TweetFollow Us on Twitter

StateCryptography

Volume Number: 16 (2000)
Issue Number: 2
Column Tag: Systems

The State of the World in Cryptography

By Jonathan D. Callas, Senior Consultant, Kroll-O'Gara Information Security Group

Introduction

Unlike most technologies, cryptography is intimately connected to politics, social policy, and law. These concerns complicate the job of someone working with the technology, and are often frustrating to have to think about. This article discusses recent developments in the technology of cryptography along with developments in the non-technical areas.

In this article, I will also assume that you are familiar with some of the issues surrounding the current state of affairs. If you are unfamiliar with the technology and politics, here are some books that will help you get up to speed:

  • "Privacy on the Line," by Whitfield Diffie and Susan Eva Landau. MIT Press; ISBN: 0-262-04167-7.
  • "Applied Cryptography: Protocols, Algorithms, and Source Code in C," by Bruce Schneier, John Wiley & Sons; ISBN: 0-471-12845-7.
  • "Handbook of Applied Cryptography," by Alfred J.Menezes, Paul C. van Oorschot, and Scott Vanstone. CRC Press; ISBN: 0-8493-8523-7.

The Social Landscape

Cryptography today is a hot-button issue politically, and for a number of good reasons. First of all, cryptography is a new technology. This may sound like a bold statement. After all, historians of cryptography have pointed out that every time a culture learns writing, it learns secret writing quickly after, and that is what cryptography is, the art of secret writing. However, in the last century, particularly in the last half-century and even more so in the last quarter-century, the art has been completely reshaped.

Any mechanism for secret writing that existed before 1900 is easily broken today by anyone with a mind to. The software you need to break it is easily available on the Internet. It may not be pretty, but it's there. By the end of WWII, the knowledge to do this was available to the major Allied governments, today it's on the web. But even the jewels governments had at the end of the war are now easily broken by software you can find on the Internet. We don't need Alan Turing to break Enigma now; we have the machines he helped create. The tools for both creating and decoding secret messages are now out in the world to anyone who can do a little math.

This is why it is a new technology, and it is also why governments are afraid of it. This is to be expected; how can you blame them? If you had been studying cryptography for hundreds of years (which the British and the Vatican did), everything you knew was worthless by 1950. Everything you learned between 1950 and 1975 is worthless now, and only a few of the things you learned since 1975 are of value today, and it's all because of those computers.

Worse, the new technologies are in the hands of everyday people, and this is scary because bad people will use cryptography to aid their badness (as they've always done). The fact that this can't be changed (the horse is out of the barn), that honest people need cryptography to protect themselves (the legitimate uses outweigh the threat) doesn't make it any less scary for government.

At least, though, they are starting to come to terms with this. While the US government policy is changing slowly, US officials are admitting that the policy is out of touch with reality. Ira Maginziner said as much in late 1998, shortly before leaving the Clinton administration. (See <http://www.latimes.com/HOME/NEWS/POLITICS/ELECT98/NATELECTW/tCB00a1487.html>)

In contrast, the French government startled everyone in early 1999 by completely changing its policies. They immediately loosened restrictions on 128-bit cryptography, and started the legislative process to completely deregulate cryptography. As I write this, rumor is that those new laws will be done by the time you are reading this article. In fact, the June issue of ".Net" magazine contained a CD with 50 MB of encryption programs including PGP, and was sold over the counter in France.

On the other hand, in late 1998, the US government lobbied the Wassenaar Arrangement countries to change the Wassenaar exemption for so-called "mass-market" software containing cryptography. The Wassenaar Arrangement is an agreement between thirty-three countries about exporting "dual-use" items. Dual-use items are items that have both civilian and military uses. Cryptography is a dual-use item, as are plutonium, and supercomputers. One should be aware, though, that a PowerPC G3 or a Pentium II is considered a supercomputer. To hear the US government announcement on the change, one would think that all thirty-three countries had agreed to US government review of all software. This isn't really what happened, though. To start with, here is a quote from the Wassenaar Arrangement itself:

"The decision to transfer or deny transfer of any item will be the sole responsibility of each Participating State. All measures undertaken with respect to the arrangement will be in accordance with national legislation and policies and will be implemented on the basis of national discretion."

