IP: HP press conference on crypto

[Dave Farber <farber () cis upenn edu>]

From:   director () embassy org (Ross Stapleton-Gray)
Date: 96-11-18 10:13:49 EST


I decided to bug out of the press conference after finding it scheduled
for 9:30, and not 8:00 (though even the Press Club literature was on my
side!), though I (1) left the reporting in the hands of folks like Brock
Meeks, an (2) scarfed up the available literature.  The folks in
attendance were a veritable Who's Who of crypto wonkdom... Dorothy
Denning, Stu Baker, and a slew of other notables.


HP's "breakthrough" is their International Cryptography Framework (ICF).
According to their press release, it is approved by USG, "supported" by
the French and British governments, and has technology partners in Intel,
Microsoft, Gemplus, RSA and TIS, and application partners in Informix,
Netscape and VeriFone.


Later in the release are quotes from the cited governments:


US - "We are satisfied that despite the flexibility that is built into
HP's ICF, it has sufficient technical controls to ensure compliance with
US policy."
France (Service Central des Systemes d'Information) - "The ICF
architecture looks very promising to support the Trusted Third Party
Schema that will be implemented in France in application of the July 1996
law on Telecommunications."
UK (Dept. of Trade & Industry) - "ICF is an interesting solution that may
help to ensure that industry needs for security for their information and
communication systems are met without undermining the requirements for
effective law enforcement."


As an old analyst, "looks very promising" and "interesting...may help" are
not approvals, just tentative mushy words avoiding endorsement.


The technology itself appears to be in the form of a "tamper-proof"
physical device (reminiscent of Clipper/Capstone) which would hold
"dormant" encryption mechanisms.  These could be activated through
assertion of a "Policy Activation Token" received from a "Security Domain
Authority."  Individual encrypted messages would have appended a "Key
Recovery Field" to permit the specific session key for that message to be
retrieved by a key recovery agent.


None of the literature goes into much detail of how governments would play
in this... presumably the requirement for "Policy Activation Tokens" means
that HP (through hardware partner Intel) could ship a lot of devices that
could implement 56-bit DES today, and be later activated to provide
128-bit escrowed Algorithm X, or Y, or Z (not clear if the tamper-proof
box can be loaded with new encryption code, or if it's only working from
the original set of stored protocols).  It's not clear if there's a
deactivation capability, or if there is, how the user would be compelled
to use it (though one could imagine a time-out feature requiring
reactivation).


I'll leave it to the real crypto analysts to sort out, but it looks as if
what HP, Intel and Microsoft (which has a crypto API for the technology to
be fitted in) have delivered is a general-purpose Clipper-like container,
with a key escrow structure in two areas: the device itself is governed by
the Policy Activation Token, and individual session keys can be
reconstructed by whomever the escrow agents are.  At first glance there
seem to be a lot of unknowns, e.g., whether this system would be as
subject to corruption of the Key Recovery Field (and hence rendered
unreadable by the escrow agents) as Matt Blaze showed Clipper and its LEAF
to be. 


Not a software solution either, requiring an Intel device... presumably
device keys (for use by the "Policy Activation Token") would be
established by Intel for passage to "the authorities," or Intel could
produce keyable devices.


Dunno... the more I think about this the more I'm unsure that this is a
safe system (from the perspective of keeping strong crypto out of
nongovernment hands)... spoofing of Tokens, corruption of the KRF, etc.,
all seem reasonable stunts.


Ross
_____________________________________________________________________
Ross Stapleton-Gray                     TeleDiplomacy, Inc.
director () embassy org                    2503 Columbia Pike, Suite 118
Director, Electronic Embassy Program    Arlington VA 22204
http://www.embassy.org                  +1 703 685-5197 / 5257 fax