TweetFollow Us on Twitter

StateCryptography

Volume Number: 16 (2000)
Issue Number: 2
Column Tag: Systems

The State of the World in Cryptography

By Jonathan D. Callas, Senior Consultant, Kroll-O'Gara Information Security Group

Introduction

Unlike most technologies, cryptography is intimately connected to politics, social policy, and law. These concerns complicate the job of someone working with the technology, and are often frustrating to have to think about. This article discusses recent developments in the technology of cryptography along with developments in the non-technical areas.

In this article, I will also assume that you are familiar with some of the issues surrounding the current state of affairs. If you are unfamiliar with the technology and politics, here are some books that will help you get up to speed:

  • "Privacy on the Line," by Whitfield Diffie and Susan Eva Landau. MIT Press; ISBN: 0-262-04167-7.
  • "Applied Cryptography: Protocols, Algorithms, and Source Code in C," by Bruce Schneier, John Wiley & Sons; ISBN: 0-471-12845-7.
  • "Handbook of Applied Cryptography," by Alfred J.Menezes, Paul C. van Oorschot, and Scott Vanstone. CRC Press; ISBN: 0-8493-8523-7.

The Social Landscape

Cryptography today is a hot-button issue politically, and for a number of good reasons. First of all, cryptography is a new technology. This may sound like a bold statement. After all, historians of cryptography have pointed out that every time a culture learns writing, it learns secret writing quickly after, and that is what cryptography is, the art of secret writing. However, in the last century, particularly in the last half-century and even more so in the last quarter-century, the art has been completely reshaped.

Any mechanism for secret writing that existed before 1900 is easily broken today by anyone with a mind to. The software you need to break it is easily available on the Internet. It may not be pretty, but it's there. By the end of WWII, the knowledge to do this was available to the major Allied governments, today it's on the web. But even the jewels governments had at the end of the war are now easily broken by software you can find on the Internet. We don't need Alan Turing to break Enigma now; we have the machines he helped create. The tools for both creating and decoding secret messages are now out in the world to anyone who can do a little math.

This is why it is a new technology, and it is also why governments are afraid of it. This is to be expected; how can you blame them? If you had been studying cryptography for hundreds of years (which the British and the Vatican did), everything you knew was worthless by 1950. Everything you learned between 1950 and 1975 is worthless now, and only a few of the things you learned since 1975 are of value today, and it's all because of those computers.

Worse, the new technologies are in the hands of everyday people, and this is scary because bad people will use cryptography to aid their badness (as they've always done). The fact that this can't be changed (the horse is out of the barn), that honest people need cryptography to protect themselves (the legitimate uses outweigh the threat) doesn't make it any less scary for government.

At least, though, they are starting to come to terms with this. While the US government policy is changing slowly, US officials are admitting that the policy is out of touch with reality. Ira Maginziner said as much in late 1998, shortly before leaving the Clinton administration. (See <http://www.latimes.com/HOME/NEWS/POLITICS/ELECT98/NATELECTW/tCB00a1487.html>)

In contrast, the French government startled everyone in early 1999 by completely changing its policies. They immediately loosened restrictions on 128-bit cryptography, and started the legislative process to completely deregulate cryptography. As I write this, rumor is that those new laws will be done by the time you are reading this article. In fact, the June issue of ".Net" magazine contained a CD with 50 MB of encryption programs including PGP, and was sold over the counter in France.

On the other hand, in late 1998, the US government lobbied the Wassenaar Arrangement countries to change the Wassenaar exemption for so-called "mass-market" software containing cryptography. The Wassenaar Arrangement is an agreement between thirty-three countries about exporting "dual-use" items. Dual-use items are items that have both civilian and military uses. Cryptography is a dual-use item, as are plutonium, and supercomputers. One should be aware, though, that a PowerPC G3 or a Pentium II is considered a supercomputer. To hear the US government announcement on the change, one would think that all thirty-three countries had agreed to US government review of all software. This isn't really what happened, though. To start with, here is a quote from the Wassenaar Arrangement itself:

"The decision to transfer or deny transfer of any item will be the sole responsibility of each Participating State. All measures undertaken with respect to the arrangement will be in accordance with national legislation and policies and will be implemented on the basis of national discretion."

