TweetFollow Us on Twitter

StateCryptography

Volume Number: 16 (2000)
Issue Number: 2
Column Tag: Systems

The State of the World in Cryptography

By Jonathan D. Callas, Senior Consultant, Kroll-O'Gara Information Security Group

Introduction

Unlike most technologies, cryptography is intimately connected to politics, social policy, and law. These concerns complicate the job of someone working with the technology, and are often frustrating to have to think about. This article discusses recent developments in the technology of cryptography along with developments in the non-technical areas.

In this article, I will also assume that you are familiar with some of the issues surrounding the current state of affairs. If you are unfamiliar with the technology and politics, here are some books that will help you get up to speed:

  • "Privacy on the Line," by Whitfield Diffie and Susan Eva Landau. MIT Press; ISBN: 0-262-04167-7.
  • "Applied Cryptography: Protocols, Algorithms, and Source Code in C," by Bruce Schneier, John Wiley & Sons; ISBN: 0-471-12845-7.
  • "Handbook of Applied Cryptography," by Alfred J.Menezes, Paul C. van Oorschot, and Scott Vanstone. CRC Press; ISBN: 0-8493-8523-7.

The Social Landscape

Cryptography today is a hot-button issue politically, and for a number of good reasons. First of all, cryptography is a new technology. This may sound like a bold statement. After all, historians of cryptography have pointed out that every time a culture learns writing, it learns secret writing quickly after, and that is what cryptography is, the art of secret writing. However, in the last century, particularly in the last half-century and even more so in the last quarter-century, the art has been completely reshaped.

Any mechanism for secret writing that existed before 1900 is easily broken today by anyone with a mind to. The software you need to break it is easily available on the Internet. It may not be pretty, but it's there. By the end of WWII, the knowledge to do this was available to the major Allied governments, today it's on the web. But even the jewels governments had at the end of the war are now easily broken by software you can find on the Internet. We don't need Alan Turing to break Enigma now; we have the machines he helped create. The tools for both creating and decoding secret messages are now out in the world to anyone who can do a little math.

This is why it is a new technology, and it is also why governments are afraid of it. This is to be expected; how can you blame them? If you had been studying cryptography for hundreds of years (which the British and the Vatican did), everything you knew was worthless by 1950. Everything you learned between 1950 and 1975 is worthless now, and only a few of the things you learned since 1975 are of value today, and it's all because of those computers.

Worse, the new technologies are in the hands of everyday people, and this is scary because bad people will use cryptography to aid their badness (as they've always done). The fact that this can't be changed (the horse is out of the barn), that honest people need cryptography to protect themselves (the legitimate uses outweigh the threat) doesn't make it any less scary for government.

At least, though, they are starting to come to terms with this. While the US government policy is changing slowly, US officials are admitting that the policy is out of touch with reality. Ira Maginziner said as much in late 1998, shortly before leaving the Clinton administration. (See <http://www.latimes.com/HOME/NEWS/POLITICS/ELECT98/NATELECTW/tCB00a1487.html>)

In contrast, the French government startled everyone in early 1999 by completely changing its policies. They immediately loosened restrictions on 128-bit cryptography, and started the legislative process to completely deregulate cryptography. As I write this, rumor is that those new laws will be done by the time you are reading this article. In fact, the June issue of ".Net" magazine contained a CD with 50 MB of encryption programs including PGP, and was sold over the counter in France.

On the other hand, in late 1998, the US government lobbied the Wassenaar Arrangement countries to change the Wassenaar exemption for so-called "mass-market" software containing cryptography. The Wassenaar Arrangement is an agreement between thirty-three countries about exporting "dual-use" items. Dual-use items are items that have both civilian and military uses. Cryptography is a dual-use item, as are plutonium, and supercomputers. One should be aware, though, that a PowerPC G3 or a Pentium II is considered a supercomputer. To hear the US government announcement on the change, one would think that all thirty-three countries had agreed to US government review of all software. This isn't really what happened, though. To start with, here is a quote from the Wassenaar Arrangement itself:

"The decision to transfer or deny transfer of any item will be the sole responsibility of each Participating State. All measures undertaken with respect to the arrangement will be in accordance with national legislation and policies and will be implemented on the basis of national discretion."

