1 March 1998: Add comments on HP VerSecure
Link to HP overview of
VerSecure
See related news report on US crypto
policy
28 February 1998
Date: Sat, 28 Feb 1998 14:18:22 -0500 To: cypherpunks@toad.com From: Michael Elder <melder@descartes.coker.edu> Subject: HP Crypto Export From the NY Times online (www.nytmes.com) February 28, 1998 Hewlett-Packard Granted License For Encryption System By Peter Wayner The Commerce Department has granted Hewlett-Packard an export license for its VerSecure encryption architecture allowing the company and its licensees to export strong encryption tools, the company announced Friday. The catch is that the products must take their orders from a central computer system that will dictate how all the products will behave in each country. The company hopes that the solution would break the deadlock between the Clinton Administration, which continues to restrict the export of secure computer technology throughout the world, and the computer industry, which contends that foreigners are not interested in buying products that don't protect their secrets. The new solution effectively disconnects the problem of distributing encryption technology from the process of determining the policy for government access to information. The heart is a new class of trusted hardware cards and chips that take their orders from a central company known as a Security Domain Authority or SDA. In countries, like France, that require people to keep a record of keys for unlocking data, the SDA would only allow the computers to encrypt information if it complied with the laws. In countries with no laws about encryption usage like the United States, Germany and Great Britain, the SDA would allow users to encrypt in whatever manner they choose. Hewlett-Packard sees the solution as a win for the industry, which will be able to build one set of hardware and software that can be shipped throughout the world. The SDA's will set the local rules because the computers will not encrypt information without first getting permission from the SDA. Doug McGowan, one of the director of Hewlett-Packard's efforts, said in a telephone interview, "Never before has a general purpose cryptography tool been exportable from the United States, with or without key recovery. We're opening a huge market for American industry to enable commerce on a worldwide basis." The price for this flexibility is the need for specialized hardware that treats the SDA as its master. In an ordinary computer, the owner can control all aspects of what the computer does. This extra hardware will raise the price of machines and is bound to be more expensive than software which can be distributed at minimal cost. Feisal Mosleh, a business development manager at Hewlett-Packard, pointed out that specialized hardware can offer faster performance and more security. "It is very hardware-specific with the flexibility of software and that gives us a lot of strength in terms of tamper resistance" he said in a phone interview. Many security experts continue to point out that general-use microcomputers and their operating systems are dangerously insecure. In one recent attack, hackers were able to begin transfers from a bank account by manipulating accounting software. Off-loading the process to specialized hardware makes it simpler to ensure that the system is secure because the special hardware has only one job. Hewlett-Packard says that it is licensing the architecture to a number of different computer vendors and announced that IBM, Motorola, CertCo, Trusted Information System, Microsoft and RSA Data Securities had already signed licenses. The vendors will be free to choose how they implement the special computer hardware, but most will probably use firmware with an embedded microprocessor. The initial version will reportedly include DES, tripleDES, RSA, RC2, RC4 and DiffieHellman algorithms. Each of these solutions can be sped up by specialized hardware, but only a general microprocessor can handle all of them with equal agility. The specialized hardware will also be tamper-proof to prevent people from circumventing the commands of the SDA. When an encryption card is first started up, it cannot begin working until it has received instructions from an SDA in its country. This information is contained in a "policy token." Joe Beyers, general manager of Hewlett-Packard's Internet Software business unit, explained, "The token says, 'You can use this amount of key, this amount of strength for this amount of time.'" Beyers went on to say, "The aspect of time allows the government to evolve their policy. Time limits are one of the attributes that made it attractive to the U.S. government." It would be possible for a government to change policy with the system from time to time, perhaps forcing citizens to use long keys in time of war to protect themselves and then relaxing the policy after peace emerged. In the current plan, policy tokens would be good for one year, forcing computers to re-register with an SDA in order to keep working. The SDA would have no control of a token after it was issued and would only be able to change policies at the renewal. The relationship between the SDA and the key recovery