.g., use other non- escrowed devices, or super encryption by a second device). More difficult and time-consuming efforts, like those discussed in the Blaze paper, merit continued government review—but they are very unlikely to be employed in actual communications.
All sound cryptographic designs and products consider trade-offs among design complexity, costs, time and risks. Voluntary key escrow technology is no exception. Government researchers recognized and accepted that the law enforcement access feature could be nullified, but only if the user was willing to invest substantial time and trouble, as the Blaze report points out. Clearly, the government's basic design objective for key escrow technology was met: to provide users with very secure communications that will still enable law enforcement agencies to benefit from lawfully authorized wiretaps. It is still the only such technology available today.
Today, most Americans using telephones, fax machines, and cellular phones have minimal privacy protection. The key escrow technology—which is available on a strictly voluntary basis to the private sector—will provide the security and privacy that Americans want and need.
* Statements from "Protocol Failure in the Escrowed Encryption Standard," May 20 draft report by Matt Blaze, AT&T; Bell Laboratories