1 March 1998
Source: http://www.hpconnect.com/versecure/html/overview.html


VerSecure Overview
An International Cryptography Framework

Global Commerce Requires Secure Electronic Communication
Hewlett-Packard Meets Business and Government Needs
VerSecure Changes the Way the World Does Business
A Thorough Solution to a Complex Problem
The SDA perspective
The CU Manufacturer Perspective
The Application Developer Perspective
The End-User Perspective
What the Experts Say
Find Out More About VerSecure

Hewlett-Packard has developed a framework on which to build the future of secure electronic commerce and communications. It is a hardware-based cryptography solution that gives businesses and individuals access to multiple levels of cryptography worldwide while ensuring that local regulations are followed. This framework is not a single technology; rather it is a complete architecture that opens the way for Hewlett-Packard and other hardware and software vendors to provide a wide range of cryptography solutions to the international market. With VerSecure, vendors of cryptography products need only support one product worldwide, which can be made to operate under varying cryptography policies on a country-by-country basis.

The VerSecure architecture was developed over a long period of time by working with businesses and governments to thoroughly analyze the problem of providing international cryptography solutions. Hewlett-Packard took the time to understand the many needs of businesses, governments, and individuals. The result is VerSecure, a multi-faceted solution that paves the way to providing businesses, governments, and individuals with secure electronic commerce and communication.



Global Commerce Requires Secure Electronic Communication
In today's rapidly expanding world of Internet and electronic business activity, secure communication is essential. This is especially true in commercial transactions where security and privacy are the building blocks for maintaining customer confidence and for protecting investments. As the Internet and distributed c orporate systems continue to grow at an exponential rate, an effective global economy requires the ability to securely exchange information across national boundaries.

Cryptographic methods provide data security essential for global commerce. However, providing a cryptographic solution that works in the global forum is fraught with difficulties. Companies want to protect their investments in information and technology, and many national governments control the export, import, and use of cryptography in their domain. The question of how to reconcile the business need for secure communications with the government need to set policy for use of encryption has posed a major barrier to the development of secure international data communications.

Worldwide use of cryptography requires balance between government and business needs regarding the implementation of cryptographic solutions. To begin a new age in commercial transactions where national borders give way to the growing need for international cooperation and information sharing, an enabling infrastructure must be put into place. This infrastructure must provide a common ground where governments, corporations, institutions, hardware manufacturers and application developers can come to a consensus on how electronic commerce can be implemented using cryptography.

VerSecure provides a foundation for creating international cryptography solutions.



Hewlett-Packard Meets Business and Government Needs
VerSecure fosters consensus.US. Hewlett-Packard developed VerSecure by involving all parties concerned with the use of cryptography. The result is a technological framework that meets the requirements for implementing an international cryptographic solution:



VerSecure Changes the Way the World Does Business
VerSecure takes the next step in electronic commerce. VerSecure is an architecture that separates the encryption mechanisms from the encryption policies. This separation allows for international use of strong encryption required to authenticate electronic signature and to ensure against fraud, such as credit card number theft and alteration of bank records. At the same time it allows an authority to manage encryption policy consistent with local laws. VerSecure provides:



A Thorough Solution to a Complex Problem
A multi-faceted technical solution is needed to address the diverse needs of all involved in developing a global economy based on electronic commerce and communication. It is the sum of all the parts of VerSecure that make it a unique and thorough solution approved by several governments.

Security Domain Authorities (SDAs) set encryption policies for their domain (1a). These policies follow any relevant rules and regulations that may be imposed by their country. SDAs set encryption policy by defining which Classes of Service (COS) are available in their domain(2a). A COS identifies an encryption method along with parameters and constraints on the method, such as key length, expiration, and use.