Read that carefully. Note that it says that (1) each country gets to make its own decisions, (2) a country's own laws take precedent over the arrangement, and (3) if a country decides not to implement a part of the arrangement, that's okay. Furthermore, if a country has an export control policy that does nothing more than require a one-time form to be filled out, then they are fully in compliance with the arrangement.

If you have been following the news and brouhaha about the Wassenaar changes, you may want to pick your jaw up from the table now. Wassenaar is not a treaty, it's just an agreement among nations, and as part of the agreement, they're allowed to agree to disagree. The US government announcement (available at <http://www.jya.com/wa-state1298.htm>) was disingenuous at best, and pure propaganda lies at worst. The danger from the Wassenaar changes is not the agreement itself, but that the agreement provides an excuse for restrictive laws that would not have otherwise been passed. Fortunately, the change in France has put this all in its proper perspective.

To sum up the changes in the social landscape, I want to note that the goal of people who want free use of cryptography is really nothing more than our wanting our government to obey its own laws. We want to protect our documents and messages as they travel over the network. There is no explicit Constitutional right to put a letter in an envelope, but none of us would think we need one. Similarly, surveillance is allowed only in extraordinary circumstances (that's what a court order is - an extraordinary circumstance) by law enforcement. It is even restricted when people record themselves. In Virginia, for example, only one party of a conversation must consent to having the conversation taped, but in Maryland all parties must agree. This is what made the Tripp-Lewinsky tapes so interesting - Linda Tripp was in Maryland when she recorded Lewinsky, who was in Virginia. Note that in neither state would third-party taping be legal. On the Internet, cryptography is the only tool that law-abiding people can use to enforce their legal protection against being recorded by third parties. It is good to remember that it doesn't matter what strength cryptography you use to talk to someone who is recording you.

Government Initiatives

There have been a number of interesting initiatives by governments. As I mentioned above, the French government has completely changed its stand on the use of strong cryptography.

The SAFE Bill Rides Again

In the United States, Congress is slowly moving forward on a law to liberalize the use of strong cryptography. The SAFE bill has been introduced again, and is progressing through Congress. In what represents the claw marks in the ground being dragged back a few more feet, the Commerce Department has liberalized the export regulations a little. The new regulations permit export to most corporations, and additional relief for the financial and health care industries. None of these, though, permit someone to put on a web page information that would be legal to print on paper. It remains to be seen how far the SAFE bill will get this time. The current status of the bill can be found at <http://thomas.loc.gov/ by checking on HR 850>.

The Advanced Encryption Standard

However, the US government is sponsoring a whole new generation of cryptographic algorithms as part of its new Advanced Encryption Standard, or AES. The AES is a replacement for DES, which has been in use for two decades.

The AES is interesting both technically and politically. The AES will be a cipher that has 128-bit (16 byte) blocks, and can be used with 128, 192, and 256-bit keys. This is an interesting step forward, up to the AES requirements, most cipher design was for 64-bit blocks, and 128-bit keys. There have been a number of variable-length key designs, but little emphasis on demonstrating that a key longer than 128 bits actually got its user any more security.

Consequently, the AES has pushed cipher design into a new dimension. The larger block sizes are important, because there are attacks on using a cipher for a number of blocks that are more than the square root of the block size. Thus, a cipher with 64-bit blocks should never be used for more than four billion blocks (that being 232 blocks). Similarly, while a well-constructed 128-bit cipher is secure against anything but the most theoretical attacks, such as quantum computers, a 256-bit cipher tempts one to say things like, "no one would ever need anything larger," which this author might say over a beer, but never in print.