program is more difficult to describe. The SDA would not keep any records of any keys that would allow the police to eavesdrop on calls. But the policy tokens would force the embedded hardware to obey the local laws that might include key recovery. The FBI has asked Congress to mandate key recovery systems that give it clear access to all communications. The yearly interrogation between the SDA and the individual computers does not mean that the system will be foolproof. Someone could simply carry a laptop from a country that allows personal privacy to a country with more invasive laws and use it freely until the policy token runs out. Also, it may be possible to spoof the token authorization procedure by pretending that the request came from one country instead of another. Some critics found the use of special hardware to be problematic. Jim Lucier, a policy analyst for the Americans for Tax Reform, a Republican think tank, pointed out that specialized hardware was ignored by the marketplace in the past. "None of it ever works" he said, "because the more obvious solution, which is end-to-end encryption, is already there." Lucier also pointed out that specialized hardware is more complicated to engineer and much more expensive to distribute than software. "Atoms cost more than bits, it just comes down to that," he said. In a press conference Friday morning, Beyers promised that the new hardware was "months, not years away" and also promised that the hardware costs would be as low as possible. Marc Rotenberg, director of the Electronic Privacy Information Center, suggested that replacing the current export control bureaucracy with a network of SDA's was not a significant advance. "Government efforts to regulate crypto will only slow the development of commerce," he said. In fact, the decision by the United States government to grant a license to Hewlett-Packard's architecture is far from liberating. Companies making VerSecure products can only ship them to countries approved by the United States government, a list which at this time is limited to the United Kingdom, Germany, France, Denmark and Australia. More countries will become open if and when they create an SDA infrastructure that is acceptable to the United States. Hewlett-Packard has gone to great lengths to prevent rogue nations from setting up their own unauthorized SDA's by cloning hardware. The infrastructure uses CertCo's secure certificate servers to restrict the ability to create the software necessary to build the tokens. Beyers says that no one person at Hewlett-Packard has the ability to do this in order to reduce the potential for corruption and theft. Hewlett-Packard is also working heavily with foreign countries to assure them that the system does not include back doors that might be accessible by the United States government. Beyers said that the company had retained an international group of cryptographic experts to vet the system and allay any fears of hidden back doors. A press release from Hewlett-Packard quoted William A. Reinsch, undersecretary of commerce, as saying, "We are pleased to support HP's effort to develop and market encryption products that encourage the use of key recovery in providing robust, secure encryption. This approval and our ongoing dialogue with the industry are consistent with the Clinton Administration's goal of allowing the market to develop recoverable encryption products." Peter Wayner at pwayner@nytimes.com welcomes your comments and suggestions. Copyright 1998 The New York Times Company
Date: Sat, 28 Feb 1998 12:08:30 -0800 To: Michael Elder <melder@descartes.coker.edu>, cypherpunks@toad.com From: Tim May <tcmay@got.net> Subject: Re: HP Crypto Export At 11:18 AM -0800 2/28/98, Michael Elder wrote: >>From the NY Times online (www.nytmes.com) >Hewlett-Packard Granted License >For Encryption System > >By PETER WAYNER >known as a Security Domain Authority or SDA. In countries, like France, >that require people to keep a record of keys for unlocking data, the SDA >would only allow the computers to encrypt information if it complied with >the laws. In countries with no laws about encryption usage like the United >States, Germany and Great Britain, the SDA would allow users to encrypt in >whatever manner they choose. Until, of course, the U.S. changes its policy. A constant danger with any of these "solutions" is that they make later imposition of controls so much easier. Consider the implications of widespread deployment of the HP-type system (which, BTW, I don't think will happen in the U.S., or elsewhere). A simple change in the law and all new tokens (and they must be renewed yearly, so says HP) will implement the new law. The camel's nose in the tent strategy. The HP/IBM product is perniciously evil and should be fought with all technical and memetic means. --Tim May Just Say No to "Big Brother Inside" ---------:---------:---------:---------:---------:---------:---------:---- Timothy C. May | Crypto Anarchy: encryption, digital money, ComSec 3DES: 408-728-0152 | anonymous networks, digital pseudonyms, zero W.A.S.T.E.: Corralitos, CA | knowledge, reputations, information markets, Higher Power: 2^3,021,377 | black markets, collapse of governments.