Read that carefully. Note that it says that (1) each country gets to make its own decisions, (2) a country's own laws take precedent over the arrangement, and (3) if a country decides not to implement a part of the arrangement, that's okay. Furthermore, if a country has an export control policy that does nothing more than require a one-time form to be filled out, then they are fully in compliance with the arrangement.

If you have been following the news and brouhaha about the Wassenaar changes, you may want to pick your jaw up from the table now. Wassenaar is not a treaty, it's just an agreement among nations, and as part of the agreement, they're allowed to agree to disagree. The US government announcement (available at <http://www.jya.com/wa-state1298.htm>) was disingenuous at best, and pure propaganda lies at worst. The danger from the Wassenaar changes is not the agreement itself, but that the agreement provides an excuse for restrictive laws that would not have otherwise been passed. Fortunately, the change in France has put this all in its proper perspective.

To sum up the changes in the social landscape, I want to note that the goal of people who want free use of cryptography is really nothing more than our wanting our government to obey its own laws. We want to protect our documents and messages as they travel over the network. There is no explicit Constitutional right to put a letter in an envelope, but none of us would think we need one. Similarly, surveillance is allowed only in extraordinary circumstances (that's what a court order is - an extraordinary circumstance) by law enforcement. It is even restricted when people record themselves. In Virginia, for example, only one party of a conversation must consent to having the conversation taped, but in Maryland all parties must agree. This is what made the Tripp-Lewinsky tapes so interesting - Linda Tripp was in Maryland when she recorded Lewinsky, who was in Virginia. Note that in neither state would third-party taping be legal. On the Internet, cryptography is the only tool that law-abiding people can use to enforce their legal protection against being recorded by third parties. It is good to remember that it doesn't matter what strength cryptography you use to talk to someone who is recording you.

Government Initiatives

There have been a number of interesting initiatives by governments. As I mentioned above, the French government has completely changed its stand on the use of strong cryptography.

The SAFE Bill Rides Again

In the United States, Congress is slowly moving forward on a law to liberalize the use of strong cryptography. The SAFE bill has been introduced again, and is progressing through Congress. In what represents the claw marks in the ground being dragged back a few more feet, the Commerce Department has liberalized the export regulations a little. The new regulations permit export to most corporations, and additional relief for the financial and health care industries. None of these, though, permit someone to put on a web page information that would be legal to print on paper. It remains to be seen how far the SAFE bill will get this time. The current status of the bill can be found at <http://thomas.loc.gov/ by checking on HR 850>.

The Advanced Encryption Standard

However, the US government is sponsoring a whole new generation of cryptographic algorithms as part of its new Advanced Encryption Standard, or AES. The AES is a replacement for DES, which has been in use for two decades.

The AES is interesting both technically and politically. The AES will be a cipher that has 128-bit (16 byte) blocks, and can be used with 128, 192, and 256-bit keys. This is an interesting step forward, up to the AES requirements, most cipher design was for 64-bit blocks, and 128-bit keys. There have been a number of variable-length key designs, but little emphasis on demonstrating that a key longer than 128 bits actually got its user any more security.

Consequently, the AES has pushed cipher design into a new dimension. The larger block sizes are important, because there are attacks on using a cipher for a number of blocks that are more than the square root of the block size. Thus, a cipher with 64-bit blocks should never be used for more than four billion blocks (that being 232 blocks). Similarly, while a well-constructed 128-bit cipher is secure against anything but the most theoretical attacks, such as quantum computers, a 256-bit cipher tempts one to say things like, "no one would ever need anything larger," which this author might say over a beer, but never in print.