The AES process attracted fifteen candidates by August 1998, which were presented at the first AES conference in Ventura, California. In March of 1999, the second AES conference was held in Rome, Italy. At that conference, analyses and lobbying were done for the ciphers. NIST will winnow the group down to five ciphers in the summer of 1999. The third AES conference will be in New York City in April 2000, and the AES itself will be selected in mid-2000.

Politically, the AES is interesting because it comes from the same government that has the apparent policy of delaying the widespread use of cryptography for as long as possible. On the one hand, delay, and on the other a replacement for DES that genuinely pushes the state of the art. Less interesting, but still worth noting is that the second conference being held in Rome has helped the international aspect of the process. While the standard is a US government standard, and the selection is being made by NIST, only five of the proposals come from nominally US teams, and only one submission from solely US designers.

This is interesting because it means that NIST has to have a number of the documents about the AES under export control, including the ones that describe the function of the proposed algorithms. Many of the official sites for algorithms are kept in off-shore locations.

One of the interesting aspects of the AES is that there is a requirement that the AES algorithm run faster than triple-DES. This makes sense, most DES applications are moving toward using triple-DES, and why bother moving to AES if you won't see a performance improvement? However, a number of the submissions run faster than DES itself. For this reason alone, these algorithms are among the favorites of people examining the submissions.

At the Rome conference, a straw poll was taken for people's favorite algorithms. The results were for Rijndael (pronounced rain-doll), Twofish, Serpent, MARS, and RC6.

You can find more information about the AES on the web at <http://www.nist.gov/aes>.

Private-Sector Developments

There have been a number of other miscellaneous developments in the private sector to export cryptography from the US under the current regulations, and also to demonstrate what the current state of the art is. Three of them are described below.

DES Cracker

For many years, people speculated how easy it would be to build a machine to brute-force search the key space for DES. Of course, the estimate always decreased as the years wore on, and DES-cracking became something of a sport in the last couple of years. In fact, there have been a couple of interesting advancements to the art of fast ciphering as a result of the distributed.net DES cracker. But it wasn't until mid 1998 that DES-cracking became moot with the creation of the EFF's "Deep Crack" machine.

Deep Crack is a scalable system made from custom silicon. Sixteen DES engines are on each chip, and there are thirty-two chips on each board of Deep Crack. The machine can run in a configuration of an arbitrary number of boards. The machine, as configured for DES Challenge III, in January 1999, could search the entire 56-bit key space in 56 hours.

Like many other cryptographic feats, the main effect of Deep Crack was to make a political point. Over the years, people made estimates as to how much it would cost to make a DES cracker. Deep Crack was constructed for about what all the industry estimates claimed, and contrary to government estimates that were three orders of magnitude over the actual construction cost.

Clear Zone

The Clear Zone initiative, also called "private doorbell" is a proposal by eleven corporations for relief on export restrictions for crypto systems that are not end-to-end, for example, encrypting routers and other Virtual Private Network devices.

The Clear Zone proposal rests upon the observation that the legitimate needs of law enforcement to examine network traffic really need a tap to be placed on one of the two ends of a TCP/IP connection. Because of the way that IP networks are constructed, packets can take different routes, and in fact heuristically tend to avoid anything that might slow them down. Consequently, if you need to monitor a network connection, you want to put the monitoring equipment at one of the two ends.

In the case of using encrypting routers, for example, this means that a law enforcement tap is best placed on one end or the other of the connection. Thus, there is no need to limit the export of any equipment that provides such a "clear zone."

Under the proposed clear zone exemptions, a cryptographic system that provides a clear zone would be freely exportable. This, of course, does nothing for end-to-end encryption systems, but allows a category of useful systems free export.

A number of systems are presently under review by the Department of Commerce for export approval under this proposal.

Source Code Publishing

The present EAR regulations, the regulations that govern export of cryptography, have a specific exemption written into them. These regulations, like the ITAR regulations before them, state that "printed material, including source code, are exempt" from the EAR. Over the years, various books with cryptographic source code in them have been freely published, while the binary code itself has been export controlled. In fact, the Karn case revolves specifically around the fact that Schneier's "Applied Cryptography" book is freely exported, along with the source code in it, but that a disk with that source code is not exportable.

