TweetFollow Us on Twitter

StateCryptography

Volume Number: 16 (2000)
Issue Number: 2
Column Tag: Systems

The State of the World in Cryptography

By Jonathan D. Callas, Senior Consultant, Kroll-O'Gara Information Security Group

Introduction

Unlike most technologies, cryptography is intimately connected to politics, social policy, and law. These concerns complicate the job of someone working with the technology, and are often frustrating to have to think about. This article discusses recent developments in the technology of cryptography along with developments in the non-technical areas.

In this article, I will also assume that you are familiar with some of the issues surrounding the current state of affairs. If you are unfamiliar with the technology and politics, here are some books that will help you get up to speed:

  • "Privacy on the Line," by Whitfield Diffie and Susan Eva Landau. MIT Press; ISBN: 0-262-04167-7.
  • "Applied Cryptography: Protocols, Algorithms, and Source Code in C," by Bruce Schneier, John Wiley & Sons; ISBN: 0-471-12845-7.
  • "Handbook of Applied Cryptography," by Alfred J.Menezes, Paul C. van Oorschot, and Scott Vanstone. CRC Press; ISBN: 0-8493-8523-7.

The Social Landscape

Cryptography today is a hot-button issue politically, and for a number of good reasons. First of all, cryptography is a new technology. This may sound like a bold statement. After all, historians of cryptography have pointed out that every time a culture learns writing, it learns secret writing quickly after, and that is what cryptography is, the art of secret writing. However, in the last century, particularly in the last half-century and even more so in the last quarter-century, the art has been completely reshaped.

Any mechanism for secret writing that existed before 1900 is easily broken today by anyone with a mind to. The software you need to break it is easily available on the Internet. It may not be pretty, but it's there. By the end of WWII, the knowledge to do this was available to the major Allied governments, today it's on the web. But even the jewels governments had at the end of the war are now easily broken by software you can find on the Internet. We don't need Alan Turing to break Enigma now; we have the machines he helped create. The tools for both creating and decoding secret messages are now out in the world to anyone who can do a little math.

This is why it is a new technology, and it is also why governments are afraid of it. This is to be expected; how can you blame them? If you had been studying cryptography for hundreds of years (which the British and the Vatican did), everything you knew was worthless by 1950. Everything you learned between 1950 and 1975 is worthless now, and only a few of the things you learned since 1975 are of value today, and it's all because of those computers.

Worse, the new technologies are in the hands of everyday people, and this is scary because bad people will use cryptography to aid their badness (as they've always done). The fact that this can't be changed (the horse is out of the barn), that honest people need cryptography to protect themselves (the legitimate uses outweigh the threat) doesn't make it any less scary for government.

At least, though, they are starting to come to terms with this. While the US government policy is changing slowly, US officials are admitting that the policy is out of touch with reality. Ira Maginziner said as much in late 1998, shortly before leaving the Clinton administration. (See <http://www.latimes.com/HOME/NEWS/POLITICS/ELECT98/NATELECTW/tCB00a1487.html>)

In contrast, the French government startled everyone in early 1999 by completely changing its policies. They immediately loosened restrictions on 128-bit cryptography, and started the legislative process to completely deregulate cryptography. As I write this, rumor is that those new laws will be done by the time you are reading this article. In fact, the June issue of ".Net" magazine contained a CD with 50 MB of encryption programs including PGP, and was sold over the counter in France.

On the other hand, in late 1998, the US government lobbied the Wassenaar Arrangement countries to change the Wassenaar exemption for so-called "mass-market" software containing cryptography. The Wassenaar Arrangement is an agreement between thirty-three countries about exporting "dual-use" items. Dual-use items are items that have both civilian and military uses. Cryptography is a dual-use item, as are plutonium, and supercomputers. One should be aware, though, that a PowerPC G3 or a Pentium II is considered a supercomputer. To hear the US government announcement on the change, one would think that all thirty-three countries had agreed to US government review of all software. This isn't really what happened, though. To start with, here is a quote from the Wassenaar Arrangement itself:

"The decision to transfer or deny transfer of any item will be the sole responsibility of each Participating State. All measures undertaken with respect to the arrangement will be in accordance with national legislation and policies and will be implemented on the basis of national discretion."