Read that carefully. Note that it says that (1) each country gets to make its own decisions, (2) a country's own laws take precedent over the arrangement, and (3) if a country decides not to implement a part of the arrangement, that's okay. Furthermore, if a country has an export control policy that does nothing more than require a one-time form to be filled out, then they are fully in compliance with the arrangement.

If you have been following the news and brouhaha about the Wassenaar changes, you may want to pick your jaw up from the table now. Wassenaar is not a treaty, it's just an agreement among nations, and as part of the agreement, they're allowed to agree to disagree. The US government announcement (available at <http://www.jya.com/wa-state1298.htm>) was disingenuous at best, and pure propaganda lies at worst. The danger from the Wassenaar changes is not the agreement itself, but that the agreement provides an excuse for restrictive laws that would not have otherwise been passed. Fortunately, the change in France has put this all in its proper perspective.

To sum up the changes in the social landscape, I want to note that the goal of people who want free use of cryptography is really nothing more than our wanting our government to obey its own laws. We want to protect our documents and messages as they travel over the network. There is no explicit Constitutional right to put a letter in an envelope, but none of us would think we need one. Similarly, surveillance is allowed only in extraordinary circumstances (that's what a court order is - an extraordinary circumstance) by law enforcement. It is even restricted when people record themselves. In Virginia, for example, only one party of a conversation must consent to having the conversation taped, but in Maryland all parties must agree. This is what made the Tripp-Lewinsky tapes so interesting - Linda Tripp was in Maryland when she recorded Lewinsky, who was in Virginia. Note that in neither state would third-party taping be legal. On the Internet, cryptography is the only tool that law-abiding people can use to enforce their legal protection against being recorded by third parties. It is good to remember that it doesn't matter what strength cryptography you use to talk to someone who is recording you.

Government Initiatives

There have been a number of interesting initiatives by governments. As I mentioned above, the French government has completely changed its stand on the use of strong cryptography.

The SAFE Bill Rides Again

In the United States, Congress is slowly moving forward on a law to liberalize the use of strong cryptography. The SAFE bill has been introduced again, and is progressing through Congress. In what represents the claw marks in the ground being dragged back a few more feet, the Commerce Department has liberalized the export regulations a little. The new regulations permit export to most corporations, and additional relief for the financial and health care industries. None of these, though, permit someone to put on a web page information that would be legal to print on paper. It remains to be seen how far the SAFE bill will get this time. The current status of the bill can be found at <http://thomas.loc.gov/ by checking on HR 850>.

The Advanced Encryption Standard

However, the US government is sponsoring a whole new generation of cryptographic algorithms as part of its new Advanced Encryption Standard, or AES. The AES is a replacement for DES, which has been in use for two decades.

The AES is interesting both technically and politically. The AES will be a cipher that has 128-bit (16 byte) blocks, and can be used with 128, 192, and 256-bit keys. This is an interesting step forward, up to the AES requirements, most cipher design was for 64-bit blocks, and 128-bit keys. There have been a number of variable-length key designs, but little emphasis on demonstrating that a key longer than 128 bits actually got its user any more security.

Consequently, the AES has pushed cipher design into a new dimension. The larger block sizes are important, because there are attacks on using a cipher for a number of blocks that are more than the square root of the block size. Thus, a cipher with 64-bit blocks should never be used for more than four billion blocks (that being 232 blocks). Similarly, while a well-constructed 128-bit cipher is secure against anything but the most theoretical attacks, such as quantum computers, a 256-bit cipher tempts one to say things like, "no one would ever need anything larger," which this author might say over a beer, but never in print.