The AES process attracted fifteen candidates by August 1998, which were presented at the first AES conference in Ventura, California. In March of 1999, the second AES conference was held in Rome, Italy. At that conference, analyses and lobbying were done for the ciphers. NIST will winnow the group down to five ciphers in the summer of 1999. The third AES conference will be in New York City in April 2000, and the AES itself will be selected in mid-2000.

Politically, the AES is interesting because it comes from the same government that has the apparent policy of delaying the widespread use of cryptography for as long as possible. On the one hand, delay, and on the other a replacement for DES that genuinely pushes the state of the art. Less interesting, but still worth noting is that the second conference being held in Rome has helped the international aspect of the process. While the standard is a US government standard, and the selection is being made by NIST, only five of the proposals come from nominally US teams, and only one submission from solely US designers.

This is interesting because it means that NIST has to have a number of the documents about the AES under export control, including the ones that describe the function of the proposed algorithms. Many of the official sites for algorithms are kept in off-shore locations.

One of the interesting aspects of the AES is that there is a requirement that the AES algorithm run faster than triple-DES. This makes sense, most DES applications are moving toward using triple-DES, and why bother moving to AES if you won't see a performance improvement? However, a number of the submissions run faster than DES itself. For this reason alone, these algorithms are among the favorites of people examining the submissions.

At the Rome conference, a straw poll was taken for people's favorite algorithms. The results were for Rijndael (pronounced rain-doll), Twofish, Serpent, MARS, and RC6.

You can find more information about the AES on the web at <http://www.nist.gov/aes>.

Private-Sector Developments

There have been a number of other miscellaneous developments in the private sector to export cryptography from the US under the current regulations, and also to demonstrate what the current state of the art is. Three of them are described below.

DES Cracker

For many years, people speculated how easy it would be to build a machine to brute-force search the key space for DES. Of course, the estimate always decreased as the years wore on, and DES-cracking became something of a sport in the last couple of years. In fact, there have been a couple of interesting advancements to the art of fast ciphering as a result of the distributed.net DES cracker. But it wasn't until mid 1998 that DES-cracking became moot with the creation of the EFF's "Deep Crack" machine.

Deep Crack is a scalable system made from custom silicon. Sixteen DES engines are on each chip, and there are thirty-two chips on each board of Deep Crack. The machine can run in a configuration of an arbitrary number of boards. The machine, as configured for DES Challenge III, in January 1999, could search the entire 56-bit key space in 56 hours.

Like many other cryptographic feats, the main effect of Deep Crack was to make a political point. Over the years, people made estimates as to how much it would cost to make a DES cracker. Deep Crack was constructed for about what all the industry estimates claimed, and contrary to government estimates that were three orders of magnitude over the actual construction cost.

Clear Zone

The Clear Zone initiative, also called "private doorbell" is a proposal by eleven corporations for relief on export restrictions for crypto systems that are not end-to-end, for example, encrypting routers and other Virtual Private Network devices.

The Clear Zone proposal rests upon the observation that the legitimate needs of law enforcement to examine network traffic really need a tap to be placed on one of the two ends of a TCP/IP connection. Because of the way that IP networks are constructed, packets can take different routes, and in fact heuristically tend to avoid anything that might slow them down. Consequently, if you need to monitor a network connection, you want to put the monitoring equipment at one of the two ends.

In the case of using encrypting routers, for example, this means that a law enforcement tap is best placed on one end or the other of the connection. Thus, there is no need to limit the export of any equipment that provides such a "clear zone."

Under the proposed clear zone exemptions, a cryptographic system that provides a clear zone would be freely exportable. This, of course, does nothing for end-to-end encryption systems, but allows a category of useful systems free export.

A number of systems are presently under review by the Department of Commerce for export approval under this proposal.

Source Code Publishing

The present EAR regulations, the regulations that govern export of cryptography, have a specific exemption written into them. These regulations, like the ITAR regulations before them, state that "printed material, including source code, are exempt" from the EAR. Over the years, various books with cryptographic source code in them have been freely published, while the binary code itself has been export controlled. In fact, the Karn case revolves specifically around the fact that Schneier's "Applied Cryptography" book is freely exported, along with the source code in it, but that a disk with that source code is not exportable.