Read that carefully. Note that it says that (1) each country gets to make its own decisions, (2) a country's own laws take precedent over the arrangement, and (3) if a country decides not to implement a part of the arrangement, that's okay. Furthermore, if a country has an export control policy that does nothing more than require a one-time form to be filled out, then they are fully in compliance with the arrangement.

If you have been following the news and brouhaha about the Wassenaar changes, you may want to pick your jaw up from the table now. Wassenaar is not a treaty, it's just an agreement among nations, and as part of the agreement, they're allowed to agree to disagree. The US government announcement (available at <http://www.jya.com/wa-state1298.htm>) was disingenuous at best, and pure propaganda lies at worst. The danger from the Wassenaar changes is not the agreement itself, but that the agreement provides an excuse for restrictive laws that would not have otherwise been passed. Fortunately, the change in France has put this all in its proper perspective.

To sum up the changes in the social landscape, I want to note that the goal of people who want free use of cryptography is really nothing more than our wanting our government to obey its own laws. We want to protect our documents and messages as they travel over the network. There is no explicit Constitutional right to put a letter in an envelope, but none of us would think we need one. Similarly, surveillance is allowed only in extraordinary circumstances (that's what a court order is - an extraordinary circumstance) by law enforcement. It is even restricted when people record themselves. In Virginia, for example, only one party of a conversation must consent to having the conversation taped, but in Maryland all parties must agree. This is what made the Tripp-Lewinsky tapes so interesting - Linda Tripp was in Maryland when she recorded Lewinsky, who was in Virginia. Note that in neither state would third-party taping be legal. On the Internet, cryptography is the only tool that law-abiding people can use to enforce their legal protection against being recorded by third parties. It is good to remember that it doesn't matter what strength cryptography you use to talk to someone who is recording you.

Government Initiatives

There have been a number of interesting initiatives by governments. As I mentioned above, the French government has completely changed its stand on the use of strong cryptography.

The SAFE Bill Rides Again

In the United States, Congress is slowly moving forward on a law to liberalize the use of strong cryptography. The SAFE bill has been introduced again, and is progressing through Congress. In what represents the claw marks in the ground being dragged back a few more feet, the Commerce Department has liberalized the export regulations a little. The new regulations permit export to most corporations, and additional relief for the financial and health care industries. None of these, though, permit someone to put on a web page information that would be legal to print on paper. It remains to be seen how far the SAFE bill will get this time. The current status of the bill can be found at <http://thomas.loc.gov/ by checking on HR 850>.

The Advanced Encryption Standard

However, the US government is sponsoring a whole new generation of cryptographic algorithms as part of its new Advanced Encryption Standard, or AES. The AES is a replacement for DES, which has been in use for two decades.

The AES is interesting both technically and politically. The AES will be a cipher that has 128-bit (16 byte) blocks, and can be used with 128, 192, and 256-bit keys. This is an interesting step forward, up to the AES requirements, most cipher design was for 64-bit blocks, and 128-bit keys. There have been a number of variable-length key designs, but little emphasis on demonstrating that a key longer than 128 bits actually got its user any more security.

Consequently, the AES has pushed cipher design into a new dimension. The larger block sizes are important, because there are attacks on using a cipher for a number of blocks that are more than the square root of the block size. Thus, a cipher with 64-bit blocks should never be used for more than four billion blocks (that being 232 blocks). Similarly, while a well-constructed 128-bit cipher is secure against anything but the most theoretical attacks, such as quantum computers, a 256-bit cipher tempts one to say things like, "no one would ever need anything larger," which this author might say over a beer, but never in print.

The AES process attracted fifteen candidates by August 1998, which were presented at the first AES conference in Ventura, California. In March of 1999, the second AES conference was held in Rome, Italy. At that conference, analyses and lobbying were done for the ciphers. NIST will winnow the group down to five ciphers in the summer of 1999. The third AES conference will be in New York City in April 2000, and the AES itself will be selected in mid-2000.