The AES process attracted fifteen candidates by August 1998, which were presented at the first AES conference in Ventura, California. In March of 1999, the second AES conference was held in Rome, Italy. At that conference, analyses and lobbying were done for the ciphers. NIST will winnow the group down to five ciphers in the summer of 1999. The third AES conference will be in New York City in April 2000, and the AES itself will be selected in mid-2000.

Politically, the AES is interesting because it comes from the same government that has the apparent policy of delaying the widespread use of cryptography for as long as possible. On the one hand, delay, and on the other a replacement for DES that genuinely pushes the state of the art. Less interesting, but still worth noting is that the second conference being held in Rome has helped the international aspect of the process. While the standard is a US government standard, and the selection is being made by NIST, only five of the proposals come from nominally US teams, and only one submission from solely US designers.

This is interesting because it means that NIST has to have a number of the documents about the AES under export control, including the ones that describe the function of the proposed algorithms. Many of the official sites for algorithms are kept in off-shore locations.

One of the interesting aspects of the AES is that there is a requirement that the AES algorithm run faster than triple-DES. This makes sense, most DES applications are moving toward using triple-DES, and why bother moving to AES if you won't see a performance improvement? However, a number of the submissions run faster than DES itself. For this reason alone, these algorithms are among the favorites of people examining the submissions.

At the Rome conference, a straw poll was taken for people's favorite algorithms. The results were for Rijndael (pronounced rain-doll), Twofish, Serpent, MARS, and RC6.

You can find more information about the AES on the web at <http://www.nist.gov/aes>.

Private-Sector Developments

There have been a number of other miscellaneous developments in the private sector to export cryptography from the US under the current regulations, and also to demonstrate what the current state of the art is. Three of them are described below.

DES Cracker

For many years, people speculated how easy it would be to build a machine to brute-force search the key space for DES. Of course, the estimate always decreased as the years wore on, and DES-cracking became something of a sport in the last couple of years. In fact, there have been a couple of interesting advancements to the art of fast ciphering as a result of the distributed.net DES cracker. But it wasn't until mid 1998 that DES-cracking became moot with the creation of the EFF's "Deep Crack" machine.

Deep Crack is a scalable system made from custom silicon. Sixteen DES engines are on each chip, and there are thirty-two chips on each board of Deep Crack. The machine can run in a configuration of an arbitrary number of boards. The machine, as configured for DES Challenge III, in January 1999, could search the entire 56-bit key space in 56 hours.

Like many other cryptographic feats, the main effect of Deep Crack was to make a political point. Over the years, people made estimates as to how much it would cost to make a DES cracker. Deep Crack was constructed for about what all the industry estimates claimed, and contrary to government estimates that were three orders of magnitude over the actual construction cost.

Clear Zone

The Clear Zone initiative, also called "private doorbell" is a proposal by eleven corporations for relief on export restrictions for crypto systems that are not end-to-end, for example, encrypting routers and other Virtual Private Network devices.

The Clear Zone proposal rests upon the observation that the legitimate needs of law enforcement to examine network traffic really need a tap to be placed on one of the two ends of a TCP/IP connection. Because of the way that IP networks are constructed, packets can take different routes, and in fact heuristically tend to avoid anything that might slow them down. Consequently, if you need to monitor a network connection, you want to put the monitoring equipment at one of the two ends.

In the case of using encrypting routers, for example, this means that a law enforcement tap is best placed on one end or the other of the connection. Thus, there is no need to limit the export of any equipment that provides such a "clear zone."

Under the proposed clear zone exemptions, a cryptographic system that provides a clear zone would be freely exportable. This, of course, does nothing for end-to-end encryption systems, but allows a category of useful systems free export.

A number of systems are presently under review by the Department of Commerce for export approval under this proposal.

Source Code Publishing

The present EAR regulations, the regulations that govern export of cryptography, have a specific exemption written into them. These regulations, like the ITAR regulations before them, state that "printed material, including source code, are exempt" from the EAR. Over the years, various books with cryptographic source code in them have been freely published, while the binary code itself has been export controlled. In fact, the Karn case revolves specifically around the fact that Schneier's "Applied Cryptography" book is freely exported, along with the source code in it, but that a disk with that source code is not exportable.

