Subject: Electronic CIPHER, Issue 1, October 25, 1994 _/_/_/_/ _/_/_/ _/_/_/_/ _/ _/ _/_/_/_/ _/_/_/_/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/_/_/_/ _/_/_/_/ _/_/ _/_/_/_/ _/ _/ _/ _/ _/ _/ _/ _/ _/_/_/_/ _/_/_/ _/ _/ _/ _/_/_/_/ _/ _/ ========================================================================== Newsletter of the IEEE Computer Society's TC on Security and Privacy Electronic Issue 1 October 25, 1994 Carl Landwehr, Editor ========================================================================== Contents: Letter from the TC Chair [40 lines] Letter from the Editor [60 lines] Articles: o Franconia moves to Ireland --Li Gong [15 lines] o Report on the International Cryptography Workshop --Paul Syverson [160 lines] Calendar [45 lines] Interesting Links [70 lines] TC Officer Roster [10 lines] Information for Subscribers and Contributers _________________________________________________________________________ Letter from the TC Chair _________________________________________________________________________ Dear TC Members, Welcome to the newly revived Cipher and to the new, more active, Technical Committee on Security and Privacy. During the last several years we have not had a newsletter editor, and most of the TC efforts have been centered around our conferences. With the debut of this newsletter and several other activities in the works we hope to provide you with a more visible and active TC. What is the TC on Security and Privacy? It is one of 28 special-interest groups of the IEEE Computer Society, Technical Activities Board. Who are the members? You! Membership in the TC is automatically granted to anyone who attends one of the two TC sponsored conferences. In addition, anyone can request to become a member of the TC by filling out a membership application or by sending email to one of the TC officers. The TC has a Chair, a Vice Chair, and a Newsletter Editor. I am the current Chair and Deborah Cooper is the current Vice Chair. Carl Landwehr is the Newsletter Editor. Currently the TC sponsors two conferences, the Symposium on Security and Privacy and the Computer Security Foundations Workshop. In addition we participate as an, "in co-operation" organization with a number of other conferences and workshops on computer security. Our future plans include publishing and distributing Cipher, publishing one or more additional volumes of the Security and Privacy Compendium (the last several years of the Symposium Proceedings, published as a single book), and providing information on the Computer Society Info Server. We are a volunteer organization with a limited budget. We need your ideas, energy, and time! Terry Vickers Benzel Chair, TC on Security and Privacy _________________________________________________________________________ Letter from the Editor _________________________________________________________________________ Welcome to the new, electronic-only version of Cipher, the newsletter of the IEEE Technical Committee on Security and Privacy. I believe Cipher should emphasize NEWS: I don't expect to publish lengthy research contributions (though I will be happy to provide pointers to places from which they can be retrieved). I intend to publish Cipher quarterly at first, but I will move to monthly publication if good material is available. I will try to solicit interesting items and apply editorial judgment so that "Cipher" is a name, not a description. This issue is appearing largely to solicit contributions: I expect to edit Cipher, not to write it! The mailing list for this initial issue has been constructed from the Security and Privacy Symposium's database and some other lists I was able to find. Instructions for subscribing (if you are reading someone else's copy) or unsubscribing (if you are not interested) can be found at the end of the issue. This issue is appearing NOW in part as a reminder that the November 7 deadline for submissions to the TC's primary annual meeting, the Symposium on Security and Privacy, is fast approaching (see Calendar). The Program Committee has been working hard to encourage submissions reporting on new work of broad interest, but they need your help. If you know of work that you would like to hear reported at the Symposium, please encourage its submission. I expect (hope!) Cipher's regular Table of Contents will include: - Letter from the TC Chair - Letter from the Editor - Articles Conference reports: what were the most significant happenings at recent symposia, conferences, workshops? Security news: significant new events, products, laws, regulations Comments on technical events, trends, policy, etc. of general interest. Cipher is not a bulletin board, but thoughtful, brief comments on relevant topics are welcome. - Reader's guide to recent security and privacy literature: Reviews of books and articles ( & movies?) Tables of contents of relevant journals and conference proceedings Pointers to servers where articles can be found - Standards news Brief summary of relevant standards activities - Calendar: events of interest to TC members: dates, topics, points of contact. - Interesting links: URLs of potential interest to security and privacy researchers - TC officers' names and addresses I particularly want to thank Paul Syverson for providing our initial conference report. I would like to publish future reports on specialized meetings such as the one Paul summarizes as well as the NCSC, ESORICS, ACM's Conference on Computer and Communication Security (CoCCS), the Annual Computer Security Applications Conference (ACSAC), the Computer Security Foundations Workshop, Crypto NN, Eurocrypt, Asiacrypt, and others. if you would like to be a reporter, (or a book or article reviewer, or a standards reporter, or ...) please send me a note. Carl Landwehr Editor, Cipher ___________________________________________________________________________ Franconia Moves to Ireland by Li Gong ___________________________________________________________________________ The 8th IEEE Computer Security