Politically, the AES is interesting because it comes from the same government that has the apparent policy of delaying the widespread use of cryptography for as long as possible. On the one hand, delay, and on the other a replacement for DES that genuinely pushes the state of the art. Less interesting, but still worth noting is that the second conference being held in Rome has helped the international aspect of the process. While the standard is a US government standard, and the selection is being made by NIST, only five of the proposals come from nominally US teams, and only one submission from solely US designers.

This is interesting because it means that NIST has to have a number of the documents about the AES under export control, including the ones that describe the function of the proposed algorithms. Many of the official sites for algorithms are kept in off-shore locations.

One of the interesting aspects of the AES is that there is a requirement that the AES algorithm run faster than triple-DES. This makes sense, most DES applications are moving toward using triple-DES, and why bother moving to AES if you won't see a performance improvement? However, a number of the submissions run faster than DES itself. For this reason alone, these algorithms are among the favorites of people examining the submissions.

At the Rome conference, a straw poll was taken for people's favorite algorithms. The results were for Rijndael (pronounced rain-doll), Twofish, Serpent, MARS, and RC6.

You can find more information about the AES on the web at <http://www.nist.gov/aes>.

Private-Sector Developments

There have been a number of other miscellaneous developments in the private sector to export cryptography from the US under the current regulations, and also to demonstrate what the current state of the art is. Three of them are described below.

DES Cracker

For many years, people speculated how easy it would be to build a machine to brute-force search the key space for DES. Of course, the estimate always decreased as the years wore on, and DES-cracking became something of a sport in the last couple of years. In fact, there have been a couple of interesting advancements to the art of fast ciphering as a result of the distributed.net DES cracker. But it wasn't until mid 1998 that DES-cracking became moot with the creation of the EFF's "Deep Crack" machine.

Deep Crack is a scalable system made from custom silicon. Sixteen DES engines are on each chip, and there are thirty-two chips on each board of Deep Crack. The machine can run in a configuration of an arbitrary number of boards. The machine, as configured for DES Challenge III, in January 1999, could search the entire 56-bit key space in 56 hours.

Like many other cryptographic feats, the main effect of Deep Crack was to make a political point. Over the years, people made estimates as to how much it would cost to make a DES cracker. Deep Crack was constructed for about what all the industry estimates claimed, and contrary to government estimates that were three orders of magnitude over the actual construction cost.

Clear Zone

The Clear Zone initiative, also called "private doorbell" is a proposal by eleven corporations for relief on export restrictions for crypto systems that are not end-to-end, for example, encrypting routers and other Virtual Private Network devices.

The Clear Zone proposal rests upon the observation that the legitimate needs of law enforcement to examine network traffic really need a tap to be placed on one of the two ends of a TCP/IP connection. Because of the way that IP networks are constructed, packets can take different routes, and in fact heuristically tend to avoid anything that might slow them down. Consequently, if you need to monitor a network connection, you want to put the monitoring equipment at one of the two ends.

In the case of using encrypting routers, for example, this means that a law enforcement tap is best placed on one end or the other of the connection. Thus, there is no need to limit the export of any equipment that provides such a "clear zone."

Under the proposed clear zone exemptions, a cryptographic system that provides a clear zone would be freely exportable. This, of course, does nothing for end-to-end encryption systems, but allows a category of useful systems free export.

A number of systems are presently under review by the Department of Commerce for export approval under this proposal.

Source Code Publishing

The present EAR regulations, the regulations that govern export of cryptography, have a specific exemption written into them. These regulations, like the ITAR regulations before them, state that "printed material, including source code, are exempt" from the EAR. Over the years, various books with cryptographic source code in them have been freely published, while the binary code itself has been export controlled. In fact, the Karn case revolves specifically around the fact that Schneier's "Applied Cryptography" book is freely exported, along with the source code in it, but that a disk with that source code is not exportable.