Date: Sat, 28 Feb 1998 17:58:27 -0500 To: Tim May <tcmay@got.net> From: Declan McCullagh <declan@well.com> Subject: Re: HP Crypto Export Cc: Michael Elder <melder@descartes.coker.edu>, cypherpunks@toad.com At 12:08 -0800 2/28/98, Tim May wrote: >A constant danger with any of these "solutions" is that they make later >imposition of controls so much easier. Consider the implications of >widespread deployment of the HP-type system (which, BTW, I don't think will >happen in the U.S., or elsewhere). > >A simple change in the law and all new tokens (and they must be renewed >yearly, so says HP) will implement the new law. It's a sign of the times when Tim and I can agree on these things, or at least recognize the same problems. Note NONE of HP's press materials included that 1 year detail. --Declan ==== http://cgi.pathfinder.com/netly/afternoon/0,1012,1771,00.html One-Year Itch Even if you studiously ignore the arcana of encryption export rules, it's worth paying attention to a new product from Hewlett Packard. The government has OK'ed the overseas sale of HP's "VerSecure" boards and computer chips that have full-strength encryption built in -- but turned off by default. To engage the data-scrambling features, you'll need an "activation token." Catch is, however, that they last only one year, and the tokens also can open a "key recovery" electronic peephole for snooping government agents. This is the only way HP can hawk these things in France, a country with no shortage of such police. Now, the FBI wants to ban U.S. software without such peepholes. Doesn't crypto-crippleware make it much easier for the government to issue only key recovery tokens when everyone's existing ones expire? "Whatever the law is in the U.S., we will comply," says CEO Lewis Platt. --By Declan McCullagh/Washington
Date: Sat, 28 Feb 1998 21:36:43 +0000 From: Jon Ribbens <jon@oaktree.co.uk> To: ukcrypto@maillist.ox.ac.uk Subject: VerSecure - "strong encryption" exportable from the US http://www.hpconnect.com/versecure/ - follow 'VerSecure in the News'. So, has it been nobbled by the NSA, or is this the dawn of a New Age of Enlightenment at the White House? ;-) Cheers Jon -- ____ \ // Jon Ribbens // \// jon@oaktree.co.uk //
From: Thomas Womack <thomas.womack@merton.oxford.ac.uk> To: ukcrypto <ukcrypto@maillist.ox.ac.uk> Subject: Re: VerSecure - "strong encryption" exportable from the US Date: Sat, 28 Feb 1998 23:08:07 -0000 >http://www.hpconnect.com/versecure/ - follow 'VerSecure in the News'. > >So, has it been nobbled by the NSA, or is this the dawn of a New Age >of Enlightenment at the White House? ;-) Um, it's in hardware with hard-wired key recovery, according to the announcement. ("Key Recovery capabilities are available in every VerSecure Cryptography Unit. They can be used or not at the discretion of the user, consistent with the laws of the country where they will be using the product"). The interesting line is probably "The reason that VerSecure's Cryptographic Units may be broadly exported is that the cryptography functions programmed into the units are protected against tampering through an HP-patented technique. These cryptography functions are shipped dormant, until activated by a virtual token (administered by an HP Security Domain Authority server)". Having read many of Ross Anderson's papers, 'protected against tampering through a patented technique' doesn't hold much water for me. From the announcement alone, I'd trust the machines about as far as I could throw Fort Meade; I don't use algorithms I haven't seen source for, since, if source exists, there's always the possibility of checking whether the source is what's being run by the executable I'm using, if only by disassembling the executable or compiling the source and looking for appropriate strings of bytes in the executable. I don't know any method for assuring that hardware is indeed implementing what it's said to implement - unless it's possible to feed it known input and known keys and obtain the correct output, and it's not quite clear from the announcement that the CU will be able to accept keys provided by anything other than the SDU. "Additionally, we provided for the periodic expiration of the cryptographic functionality as a hedge against obsolescence." seems really disconcerting, since I can't see any way of implementing this without ending up with the possibility of being unable to decode legacy data. Tom