In 1997 and 1998, PGP, Inc. and Network Associates (which bought PGP, Inc. in December 1997), started producing internationally available cryptographic software under this exemption. The EFF also used this exemption to publish the source code for the Deep Crack chip. Network Associates has also published the sources to IETF OpenPGP reference code that did not actually contain cryptographic modules, but may have been nonetheless restricted.

The exemption is simple in practice, but more difficult in execution, to use. One obstacle is, of course, that the source code will be freely available to anyone who cares to buy the book containing it. Many systems creators do not want to publish their source code. Others, though, encourage it, and for them, this can be a useful way to get peer review of the implementation. (In fact, PGP, Inc., who pioneered source code publishing, did so as a way to get peer review as a way to dispel fears that there were flaws or back doors in PGP. It was not until they published several versions of PGP source code that applied for and received Department of Commerce approval to sell compatible versions of PGP based upon these source books.)

Another obstacle is that under the EAR, providing technical assistance to foreigners is considered itself an export. Consequently, anyone producing software from published books cannot do it with assistance from people in the US.

However, for those willing to go to the trouble, publishing source code can be a useful means to get peer review of software, as well as versions of it outside of the US legally. If you are interested in getting copies of the PGP books, or the tools used to produce them, they are available from Printer's Inc. bookstore at <http://www.pibooks.com>.

The Bernstein Case

The Bernstein case is a suit filed in US federal court to allow publishing of source code on the net. Full details may be found at <http://www.eff.org/bernstein/>. On May 6, 1999, the Ninth Circuit court of appeals upheld a previous decision that the ITAR and EAR export regulations are an unconstitutional prior restraint on free speech. A constitutional prior restraint has to have a number of properties. They are as follows:

  • any prior restraint must be for a specified brief period of time,
  • the decisions of the agency responsible for the restraining regulation must be subject to prompt judicial review,
  • there must be a clear decision-making process for the restraint with accountability built in to it, as opposed to one that gives the agency much discretion, and
  • the licensing and restraint process must have procedural safeguards built into it.

The appeals court ruled that the regulations, as they apply to cryptography, are unconstitutional. However, you should not immediately go out and start putting crypto source code on your web site. The government can appeal the decision, and most likely will. Furthermore, even if the government does not appeal, it is a decision of the Ninth Circuit, which covers only a number of western states, including California.

Summary

This describes many of the highlights of the last year or so in cryptography. The world of cryptography is still one in which the legal and political facets are as interesting as the technical ones.

The overall situation is one in which the legal aspects are slowly becoming simpler. The opposition to export of cryptographic systems is gradually loosening up, and in a few cases, like in France, suddenly and completely becoming simpler. Perhaps by this time next year, there will be even more good news to report.

 

Community Search:
MacTech Search:

Software Updates via MacUpdate

Duplicate Annihilator 5.7.7 - Find and d...
Duplicate Annihilator takes on the time-consuming task of comparing the images in your iPhoto library using effective algorithms to make sure that no duplicate escapes. Duplicate Annihilator... Read more
OS X Server 4.1.3 - For OS X 10.10 Yosem...
Designed for OS X and iOS devices, OS X Server makes it easy to share files, schedule meetings, synchronize contacts, develop software, host your own website, publish wikis, configure Mac, iPhone,... Read more
pwSafe 4.1 - Secure password management...
pwSafe provides simple and secure password management across devices and computers. pwSafe uses iCloud to keep your password databases backed-up and synced between Macs and iOS devices. It is... Read more
Kodi 15.0.rc1 - Powerful media center to...
Kodi (was XBMC) is an award-winning free and open-source (GPL) software media player and entertainment hub that can be installed on Linux, OS X, Windows, iOS, and Android, featuring a 10-foot user... Read more
Coda 2.5.11 - One-window Web development...
Coda is a powerful Web editor that puts everything in one place. An editor. Terminal. CSS. Files. With Coda 2, we went beyond expectations. With loads of new, much-requested features, a few surprises... Read more
Bookends 12.5.7 - Reference management a...
Bookends is a full-featured bibliography/reference and information-management system for students and professionals. Access the power of Bookends directly from Mellel, Nisus Writer Pro, or MS Word (... Read more
Maya 2016 - Professional 3D modeling and...
Maya is an award-winning software and powerful, integrated 3D modeling, animation, visual effects, and rendering solution. Because Maya is based on an open architecture, all your work can be scripted... Read more
RapidWeaver 6.2.3 - Create template-base...
RapidWeaver is a next-generation Web design application to help you easily create professional-looking Web sites in minutes. No knowledge of complex code is required, RapidWeaver will take care of... Read more
MacFamilyTree 7.5.2 - Create and explore...
MacFamilyTree gives genealogy a facelift: it's modern, interactive, incredibly fast, and easy to use. We're convinced that generations of chroniclers would have loved to trade in their genealogy... Read more
Paragraphs 1.0.1 - Writing tool just for...
Paragraphs is an app just for writers. It was built for one thing and one thing only: writing. It gives you everything you need to create brilliant prose and does away with the rest. Everything in... Read more

Rage of Bahamut is Giving Almost All of...
The App Store isn't what it used to be back in 2012, so it's not unexpected to see some games changing their structures with the times. Now we can add Rage of Bahamut to that list with the recent announcement that the game is severely cutting back... | Read more »
Adventures of Pip (Games)
Adventures of Pip 1.0 Device: iOS iPhone Category: Games Price: $4.99, Version: 1.0 (iTunes) Description: ** ONE WEEK ONLY — 66% OFF! *** “Adventures of Pip is a delightful little platformer full of charm, challenge and impeccable... | Read more »
Divide By Sheep - Tips, Tricks, and Stre...
Who would have thought splitting up sheep could be so involved? Anyone who’s played Divide by Sheep, that’s who! While we’re not about to give you complete solutions to everything (because that’s just cheating), we will happily give you some... | Read more »
NaturalMotion and Zynga Have Started Tea...
An official sequel to 2012's CSR Racing is officially on the way, with Zynga and NaturalMotion releasing a short teaser trailer to get everyone excited. Well, as excited as one can get from a trailer with no gameplay footage, anyway. [Read more] | Read more »
Grab a Friend and Pick up Overkill 3, Be...
Overkill 3 is a pretty enjoyable third-person shooter that was sort of begging for some online multiplayer. Fortunately the begging can stop, because its newest update has added an online co-op mode. [Read more] | Read more »
Scanner Pro's Newest Update Adds Au...
Scanner Pro is one of the most popular document scanning apps on iOS, thanks in no small part to its near-constant updates, I'm sure. Now we're up to update number six, and it adds some pretty handy new features. [Read more] | Read more »
Heroki (Games)
Heroki 1.0 Device: iOS Universal Category: Games Price: $7.99, Version: 1.0 (iTunes) Description: CLEAR THE SKIES FOR A NEW HERO!The peaceful sky village of Levantia is in danger! The dastardly Dr. N. Forchin and his accomplice,... | Read more »
Wars of the Roses (Games)
Wars of the Roses 1.0 Device: iOS Universal Category: Games Price: $4.99, Version: 1.0 (iTunes) Description: | Read more »
TapMon Battle (Games)
TapMon Battle 1.0 Device: iOS Universal Category: Games Price: $.99, Version: 1.0 (iTunes) Description: It's time to battle!Tap! Tap! Tap! Try tap a egg to hatch a Tapmon!Do a battle with another tapmons using your hatched tapmons! *... | Read more »
Alchemic Dungeons (Games)
Alchemic Dungeons 1.0 Device: iOS Universal Category: Games Price: $.99, Version: 1.0 (iTunes) Description: ### Release Event! ### 2.99$->0.99$ for limited time! ### Roguelike Role Playing Game! ### Alchemic Dungeons is roguelike... | Read more »