Foundations Workshop (CSFW-8) will be held at County Kerry, Ireland, June 13-15, 1995. This marks the first time the workshop series is not held in Franconia, New Hampshire, but the atmosphere will be just as intimate and the surroundings just as Franconia, and the location is easily accessible from major airports in Europe and North America. Author's submission (5 copies of paper or panel proposal) by February 3, 1995, acceptance notification by March 14, and final paper due April 3. For more information, access http://www.csl.sri.com/ieee-csfw/csfw.html or contact workshop General Chair (Simon Foley, UCC, Ireland, s.foley@cs.ucc.ie) or Program Chair (Li Gong, SRI, USA, gong@csl.sri.com). ___________________________________________________________________________ Report on the International Cryptography Institute 1994: Global Challenges by Paul Syverson ___________________________________________________________________________ Sept. 22-23, 1994 Ritz Carlton Hotel Washington, DC Presented by The National Intellectual Property Law Institute This workshop addressed some technical, legal, and policy issues of cryptography facing governments, users, and purveyors. Program chair Dorothy Denning opened the workshop, noting that with key escrow we are on the verge of a new era analogous to the advent of public key cryptography. Key escrow was one of the main topics of the workshop. Nonetheless, William Caelli of Queensland University of Technology stated that the key escrow debate is drawing attention away from the more important problem of protecting the information infrastructure itself. In another claim that concern, or at least emphasis, was being misdirected, he expressed a suspicion that steganography (traffic and message hiding) is responsible for more of the criminal use of security technology than is cryptography. The following will focus primarily on the talks that discussed technical mechanisms rather than those that discussed the law per se. On the topic of key escrow, John Droge, of Mykotronx, noted that the largest application of this technology was likely to be the business use of escrow for key recovery rather than law enforcement or national security. He also said that customers from countries outside the US were interested in Clipper, and they were not worried about the US government holding the escrowed keys. A question was raised about whether or not government escrow agents for Clipper would be used for business or personal key recovery. The short answer seems to be "no". Steve Walker of TIS presented an alternative key escrow system based in software. He cited cost and simplicity of operation as primary motivations for software-based encryption over hardware. He stressed that software key escrow was an option, not a replacement for hardware, and that each had advantages in different contexts. He also discussed the relative merits of having nongovernmental escrow agents, even for law enforcement purposes. A number of people raised liability as a major stumbling block to having private escrow agents. Denning, of Georgetown University, described some of the options and complexities for escrowed encryption of international communication and the use of escrowed encryption products in countries other than in the countries where the keys are escrowed. Speakers from many European countries (especially western European) and some Asian countries, as well as the United States and Australia described policy towards and/or use of cryptography both within their countries and between their countries and others. Jim Schindler of Hewlett-Packard presented a hardware-based proposal to address the varied cryptographic policy and regulations in different countries: a PCMCIA card into which a national flag card (about the size of a US dime) can be inserted. The national flag card is designed to use the approved algorithms and follow the legal requirements of the country in question. Flag cards for several countries have already been produced. The keynote address was given by FBI director Louis Freeh. He spoke primarily about the FBI's current initiative supporting the digital telephony bill, which roughly requires that any telephone system installed in the US facilitate wiretapping by law enforcement. (This bill has since passed.) Perhaps the most surprising statement came during the question period after his talk. Roughly, he was asked if, supposing the digital telephony wiretap law were passed and Clipper adopted, but the FBI was unable to decrypt messages in important cases, would he then push for more than voluntary compliance. His answer was, "Definitely".[See following item--CEL] Charles Brookson of British Telecom described the GSM mobile telephone system, which has authentication and privacy mechanisms and currently allows customers to call or be reached in 58 countries. Jean-Jacques Quisquater of the University of Louvain described mechanisms for international exchange of digital signatures including identity-based schemes for authentication and dual paths through alternate trusted third parties. Sead Muftic of Stockholm University, citing the need for simple-to-use security mechanisms in international business transactions, described some available technologies for authentication, integrity, privacy, non-repudiation. Several speakers described the use of/need for cryptographic APIs to allow the development of products that would directly provide for cryptographic needs. Current US export control has caused many producers to avoid building cryptography into their products so as to avoid the need to make dual products, one for export and one for domestic use. David Balenson of TIS presented the current results of an ongoing survey of the world-wide availability of cryptographic products. This study was commissioned by the Software Publishers Association to respond to US government assertions that no (quality) foreign products were available, so export controls were not harming US firms. As of June 1994 they had identified 392 products from 