Date: Sat, 28 Feb 1998 19:15:30 -0500 To: ukcrypto@maillist.ox.ac.uk From: John Young <jya@pipeline.com> Subject: Re: VerSecure - "strong encryption" exportable from the US Peter Wayner has a good article on this in today's online New York Times, which examines the pros and cons. The HP system is exportable only to countries approved by the USG, of which there are an initial five: UK, Germany, France, Denmark and Australia. Any new candidate country must establish a "Security Domain Authority" (SDA) satisfactory to the USG. Moreover, the token which provides access to the crypto is limited to one year before lapsing and must be annually renewed to permit adjustment to fit national policy. Critics of the system have pointed out that that token renewal would also allow the US or any other nation to easily impose a clampdown, and for that reason HP's system may be seen a "camel's nose in the tent" precursor to tighter restrictions. And such a possibility requires that it be avoided -- and probably will be by the commercial market. http://www.nytimes.com We've put a copy at: http://jya.com/hp-sda.htm
Date: Sat, 28 Feb 1998 20:49:19 -0500 From: Stewart Baker <sbaker@steptoe.com> To: ukcrypto <ukcrypto@maillist.ox.ac.uk>, Subject: Re[2]: VerSecure - "strong encryption" exportable from the U Actually, once the ability to generate the tokens is exported (and that's what's been approved for the five countries), the US can't control the kind of crypto that is activated. The UK can. It can change policy and decide to restrict what crypto is enabled. But if commercial buyers think such a change is likely, that's probably a reason for commercial buyers to be interested in Versecure, not a reason to stay away. Commercial users won't thumb their nose at UK law. So if they bought hardwired crypto they'll have to throw out anything that doesn't conform to the new law unless they've got a flexible system like this. Same thing is true in reverse for French users. Why buy something that's been permanently weakened to meet French law when you can get something that's easily upgraded in place if French law changes?
From: Brian Gladman <gladman@seven77.demon.co.uk> To: ukcrypto@maillist.ox.ac.uk Subject: Re: Re[2]: VerSecure - "strong encryption" exportable from the U Date: Sun, 1 Mar 1998 09:29:45 -0000 -----Original Message----- From: Stewart Baker <sbaker@steptoe.com> To: ukcrypto <ukcrypto@maillist.ox.ac.uk> Date: 01 March 1998 07:49 Subject: Re[2]: VerSecure - "strong encryption" exportable from the U > Actually, once the ability to generate the tokens is exported (and that's > what's been approved for the five countries), the US can't control the kind > of crypto that is activated. The UK can. It can change policy and decide > to restrict what crypto is enabled. But if commercial buyers think such a > change is likely, that's probably a reason for commercial buyers to be > interested in Versecure, not a reason to stay away. > > Commercial users won't thumb their nose at UK law. So if they bought > hardwired crypto they'll have to throw out anything that doesn't conform to > the new law unless they've got a flexible system like this. I agree here but there are no laws in the UK restricting the use of cryptography other than in very limited domains (e.g. amateur radio). Moreover the current UK government has been very explicit in saying that, whatever its new policy is, it will ***not*** impose any constrants on the domestic use of crypography. I have lived with the HP ideas for nearly 5 years now and I know them pretty well. I do not doubt their technical quality (although I have not looked at this in any detail) but in my view HP have not paid sufficient attention to the political implications of their thinking. The main problem with the HP approach is that it is designed to put control of any cryptography it offers in the hands of entities known as the "Security Domain Authorities". Although in principle this authority need not rest with government, as far as I can tell HP has been promoting its concept in the belief that this authority ***will*** rest with government. It has certainly been in discussion with UK government representatives, including some from GCHQ, on just this possibility. Now why is it, with the US and the UK governments involved, and with NSA and GCHQ sitting in the background, that I somehow doubt that HP is doing us all a favour? More