In 1997 and 1998, PGP, Inc. and Network Associates (which bought PGP, Inc. in December 1997), started producing internationally available cryptographic software under this exemption. The EFF also used this exemption to publish the source code for the Deep Crack chip. Network Associates has also published the sources to IETF OpenPGP reference code that did not actually contain cryptographic modules, but may have been nonetheless restricted.

The exemption is simple in practice, but more difficult in execution, to use. One obstacle is, of course, that the source code will be freely available to anyone who cares to buy the book containing it. Many systems creators do not want to publish their source code. Others, though, encourage it, and for them, this can be a useful way to get peer review of the implementation. (In fact, PGP, Inc., who pioneered source code publishing, did so as a way to get peer review as a way to dispel fears that there were flaws or back doors in PGP. It was not until they published several versions of PGP source code that applied for and received Department of Commerce approval to sell compatible versions of PGP based upon these source books.)

Another obstacle is that under the EAR, providing technical assistance to foreigners is considered itself an export. Consequently, anyone producing software from published books cannot do it with assistance from people in the US.

However, for those willing to go to the trouble, publishing source code can be a useful means to get peer review of software, as well as versions of it outside of the US legally. If you are interested in getting copies of the PGP books, or the tools used to produce them, they are available from Printer's Inc. bookstore at <http://www.pibooks.com>.

The Bernstein Case

The Bernstein case is a suit filed in US federal court to allow publishing of source code on the net. Full details may be found at <http://www.eff.org/bernstein/>. On May 6, 1999, the Ninth Circuit court of appeals upheld a previous decision that the ITAR and EAR export regulations are an unconstitutional prior restraint on free speech. A constitutional prior restraint has to have a number of properties. They are as follows:

  • any prior restraint must be for a specified brief period of time,
  • the decisions of the agency responsible for the restraining regulation must be subject to prompt judicial review,
  • there must be a clear decision-making process for the restraint with accountability built in to it, as opposed to one that gives the agency much discretion, and
  • the licensing and restraint process must have procedural safeguards built into it.

The appeals court ruled that the regulations, as they apply to cryptography, are unconstitutional. However, you should not immediately go out and start putting crypto source code on your web site. The government can appeal the decision, and most likely will. Furthermore, even if the government does not appeal, it is a decision of the Ninth Circuit, which covers only a number of western states, including California.

Summary

This describes many of the highlights of the last year or so in cryptography. The world of cryptography is still one in which the legal and political facets are as interesting as the technical ones.

The overall situation is one in which the legal aspects are slowly becoming simpler. The opposition to export of cryptographic systems is gradually loosening up, and in a few cases, like in France, suddenly and completely becoming simpler. Perhaps by this time next year, there will be even more good news to report.

 

Community Search:
MacTech Search:

Software Updates via MacUpdate

Apple Pro Video Formats 2.0.2 - Updates...
Apple Pro Video Formats brings updates to Apple's professional-level codes for Final Cut Pro X, Motion 5, and Compressor 4. Version 2.0.2: Includes support for the following professional video codecs... Read more
Apple Final Cut Pro X 10.2.2 - Professio...
Apple Final Cut Pro X is a professional video editing solution.Completely redesigned from the ground up, Final Cut Pro adds extraordinary speed, quality, and flexibility to every part of the post-... Read more
Apple Compressor 4.2.1 - Adds power and...
Compressor adds power and flexibility to Final Cut Pro X export. Customize output settings, work faster with distributed encoding, and tap into a comprehensive set of delivery features. Powerful... Read more
Apple Motion 5.2.2 - Create and customiz...
Apple Motion is designed for video editors, Motion 5 lets you customize Final Cut Pro titles, transitions, and effects. Or create your own dazzling animations in 2D or 3D space, with real-time... Read more
A Better Finder Rename 10.00b1 - File, p...
A Better Finder Rename is the most complete renaming solution available on the market today. That's why, since 1996, tens of thousands of hobbyists, professionals and businesses depend on A Better... Read more
CrossOver 14.1.6 - Run Windows apps on y...
CrossOver can get your Windows productivity applications and PC games up and running on your Mac quickly and easily. CrossOver runs the Windows software that you need on Mac at home, in the office,... Read more
Printopia 2.1.14 - Share Mac printers wi...
Run Printopia on your Mac to share its printers to any capable iPhone, iPad or iPod Touch. Printopia will also add virtual printers, allowing you to save print-outs to your Mac and send to apps.... Read more
Google Drive 1.24 - File backup and shar...
Google Drive is a place where you can create, share, collaborate, and keep all of your stuff. Whether you're working with a friend on a joint research project, planning a wedding with your fiancé, or... Read more
Chromium 45.0.2454.85 - Fast and stable...
Chromium is an open-source browser project that aims to build a safer, faster, and more stable way for all Internet users to experience the web. Version 45.0.2454.85: Note: Does not contain the "... Read more
OmniFocus 2.2.5 - GTD task manager with...
OmniFocus helps you manage your tasks the way that you want, freeing you to focus your attention on the things that matter to you most. Capturing tasks and ideas is always a keyboard shortcut away in... Read more

Zen Brush 2 (Entertainment)
Zen Brush 2 1.0 Device: iOS Universal Category: Entertainment Price: $2.99, Version: 1.0 (iTunes) Description: Zen Brush 2 is a drawing app focused on the strong yet beautiful feel of the East Asian ink brush. | Read more »
NetNewsWire (News)
NetNewsWire 4.0.0 Device: iOS iPhone Category: News Price: $3.99, Version: 4.0.0 (iTunes) Description: Follow the Web NetNewsWire 4, completely written from the ground up for iPhone. NetNewsWire is the best way to keep up with the... | Read more »
Huzzah! Farming Simulator 16 Supports Cl...
As though it weren't difficult enough to resist the siren call of Farming Simulator 16, now it's been updated with cloud saves - so you can jump between devices without missing any of that precious crop-harvesting time. [Read more] | Read more »
Don't Starve: Pocket Edition Finall...
I've made no effort to hide my enjoyment of Don't Starve: Pocket Edition, but I will admit I was a tiny bit disappointed that it was only available for the iPad. Well nuts to that, because Klei Entertainment has made it universal! [Read more] | Read more »
Goat Simulator Wasn't Enough? Then...
If you just didn't get enough goat in Goat Simulator - or if you've been wanting to play a simulated MMO as a microwave - then you're in luck! Goat Simulator MMO Simulator is out now, and it's a game about simulated goats in simulated MMOs. Plus... | Read more »
You Can Play Madfinger Games' Unkil...
Madfinger Games - probably best known for the Dead Trigger series - has officially launched their newest zombie shooter (that isn't called Dead Trigger), named Unkilled. [Read more] | Read more »
KORG iELECTRIBE for iPhone (Music)
KORG iELECTRIBE for iPhone 1.0.1 Device: iOS iPhone Category: Music Price: $9.99, Version: 1.0.1 (iTunes) Description: ** 50% OFF Special Launch Sale - For a Limited Time **The ELECTRIBE reborn in an even smaller form A full-fledged... | Read more »
Toca Life: City Just Got a Bunch of New...
Toca Life: City is Toca Boca's most popular app (number 1 in 47 different countries, apparently), and it's just had an update that adds a bunch of new content. [Read more] | Read more »
My Country 3D is More About Cities than...
My Country 3D is an upcoming city builder from Game Insight that looks pretty decent - although the name seems a tad out of whack for a city builder. Ah well, it is what it is. [Read more] | Read more »
I am Bread (Games)
I am Bread 1.0 Device: iOS Universal Category: Games Price: $4.99, Version: 1.0 (iTunes) Description: ‘I am Bread’ is the latest quirky adventure from the creators of 'Surgeon Simulator', Bossa Studios. This isn't the best thing... | Read more »