In 1997 and 1998, PGP, Inc. and Network Associates (which bought PGP, Inc. in December 1997), started producing internationally available cryptographic software under this exemption. The EFF also used this exemption to publish the source code for the Deep Crack chip. Network Associates has also published the sources to IETF OpenPGP reference code that did not actually contain cryptographic modules, but may have been nonetheless restricted.

The exemption is simple in practice, but more difficult in execution, to use. One obstacle is, of course, that the source code will be freely available to anyone who cares to buy the book containing it. Many systems creators do not want to publish their source code. Others, though, encourage it, and for them, this can be a useful way to get peer review of the implementation. (In fact, PGP, Inc., who pioneered source code publishing, did so as a way to get peer review as a way to dispel fears that there were flaws or back doors in PGP. It was not until they published several versions of PGP source code that applied for and received Department of Commerce approval to sell compatible versions of PGP based upon these source books.)

Another obstacle is that under the EAR, providing technical assistance to foreigners is considered itself an export. Consequently, anyone producing software from published books cannot do it with assistance from people in the US.

However, for those willing to go to the trouble, publishing source code can be a useful means to get peer review of software, as well as versions of it outside of the US legally. If you are interested in getting copies of the PGP books, or the tools used to produce them, they are available from Printer's Inc. bookstore at <http://www.pibooks.com>.

The Bernstein Case

The Bernstein case is a suit filed in US federal court to allow publishing of source code on the net. Full details may be found at <http://www.eff.org/bernstein/>. On May 6, 1999, the Ninth Circuit court of appeals upheld a previous decision that the ITAR and EAR export regulations are an unconstitutional prior restraint on free speech. A constitutional prior restraint has to have a number of properties. They are as follows:

  • any prior restraint must be for a specified brief period of time,
  • the decisions of the agency responsible for the restraining regulation must be subject to prompt judicial review,
  • there must be a clear decision-making process for the restraint with accountability built in to it, as opposed to one that gives the agency much discretion, and
  • the licensing and restraint process must have procedural safeguards built into it.

The appeals court ruled that the regulations, as they apply to cryptography, are unconstitutional. However, you should not immediately go out and start putting crypto source code on your web site. The government can appeal the decision, and most likely will. Furthermore, even if the government does not appeal, it is a decision of the Ninth Circuit, which covers only a number of western states, including California.

Summary

This describes many of the highlights of the last year or so in cryptography. The world of cryptography is still one in which the legal and political facets are as interesting as the technical ones.

The overall situation is one in which the legal aspects are slowly becoming simpler. The opposition to export of cryptographic systems is gradually loosening up, and in a few cases, like in France, suddenly and completely becoming simpler. Perhaps by this time next year, there will be even more good news to report.

 

Community Search:
MacTech Search:

Software Updates via MacUpdate

Posterino 3.3.7 - Create posters, collag...
Posterino offers enhanced customization and flexibility including a variety of new, stylish templates featuring grids of identical or odd-sized image boxes. You can customize the size and shape of... Read more
Airmail 3.2.9 - Powerful, minimal email...
Airmail is an mail client with fast performance and intuitive interaction. Support for iCloud, MS Exchange, Gmail, Google Apps, IMAP, POP3, Yahoo!, AOL, Outlook.com, Live.com. Airmail was designed... Read more
Arq 5.8.4 - Online backup to Google Driv...
Arq is super-easy online backup for Mac and Windows computers. Back up to your own cloud account (Amazon Cloud Drive, Google Drive, Dropbox, OneDrive, Google Cloud Storage, any S3-compatible server... Read more
Microsoft Remote Desktop 8.0.39 - Connec...
With Microsoft Remote Desktop, you can connect to a remote PC and your work resources from almost anywhere. Experience the power of Windows with RemoteFX in a Remote Desktop client designed to help... Read more
Arq 5.8.4 - Online backup to Google Driv...
Arq is super-easy online backup for Mac and Windows computers. Back up to your own cloud account (Amazon Cloud Drive, Google Drive, Dropbox, OneDrive, Google Cloud Storage, any S3-compatible server... Read more
Airmail 3.2.9 - Powerful, minimal email...
Airmail is an mail client with fast performance and intuitive interaction. Support for iCloud, MS Exchange, Gmail, Google Apps, IMAP, POP3, Yahoo!, AOL, Outlook.com, Live.com. Airmail was designed... Read more
Microsoft Remote Desktop 8.0.39 - Connec...
With Microsoft Remote Desktop, you can connect to a remote PC and your work resources from almost anywhere. Experience the power of Windows with RemoteFX in a Remote Desktop client designed to help... Read more
Posterino 3.3.7 - Create posters, collag...
Posterino offers enhanced customization and flexibility including a variety of new, stylish templates featuring grids of identical or odd-sized image boxes. You can customize the size and shape of... Read more
Airmail 3.2.8 - Powerful, minimal email...
Airmail is an mail client with fast performance and intuitive interaction. Support for iCloud, MS Exchange, Gmail, Google Apps, IMAP, POP3, Yahoo!, AOL, Outlook.com, Live.com. Airmail was designed... Read more
WhatRoute 2.0.21 - Geographically trace...
WhatRoute is designed to find the names of all the routers an IP packet passes through on its way from your Mac to a destination host. It also measures the round-trip time from your Mac to the router... Read more