seriously, however, what right has HP got to offer the UK government the ability to control the domestic use of cryptography in the UK when there is absolutely no basis in law for any such control in the first place? This seems to me to be a very dangerous tactic for HP in that it can now be seen to intervene to support government controls on domestic cryptography in th UK in a situation where no-one in the UK wants this and even the government, in public at least, agrees. I do not mind HP pushing ICF, nor do I mind if they set up an SDA for it the UK. But I ***do*** mind that they should offer this role to the UK government, whose record in acting in the interests of its citizens in this area is open to doubt. If HP really has offered the UK government the ablity to control the domestic availability and use of cryptography here in the UK then I would consider this a conspiracy between HP and the UK government to undermine the democratic rights of UK citizens. Moreover any company taking this up cryprography in this form risks becoming a party to this conspiracy. If this is going on (and I, for one, hope it is not as I would rather like to go on buying HP laser printers!) then HP is on very, very dangerous ground. I do think, as a matter of urgency, that HP should 'come clean' in public on its actions and intentions here and I hope that those of you on this list who are in the media will encourage them to do so. Brian Gladman
Date: Sun, 1 Mar 1998 12:24:36 -0800 To: cypherpunks@algebra.com From: Tim May <tcmay@got.net> Subject: H-P has opened a real can of worms H-P will have an interesting public relations problem, and possibly a civil rights problem, when it begins cooperating in the issuance of Policy Tokens (or whatever) to Approved Persons (or whatever) for its new crypto system. When H-P refuses to issue a Policy Token to a Jew living in Jordan, or a PLO member living in Israel, or a Scientologist living in Germany, or a Jehovah's Witness living in Russia, or rebels in Myanmar, or abortion rights activists in any number of countries, and so on, they'll run smack into this problem. When H-P notifies a leading dissident in some country that his Policy Token cannot be renewed because the ruling regime has said is shall not, watch the sparks fly. (They may even run afoul of U.S. law, as with companies which cooperated in the Arab Boycott of Israel, and other such cases.) And as many of us have been saying for years, since _when_ is it any concern of the U.S. Export Cops (EAR, etc.) to worry about what France allow _into_ France, or what Russian allows _into_ Russia? The doubletalk from H-P gives the impression that it is somehow a matter of U.S. interest what other countries and regimes allow into their countries. H-P is opening a major can of worms on this one. I don't think they thought this thing through. --Tim May Just Say No to "Big Brother Inside" ---------:---------:---------:---------:---------:---------:---------:---- Timothy C. May | Crypto Anarchy: encryption, digital money, ComSec 3DES: 408-728-0152 | anonymous networks, digital pseudonyms, zero W.A.S.T.E.: Corralitos, CA | knowledge, reputations, information markets, Higher Power: 2^3,021,377 | black markets, collapse of governments.
Date: Sun, 1 Mar 1998 16:39:37 -0500 From: Stewart Baker <sbaker@steptoe.com> To: ukcrypto <ukcrypto@maillist.ox.ac.uk> Subject: Re[4]: VerSecure - "strong encryption" exportable from t Brian's response strikes me as overwrought. HP and everyone else who sells crypto hardware faces a market where there are many countries with controls and many without, and several that seem to be moving from one status to the other, or otherwise changing policy. Making many different products that can't interoperate is possible, of course, but not exactly what made the PC market take off. The Holy Grail is a security device that can be sold and installed everywhere without regard to special crypto regimes or changing policy. HP's solution is pretty close to that, since any applicable controls can be left to a quick and flexible downloaded token, while the product and the hardware can go everywhere. I don't think this a conspiracy, just a practical busnessman's way to get a ubiquitous security architecture actually deployed. And probably the only way, unless everyone thinks that Brian's libertarian views will suddenly sweep the world -- and in time to ship in 2Q98.