Price Scanner via MacPrices.net

Near-Office Input Functionality Virtually Any...
Today Logitech introduced the Logitech K380 Multi-Device Bluetooth Keyboard and the Logitech M535 Bluetooth Mouse, giving users the freedom to work on any device, most anywhere. According to... Read more
College Student Deals: Additional $100 off Ma...
Take an additional $100 off all MacBooks and iMacs at Best Buy Online with their College Students Deals Savings, valid through September 4, 2015. Anyone with a valid .EDU email address can take... Read more
2.8GHz Mac mini available for $988, includes...
Adorama has the 2.8GHz Mac mini available for $988, $11 off MSRP, including a free copy of Apple’s 3-Year AppleCare Protection Plan. Shipping is free, and Adorama charges sales tax in NY & NJ... Read more
Will You Buy An iPad Pro? – The ‘Book Mystiqu...
It looks like we may not have to wait much longer to see what finally materializes as a new, larger-panel iPad (Pro/Plus?) Usually reliable Apple product prognosticator KGI Securities analyst Ming-... Read more
eFileCabinet Announces SMB Document Managemen...
Electronic document management (EDM) eFileCabinet, Inc., a hosted solutions provider for small to medium businesses, has announced that its SecureDrawer and eFileCabinet Online services will be... Read more
WaterField Designs Unveils American-Made, All...
San Francisco’s WaterField Designs today unveiled their all-leather Cozmo 2.0 — an elegant attach laptop bag with carefully-designed features to suit any business environment. The Cozmo 2.0 is... Read more
Apple’s 2015 Back to School promotion: Free B...
Purchase a new Mac or iPad at The Apple Store for Education and take up to $300 off MSRP. All teachers, students, and staff of any educational institution qualify for the discount. Shipping is free,... Read more
128GB MacBook Airs on sale for $100 off MSRP,...
B&H Photo has 11″ & 13″ MacBook Airs with 128GB SSDs on sale for $100 off MSRP. Shipping is free, and B&H charges NY sales tax only: - 11″ 1.6GHz/128GB MacBook Air: $799.99, $100 off MSRP... Read more
13-inch 2.5GHz MacBook Pro (refurbished) avai...
The Apple Store has Apple Certified Refurbished 13″ 2.5GHz MacBook Pros available for $829, or $270 off the cost of new models. Apple’s one-year warranty is standard, and shipping is free: - 13″ 2.... Read more
27-inch 3.2GHz iMac on sale for $1679, save $...
B&H Photo has the 27″ 3.2GHz iMac on sale for $1679.99 including free shipping plus NY sales tax only. Their price is $120 off MSRP. Read more

Jobs Board

*Apple* Retail - Multiple Customer Support P...
Job Description: Customer Support Specialist - Retail Customer Service and Sales Transform Apple Store visitors into loyal Apple customers. When customers enter the Read more
*Apple* Desktop Analyst - KDS Staffing (Unit...
…field and consistent professional recruiting achievement. Job Description: Title: Apple Desktop AnalystPosition Type: Full-time PermanentLocation: White Plains, NYHot Read more
Simply Mac *Apple* Specialist- Repair Techn...
Simply Mac is the greatest premier retailer of Apple products expertise in North America. We're looking for dedicated individuals to provide personalized service and Read more
Simply Mac *Apple* Specialist- Service Repa...
Simply Mac is the greatest premier retailer of Apple products expertise in North America. We're looking for dedicated individuals to provide personalized service and Read more
*Apple* Desktop Analyst - KDS Staffing (Unit...
…field and consistent professional recruiting achievement. Job Description: Title: Apple Desktop AnalystPosition Type: Full-time PermanentLocation: White Plains, NYHot Read more
All contents are Copyright 1984-2011 by Xplain Corporation. All rights reserved. Theme designed by Icreon.