Latest Forum Discussions

See All

Pokémon GO might be getting legendaries...
The long-awaited legendary Pokémon may soon be coming to Pokémon GO at long last. Data miners have already discovered that the legendary birds, Articuno, Moltres, and Zapdos are already in the game, it’s just a matter of time. [Read more] | Read more »
The best deals on the App Store this wee...
If you’ve got the Monday blues we have just the thing to cheer you up. The week is shaping up to be a spectacular one for sales. We’ve got a bunch of well-loved indie games at discounted prices this week along with a few that are a little more... | Read more »
Honor 8 Pro, a great choice for gamers
Honor is making strides to bring its brand to the forefront of mobile gaming with its latest phone, the Honor 8 Pro. The Pro sets itself apart from its predecessor, the Honor 8, with a host of premium updates that boost the device’s graphical and... | Read more »
The 4 best outdoor adventure apps
Now that we're well into the pleasant, warmer months, it's time to start making the most of the great outdoors. Spring and summer are ideal times for a bit of trekking or exploration. You don't have to go it alone, though. There are plenty of... | Read more »
Things 3 (Productivity)
Things 3 3.0.1 Device: iOS iPhone Category: Productivity Price: $7.99, Version: 3.0.1 (iTunes) Description: Meet the all-new Things! A complete rethinking of the original, award-winning task manager – with a perfect balance between... | Read more »
Oddball mash-up Arkanoid vs Space Invade...
In a move no one was really expecting, Square Enix has put forth an Arkanoid/Space Invaders mash-up aptly titled Arkanoid vs Space Invaders. The game launched today on both iOS and Android and the reviews are actually quite good. [Read more] | Read more »
Arkanoid vs Space Invaders (Games)
Arkanoid vs Space Invaders 1.0 Device: iOS Universal Category: Games Price: $3.99, Version: 1.0 (iTunes) Description: LAUNCH SALE: GET THE GAME AT 20% OFF! Two of the most iconic classic games ever made meet in Arkanoid vs Space... | Read more »
The best new games we played this week
Things got off to a bit of a slow start this week, but as we steadily creep towards Friday a bunch of great games have started cropping up. If you're looking for a quality new release to play this weekend, we've got you covered. Here's a handy... | Read more »
No Stick Shooter (Games)
No Stick Shooter 1.0 Device: iOS Universal Category: Games Price: $1.99, Version: 1.0 (iTunes) Description: Happy Robot presents a fresh take on the classic retro-arcade shooters we all know and love. Featuring 30 levels of non-stop... | Read more »
Chroma Squad (Games)
Chroma Squad 1.0.85 Device: iOS Universal Category: Games Price: $4.99, Version: 1.0.85 (iTunes) Description: | Read more »