In 1997 and 1998, PGP, Inc. and Network Associates (which bought PGP, Inc. in December 1997), started producing internationally available cryptographic software under this exemption. The EFF also used this exemption to publish the source code for the Deep Crack chip. Network Associates has also published the sources to IETF OpenPGP reference code that did not actually contain cryptographic modules, but may have been nonetheless restricted.

The exemption is simple in practice, but more difficult in execution, to use. One obstacle is, of course, that the source code will be freely available to anyone who cares to buy the book containing it. Many systems creators do not want to publish their source code. Others, though, encourage it, and for them, this can be a useful way to get peer review of the implementation. (In fact, PGP, Inc., who pioneered source code publishing, did so as a way to get peer review as a way to dispel fears that there were flaws or back doors in PGP. It was not until they published several versions of PGP source code that applied for and received Department of Commerce approval to sell compatible versions of PGP based upon these source books.)

Another obstacle is that under the EAR, providing technical assistance to foreigners is considered itself an export. Consequently, anyone producing software from published books cannot do it with assistance from people in the US.

However, for those willing to go to the trouble, publishing source code can be a useful means to get peer review of software, as well as versions of it outside of the US legally. If you are interested in getting copies of the PGP books, or the tools used to produce them, they are available from Printer's Inc. bookstore at <http://www.pibooks.com>.

The Bernstein Case

The Bernstein case is a suit filed in US federal court to allow publishing of source code on the net. Full details may be found at <http://www.eff.org/bernstein/>. On May 6, 1999, the Ninth Circuit court of appeals upheld a previous decision that the ITAR and EAR export regulations are an unconstitutional prior restraint on free speech. A constitutional prior restraint has to have a number of properties. They are as follows:

  • any prior restraint must be for a specified brief period of time,
  • the decisions of the agency responsible for the restraining regulation must be subject to prompt judicial review,
  • there must be a clear decision-making process for the restraint with accountability built in to it, as opposed to one that gives the agency much discretion, and
  • the licensing and restraint process must have procedural safeguards built into it.

The appeals court ruled that the regulations, as they apply to cryptography, are unconstitutional. However, you should not immediately go out and start putting crypto source code on your web site. The government can appeal the decision, and most likely will. Furthermore, even if the government does not appeal, it is a decision of the Ninth Circuit, which covers only a number of western states, including California.

Summary

This describes many of the highlights of the last year or so in cryptography. The world of cryptography is still one in which the legal and political facets are as interesting as the technical ones.

The overall situation is one in which the legal aspects are slowly becoming simpler. The opposition to export of cryptographic systems is gradually loosening up, and in a few cases, like in France, suddenly and completely becoming simpler. Perhaps by this time next year, there will be even more good news to report.

 
AAPL
$97.67
Apple Inc.
+0.64
MSFT
$44.50
Microsoft Corpora
+0.10
GOOG
$589.02
Google Inc.
-4.33

MacTech Search:
Community Search:

Software Updates via MacUpdate

TinkerTool 5.3 - Expanded preference set...
TinkerTool is an application that gives you access to additional preference settings Apple has built into Mac OS X. This allows to activate hidden features in the operating system and in some of the... Read more
Audio Hijack Pro 2.11.0 - Record and enh...
Audio Hijack Pro drastically changes the way you use audio on your computer, giving you the freedom to listen to audio when you want and how you want. Record and enhance any audio with Audio Hijack... Read more
Intermission 1.1.1 - Pause and rewind li...
Intermission allows you to pause and rewind live audio from any application on your Mac. Intermission will buffer up to 3 hours of audio, allowing users to skip through any assortment of audio... Read more
Autopano Giga 3.6 - Stitch multiple imag...
Autopano Giga allows you to stitch 2, 20, or 2,000 images. Version 3.0 integrates impressive new features that will definitely make you adopt Autopano Pro or Autopano Giga: Choose between 9... Read more
Airfoil 4.8.7 - Send audio from any app...
Airfoil allows you to send any audio to AirPort Express units, Apple TVs, and even other Macs and PCs, all in sync! It's your audio - everywhere. With Airfoil you can take audio from any... Read more
Microsoft Remote Desktop 8.0.8 - Connect...
With Microsoft Remote Desktop, you can connect to a remote PC and your work resources from almost anywhere. Experience the power of Windows with RemoteFX in a Remote Desktop client designed to help... Read more
xACT 2.30 - Audio compression toolkit. (...
xACT stands for X Aaudio Compression Toolkit, an application that encodes and decodes FLAC, SHN, Monkey’s Audio, TTA, Wavpack, and Apple Lossless files. It also can encode these formats to MP3, AAC... Read more
Firefox 31.0 - Fast, safe Web browser. (...
Firefox for Mac offers a fast, safe Web browsing experience. Browse quickly, securely, and effortlessly. With its industry-leading features, Firefox is the choice of Web development professionals... Read more
Little Snitch 3.3.3 - Alerts you to outg...
Little Snitch gives you control over your private outgoing data. Track background activityAs soon as your computer connects to the Internet, applications often have permission to send any... Read more
Thunderbird 31.0 - Email client from Moz...
As of July 2012, Thunderbird has transitioned to a new governance model, with new features being developed by the broader free software and open source community, and security fixes and improvements... Read more

Latest Forum Discussions

See All

New Trailer For Outcast Odyssey, A New K...
New Trailer For Outcast Odyssey, A New Kind of Card Battler Posted by Jennifer Allen on July 25th, 2014 [ permalink ] Out this Fall is a new kind of card battle game: Outcast Odyssey. | Read more »
Garfield: Survival of the Fattest Coming...
Garfield: Survival of the Fattest Coming to iOS this Fall Posted by Jennifer Allen on July 25th, 2014 [ permalink ] Who loves lasagna? Me. Also everyone’s favorite grumpy fat cat, Garfield. | Read more »
Happy Flock Review
Happy Flock Review By Andrew Fisher on July 25th, 2014 Our Rating: :: HERD IT ALL BEFOREUniversal App - Designed for iPhone and iPad Underneath the gloss of Happy Flock’s visuals is a game of very little substance. It’s cute, but... | Read more »
Square Register Updates Adds Offline Pay...
Square Register Updates Adds Offline Payments Posted by Ellis Spice on July 25th, 2014 [ permalink ] Universal App - Designed for iPhone and iPad | Read more »
Looking For Group – Hearthstone’s Curse...
For the first time since its release (which has thankfully been a much shorter window for iPad players than their PC counterparts), Blizzard’s wildly successful Hearthstone: Heroes of Warcraft CCG is sporting some brand new content: the single... | Read more »
Poptile Review
Poptile Review By Jennifer Allen on July 25th, 2014 Our Rating: :: SIMPLY FUNUniversal App - Designed for iPhone and iPad Simple yet a little bit glorious, Poptile is a satisfying entertaining puzzle game with oodles of the ‘one... | Read more »
Modern Combat 5: Blackout Review
Modern Combat 5: Blackout Review By Brittany Vincent on July 25th, 2014 Our Rating: :: LESS QQ, MORE PEW PEWUniversal App - Designed for iPhone and iPad The fifth entry into the blockbuster Modern Combat series is what mobile... | Read more »
Watch and Share Mobile Gameplay Videos W...
Watch and Share Mobile Gameplay Videos With Kamcord Posted by Jennifer Allen on July 25th, 2014 [ permalink ] iPhone App - Designed for the iPhone, compatible with the iPad | Read more »
THE KING OF FIGHTERS '98 (Games)
THE KING OF FIGHTERS '98 1.0 Device: iOS Universal Category: Games Price: $3.99, Version: 1.0 (iTunes) Description: Series’ masterpiece “KOF ’98” finally joins the battle on iPhone! FEATURES:■ The best game balance in the “KOF”... | Read more »
LEX Goes Free For One Day In Honor of Ne...
LEX Goes Free For One Day In Honor of New Update Posted by Jennifer Allen on July 24th, 2014 [ permalink ] Universal App - Designed for iPhone and iPad | Read more »