Price Scanner via MacPrices.net

Seagate Backup Plus Drives Feature 200GB of C...
Seagate Technology plc has announced that its Backup Plus family of external storage offerings will now include 200GB of OneDrive cloud storage, a major added value, and the addition of Lyve’s photo... Read more
Canon PIXMA MG3620 Wireless Inkjet All-in-One...
Canon U.S.A., Inc. has announced the PIXMA MG3620 Wireless (1) Inkjet All-in-One (AIO) printer for high-quality photo and document printing. Built with convenience in mind for the everyday home user... Read more
July 4th Holiday Weekend 13-inch MacBook Pro...
Save up to $150 on the purchase of a new 2015 13″ Retina MacBook Pro at the following resellers this weekend. Shipping is free with each model: 2.7GHz/128GB MSRP $1299 2.7GHz/... Read more
27-inch 3.5GHz 5K iMac on sale for $2149, sav...
Best Buy has the 27″ 3.5GHz 5K iMac on sale for $2149.99. Choose free shipping or free local store pickup (if available). Sale price for online orders only, in-store prices may vary. Their price is $... Read more
Apple now offering refurbished 2015 11-inch...
The Apple Store is now offering Apple Certified Refurbished 2015 11″ MacBook Airs as well as 13″ MacBook Airs (the latest models), available for up to $180 off the cost of new models. An Apple one-... Read more
15-inch 2.5GHz Retina MacBook Pro on sale for...
Amazon.com has the 15″ 2.5GHz Retina MacBook Pro on sale for $2274 including free shipping. Their price is $225 off MSRP, and it’s the lowest price available for this model. Read more
Finally Safe To Upgrade To Yosemite’?
The reason I’ve held back from upgrading my MacBook Air from OS X 10.9 Mavericks to 10.10 Yosemite for nearly a year isn’t just procrastination. Among other bugs reported, there have been persistent... Read more
Logo Pop Free Vector Logo Design App For OS X...
128bit Technologies has released of Logo Pop Free 1.2 for Mac OS X, a vector based, full-fledged, logo design app available exclusively on the Mac App Store for the agreeable price of absolutely free... Read more
21-inch 1.4GHz iMac on sale for $999, save $1...
B&H Photo has new 21″ 1.4GHz iMac on sale for $999 including free shipping plus NY sales tax only. Their price is $100 off MSRP. Best Buy has the 21″ 1.4GHz iMac on sale for $999.99 on their... Read more
16GB iPad mini 3 on sale for $339, save $60
B&H Photo has the 16GB iPad mini 3 WiFi on sale for $339 including free shipping plus NY tax only. Their price is $60 off MSRP. Read more

Jobs Board

Frameworks Engineer, *Apple* Watch - Apple...
**Job Summary** Join the team that is shaping the future of software development for Apple Watch! As a software engineer on the Apple Watch Frameworks team you will Read more
Mobile Payments Counsel, *Apple* Pay (digit...
**Job Summary** Apple is looking for an atto ey to join Apple 's Legal Department to support Apple Pay. **Key Qualifications** 4+ years of relevant experience Read more
*Apple* Solutions Consultant - Retail Sales...
**Job Summary** The ASC is an Apple employee who serves as the Apple business manager and influencer in a hyper-business critical Reseller's store which delivers Read more
Partner Marketing Manager, Merchant- *Apple*...
**Job Summary** The Apple Pay partner marketing team is looking for a marketing manager to develop and drive US marketing programs with our merchant partners. The right Read more
*Apple* Solutions Consultant - Retail Sales...
**Job Summary** As an Apple Solutions Consultant (ASC) you are the link between our customers and our products. Your role is to drive the Apple business in a retail Read more
All contents are Copyright 1984-2011 by Xplain Corporation. All rights reserved. Theme designed by Icreon.