Price Scanner via MacPrices.net

Five To Six Million 10.5-inch iPad Pro Tablet...
Digitimes’ Siu Han and Joseph Tsai report that upstream supply chain shipments for Apple’s new 10.5-inch iPad Pro have been increasing, with monthly shipment volume expected to hit 600,000 units by... Read more
Georgia Tech Students Win Toyota and Net Impa...
Earlier this year, a team of students at Georgia Tech realized that there was a critical gap in transportation services for people who use wheelchairs, and wondered if the solution could be in the... Read more
13-inch 2.0GHz Space Gray MacBook Pro on sale...
Amazon has the 13″ 2.0GHz Space Gray non-Touch Bar MacBook Pro (MLL42LL/A) on sale for $1299.99 including free shipping. Their price is $200 off MSRP, and it’s currently the lowest price available... Read more
Roundup of 15-inch MacBook Pro sale prices, m...
B&H Photo has the new 2016 15″ Apple Touch Bar MacBook Pros in stock today and on sale for up to $200 off MSRP. Shipping is free, and B&H charges NY & NJ sales tax only: - 15″ 2.7GHz... Read more
15-inch 2.2GHz Retina MacBook Pro on sale for...
B&H Photo has the 2015 15″ 2.2GHz Retina MacBook Pro (MJLQ2LL/A) on sale for $1849 including free shipping plus NY & NJ sales tax only. Their price is $150 off MSRP. Read more
21-inch iMacs on sale for $100 off MSRP, save...
B&H Photo has 21″ iMacs on sale for $100 off MSRP, each including free shipping plus NY & NJ sales tax only: - 21″ 3.1GHz iMac 4K: $1399.99 $100 off MSRP - 21″ 2.8GHz iMac: $1199.99 $100 off... Read more
Groupon Survey Finds Families Will Spend One-...
With warmer weather finally arriving in most parts of the country and the school year winding down to a close, Groupon (http://www.groupon.com) asked 1,000 U.S. parents how much time their families... Read more
Panasonic Anounces Toughbook 33 2-in-1 Rugged...
Panasonic has announced the U.S. availability of the Panasonic Toughbook 33, claimed to be the first fully-rugged 2-in-1 detachable laptop that features a 3:2 display. Inspired by the hard-working... Read more
9-inch 32GB iPad Pros available for up to $10...
Amazon resellers are offering new 9″ 32GB iPad Pros for up to $101 off MSRP, starting at $498, including free shipping. Colors may be Space Gray, Silver, Gold, or Rose Gold, depending on the reseller... Read more
Back in stock: Apple refurbished Mac minis st...
Apple has Certified Refurbished Mac minis available starting at $419. Apple’s one-year warranty is included with each mini, and shipping is free: - 1.4GHz Mac mini: $419 $80 off MSRP - 2.6GHz Mac... Read more

Jobs Board

Director, *Apple* Program - ERP & Cloud...
…make a real difference. Come, shine with us! Astellas is announcing a Director, Apple Program - ERP & Cloud Platform Architecture Lead opportunity in Northbrook, IL. Read more
*Apple* Mobile Master - Best Buy (United Sta...
**508102BR** **Job Title:** Apple Mobile Master **Location Number:** 000511-Athens-Store **Job Description:** **What does a Best Buy Apple Mobile Master do?** At Read more
*Apple* Media Products - Commerce Engineerin...
Apple Media Products - Commerce Engineering Manager Job Number: 57037480 Santa Clara Valley, California, United States Posted: Apr. 18, 2017 Weekly Hours: 40.00 Job Read more
Geek Squad *Apple* Master Consultation Agen...
**500444BR** **Job Title:** Geek Squad Apple Master Consultation Agent **Location Number:** 000103-City Of Industry-Store **Job Description:** **What does a Geek Read more
Security Engineer, *Apple* Retail - Apple I...
Changing the world is all in a day's work at Apple . If you love innovation, here's your chance to make a career of it. You'll work hard. But the job comes with more Read more
All contents are Copyright 1984-2011 by Xplain Corporation. All rights reserved. Theme designed by Icreon.