VerSecure allows an SDA to enforce policies in a domain using any VerSecure-compliant cryptographic unit (CU). The encryption methods in a CU are disabled using Hewlett-Packard's patented touch points before they are shipped (1b). Users register the CU with the local SDA (2b). CUs are enabled by a Policy Activation Token (PAT). The PATs allow the CU to perform only those cryptography functions authorized by the SDA for the specific domain (3).



The SDA perspective
A Security Domain Authority (SDA) is a trusted third party designated to manage encryption policy in a domain. The SDA has the following responsibilities for a given domain:

VerSecure is compatible with most national policies concerning use of encryption.

Once policy is determined, the SDA uses the key pairs to sign one or more Classes of Service (COS). Each COS identifies an encryption method along with constraints for the method. VerSecure provides support for major cryptographic methods with or without key recovery:
RC2 Triple-DES Custom
RC4 DES DSS
RSA SHA

One or more Classes of Service are then packaged into a Policy Activation Token that represent the policy for that domain. SDAs agree to have at least one COS that provides a key recovery option. When a CU is shipped to an SDA domain, it registers with the SDA and is given a PAT that identifies all supported encryption methods within that domain. The PATs are installed in the CU and encryption is enabled for that device. All applications using standard APIs can use the encryption methods enabled on the CU.

As the COS expires, the SDA establishes a process for distributing renewed and updated PATs to registered CUs, most likely once a year. This expiration allows SDAs to deploy new or modified policies within a reasonable time, and allows distribution of updated and improved cryptographic algorithms.



The CU Manufacturer Perspective
A CU manufacturer works with Hewlett-Packard to create a VerSecure-compliant cryptographic unit (CU). Because the CU is VerSecure-compliant, the CU manufacturer would obtain a U.S. export license authorizing the broad distribution of a common CU throughout most of the world. CU vendors would not be required to get a specific export license for each customer or application.

Hewlett-Packard provides the CU manufacturer with developer guidelines and tools. The CU can be manufactured as an independent card, an integrated chip, or anything else the CU vendor deems appropriate. During its development, the encryption methods in the CU are rendered dormant using Hewlett-Packard's patented touch points.

Touch points render cryptographic methods inoperative. Touch points are implemented so that encryption methods are never permanently restored on the CU, making them resistant to tampering and fraudulent replacement. The Policy Activation Token (PAT) provided by the SDA provides access to the correct pieces to complete the touch points and activate the appropriate encryption methods.



The Application Developer Perspective
VerSecure allows application developers to use a generic cryptographic API that is policy neutral: applications no longer have to be written to adhere to a specific country's policy regarding use of encryption. For example, applications can be written using strong encryption without having to implement strict policies such as key recovery within the context of local laws and policies.

Applications developed using the standard MS CryptoAPI will run without alteration in a VerSecure environment. Other standard APIs, including CDSA will be supported in the near future, allowing additional applications to be VerSecure compatible.

Application developers will be able to see which COS are supported by which national and business domains so they can develop applications using encryption methods supported by the countries in which they want to sell. An application developer wanting to sell e-commerce software using strong encryption in Europe and the U.S. would use a strong encryption method common to all European and U.S. policies.



The End-User Perspective
Businesses and users automatically get the benefits of strong international encryption just by purchasing a VerSecure-compliant CU from a CU vendor as long as local laws and regulations allow it. This can be in the form of a peripheral board (for example PCI or PCM/CIA), or a computer with a VerSecure-compliant chip already installed, or any other method the CU vendor chooses. Once the CU is installed, users register it with the SDA for their domain or country.

Once registered, the CU is given a token (PAT) that contains the set of COS it may use. The COS enables the correct encryption methods in the CU.

Customers get access to the encryption through any security-aware applications that use standard cryptography APIs. The strength of the encryption available in the user's domain is controlled by the policy set by the SDA. The end-user can use standard applications, such as email or Internet commerce applications, and get strong cryptography worldwide.