Price Scanner via MacPrices.net

iMacs on sale for $150 off MSRP, $250 off for...
Best Buy has iMacs on sale for up to $160 off MSRP for a limited time. Choose free home shipping or free instant local store pickup (if available). Prices are valid for online orders only, in-store... Read more
Mac minis on sale for $100 off MSRP, starting...
Best Buy has Mac minis on sale for $100 off MSRP. Choose free shipping or free instant local store pickup. Prices are for online orders only, in-store prices may vary: 2.5GHz Mac mini: $499.99 2.3GHz... Read more
Global Tablet Market Grows 11% in Q2/14 Notwi...
Worldwide tablet sales grew 11.0 percent year over year in the second quarter of 2014, with shipments reaching 49.3 million units according to preliminary data from the International Data Corporation... Read more
New iPhone 6 Models to Have Staggered Release...
Digitimes’ Cage Chao and Steve Shen report that according to unnamed sources in Apple’s upstream iPhone supply chain, the new 5.5-inch iPhone will be released several months later than the new 4.7-... Read more
New iOS App Helps People Feel Good About thei...
Mobile shoppers looking for big savings at their favorite stores can turn to the Goodshop app, a new iOS app with the latest coupons and deals at more than 5,000 online stores. In addition to being a... Read more
Save on 5th generation refurbished iPod touch...
The Apple Store has Apple Certified Refurbished 5th generation iPod touches available starting at $149. Apple’s one-year warranty is included with each model, and shipping is free. Many, but not all... Read more
What Should Apple’s Next MacBook Priority Be;...
Stabley Times’ Phil Moore says that after expanding its iMac lineup with a new low end model, Apple’s next Mac hardware decision will be how it wants to approach expanding its MacBook lineup as well... Read more
ArtRage For iPhone Painting App Free During C...
ArtRage for iPhone is currently being offered for free (regularly $1.99) during Comic-Con San Diego #SDCC, July 24-27, in celebration of the upcoming ArtRage 4.5 and other 64-bit versions of the... Read more
With The Apple/IBM Alliance, Is The iPad Now...
Almost since the iPad was rolled out in 2010, and especially after Apple made a 128 GB storage configuration available in 2012, there’s been debate over whether the iPad is a serious tool for... Read more
MacBook Airs on sale starting at $799, free s...
B&H Photo has the new 2014 MacBook Airs on sale for up to $100 off MSRP for a limited time. Shipping is free, and B&H charges NY sales tax only. They also include free copies of Parallels... Read more

Jobs Board

*Apple* Solutions Consultant (ASC) - Apple (...
**Job Summary** The ASC is an Apple employee who serves as an Apple brand ambassador and influencer in a Reseller's store. The ASC's role is to grow Apple Read more
*Apple* Solutions Consultant (ASC) - Apple (...
**Job Summary** The ASC is an Apple employee who serves as an Apple brand ambassador and influencer in a Reseller's store. The ASC's role is to grow Apple Read more
Sr. Project Manager for *Apple* Campus 2 -...
…the design and construction of one building or building components of the New Apple Campus located in Cupertino, CA. They will provide project management oversight for Read more
WW Sales Program Manager, *Apple* Online St...
**Job Summary** Imagine what you could do here. At Apple , great ideas have a way of becoming great products, services, and customer experiences very quickly. Bring Read more
*Apple* Solutions Consultant (ASC) - Apple (...
**Job Summary** The ASC is an Apple employee who serves as an Apple brand ambassador and influencer in a Reseller's store. The ASC's role is to grow Apple Read more
All contents are Copyright 1984-2011 by Xplain Corporation. All rights reserved. Theme designed by Icreon.