What the Experts Say
Experts and independent evaluators have access to design documents and source code so they can independently assess the VerSecure architecture and implementation to ensure there are no trap doors. Here are the preliminary results of their findings:



Find Out More About VerSecure

For the HP sales office nearest you, refer to your local telephone directory or call the HP regional sales office in your area.
Headquarters
3000 Hanover Street
Palo Alto, CA 94304
USA Telephone: (415) 857-1501
Europe, Africa, Middle East
Route du Nant-d'Avril 150
CH-1217 Meyrin 2
Geneva, Switzerland
Telephone: (41/22) 780-8111
Americas
5301 Stevens Creek Blvd.
Santa Clara, CA 95052
Telephone: (408) 246-4300
Asia Pacific
17-21/F Shell Tower
Times Square, 1 Matheson Street
Causeway Bay, Hong Kong
Telephone: (852) 599-777


Source: http://www.hpconnect.com/versecure/html/crypt.html

Supported Cryptography Methods

Classes of Services (COS)

An SDA defines an encryption policy by choosing a set of Classes of Service (COS). Each COS defines a cryptography algorithm and its attributes (i.e. key length, type of data, function and whether key management is required).

There are many variations of policies that an SDA can define using COS. An SDA may choose to allow weak and strong encryption with the option of having no key recovery. If there are no local regulations on encryption, the SDA can use any of the COS they would like in their policy. SDAs agree to include at least one COS that supports key recovery so users have the option of having key recovery. For example, the SDA can create a policy that allows:

An application such as email can then use any one of these.

List of approved COS

The following 15 COS have been approved for export. More restrictive variations or subsets of these COS are also approved and can be created for VerSecure if the business need arises.

A number identifies each COS. The COS table shows, for example, that when an SDA chooses COS 200, they allow the DES algorithm to be used on keys, data, and hashes for encryption, decryption, and signatures using a key length from 40-128 bits, and requiring no key management. Any SDA may choose to allow triple-DES with no key recovery by signing COS 200.

COS Algorithm Defining / Accepting Type of Data Function to be Applied Key Length in Bits Key Mgmt Req?
200 DES to triple-DES HP VerSecure / all SDAs Keys Data Hashes encrypt. decrypt. signature min 40, max 128 No
201 RC2 HP VerSecure / all SDAs Keys Data Hashes encrypt. decrypt. signature min 40, max 128 No
202 RC4 HP VerSecure / all SDAs Keys Data Hashes encrypt. decrypt. signature min 40, max 128 No
203 RSA HP VerSecure / all SDAs Key Hashes encrypt. decrypt. signature min 256, max 2048 No
204 Diffie- Hellman HP VerSecure / all SDAs Keys Data Hashes key exchange min 512 max 4096 No
205 pseudo random number generator HP VerSecure / all SDAs Keys Data Hashes key generation min 1, max 786 No
206 DES HP VerSecure / all SDAs Keys Data Hashes encrypt. decrypt. signature min 40, max 56 No
207 DES HP VerSecure / all SDAs Keys Data Hashes encrypt. decrypt. signature min 40, max 40 No
208 RSA HP VerSecure / all SDAs Data encrypt. decrypt. signature min 256, max 2048 No
280 DES to triple-DES HP VerSecure / all SDAs Keys Data Hashes encrypt. decrypt. signature min 40, max 128 Yes, key recovery
281 RC2 HP VerSecure / all SDAs Keys Data Hashes encrypt. decrypt. signature min 40, max 128 Yes, key recovery
282 RC4 HP VerSecure / all SDAs Keys Data Hashes encrypt. decrypt. signature min 40, max 128 Yes, key recovery
286 DES HP VerSecure / all SDAs Keys Data Hashes encrypt. decrypt. signature min 40, max 56 Yes, key recovery
287 DES HP VerSecure / all SDAs Keys Data Hashes encrypt. decrypt. signature min 40, max 40 Yes, key recovery
288 RSA HP VerSecure / all SDAs Data encrypt. decrypt. signature min 256, max 2048 Yes, key recovery