22 countries outside the US, 166 of which employ DES. Many of these products had been examined and found to be of comparable quality to US products. Mitsuru Iwamuru of the Bank of Japan said that their network currently makes widespread use of DES for both confidentiality and generation of MACs (Message Authentication Codes). Primary use of DES was also noted by Gene Rao of Chase Manhattan Bank. Citing liability concerns, he said that they will implement any other algorithm a customer wants, provided that the customer waives related liability. Nonetheless, using bank industry examples, Mark Lomas of Cambridge University noted that symmetric key cryptography allows for general repudiation of messages in ways that public key does not. He made a related observation concerning the Clipper chip. He observed that, because it operates in output feedback mode, it is easy to produce the keystream and then an alternative message to repudiate a message introduced as evidence. He noted that it would be nice if law enforcement officials could convincingly argue that it was impossible for them to produce messages introduced as evidence. This workshop raised many problems in worldwide use of cryptography. It portended interesting developments in a legal and policy infrastructure that can address both national concerns and the concerns of those who function in international markets. As one example, US export control arguments are clearly going to become harder to sustain. First, there is the now documented evidence that quality encryption products are being produced in many countries. Second, technology shifts can obviate previous decisions. For example, a book that includes C code transcriptions of numerous cryptographic algorithms was previously allowed to be exported from the US, but not the accompanying floppy discs. When this was mentioned at the workshop, one of the discussants mentioned that the widespread availability of OCR (optical character recognition) devices makes the distinction implicit in this decision somewhat dubious technologically. In fact, the entire decision is now being reevaluated by the Commerce Department. [The Washington Post reported on 15 October that the export of the floppy discs continues to be prohibited.--CEL] Whether or not key escrow puts us on the verge of a new era in cryptography, as Denning claimed, is difficult to say. On the one hand, there are no fundamental new technological insights necessary on par with those that occurred fifteen years ago with the advent of public key cryptography. As Denning pointed out in her talk, even traditional server based key distribution using shared keys can be a basis for escrow if the server retains the keys it distributes. On the other hand, escrow does seem to represent an important shift in the way cryptography is implemented and in its perceived role in society. If this workshop indicated fascinating legal and policy developments in the global cryptographic environment, one of the surprising things about the workshop was the amount of technology, either implemented or in prototype, that is meant to address the current _and_ the emerging environment. And, this technology has been and is being developed in many countries around the world. --Paul Syverson +++++++++++++++++++++++++++++++++ The following summarizes part of an item circulated by e-mail October 21 under Steven Levy's name. The FBI Public Affairs Office, evidently seeking to clarify Director Freeh's comment concerning future FBI policy regarding private use of encryption, issued a statement making the following points: (1) The Director will continue to advocate public safety through lawful electronic surveillance while also "insuring the needs of industry and the privacy of our citizens" (2) While the Director supports Clipper, he encourages the development of alternative key escrow schemes that would also meet the needs of law enforcement. (3) The Director encourages what he sees as the current process of government and industry working together to find a balance that would let business flourish, allow citizens to communicate securely, and insure public safety. "He is confident that solutions can be reached that will satisfy these requirements." --CEL +++++++++++++++++++++++++++++++++ __________________________________________________________________________ Calendar __________________________________________________________________________ Dates Event, Location Point of Contact/ more information ----- --------------- ---------------------------------- 11/ 2/94-11/ 4/94: ACM COCCS-2, Fairfax acmccs2@isse.gmu.edu 11/ 7/94-11/ 9/94: ESORICS, Brighton, UK IMACRH@V-E.ANGLIA.AC.UK 11/ 7/94: IEEE S&P papers due meadows@itd.nrl.navy.mil http://www.itd.nrl.navy.mil/ITD/5540/announce/SP95.html 11/28/94-12/ 1/94: Asiacrypt, Wollongong asiacrypt@osiris.cs.uow.edu.au 12/ 5/94-12/ 9/94: ACSAC - Orlando marmor@charm.isi.edu 1/14/95: COMPASS '95 papers due ftp.csl.sri.com rushby@csl.sri.com http://www.csl.sri.com 2/ 3/95: CSFW-8 papers due gong@csl.sri.com http://www.csl.sri.com/ieee-csfw/csfw.html 2/16/95- 2/17/95: PSRG-Symp, San Diego jte@cert.org (Jim Ellis) 3/17/95: DCCA-5 papers due morganti@settimo.italtel.it 3/20/95: IFIP WG11.3 papers due ting@eng2.uconn.edu (T.C.Ting) 4/ 3/95: IEEE S&P 5-min talk abstracts due meadows@itd.nrl.navy.mil 3/24/95: NSPW '95 papers due (hardcopy): meadows@itd.nrl.navy.mil OR 4/ 1/95: NSPW '95 papers due (e-mail): John.Dobson@@newcastle.ac.uk 3/ 1/95: NCSC-18 papers due NCS_Conference@Dockmaster.ncsc.mil 5/ 7/95- 5/12/95: IEEE S&P 95 dmj@mitre.org (registration) 5/ 9/95- 5/11/95: IFIP/SEC '95 Capetown IFIPSEC95@RKW.RAU.AC.ZA 5/16/95- 5/19/95: 7th CCSS, Ottawa CCSS7@cse.dnd.ca 5/22/95- 5/24/95: Eurocrypt '95, France not available 6/13/95- 6/15/95: CSFW-8, Ireland s.foley@cs.ucc.ie 6/26/95- 6/30/95: COMPASS '95 BONNIE.DANNER@trw.sprint.com 8/13/95- 8/16/95: IFIP WG11.3,New York(RPI)ting@eng2.uconn.edu (T.C.Ting) 8/22/95- 8/25/95: NSPW '95 San Diego (UCSD) meadows@itd.nrl.navy.mil 8/20/95- 8/24/95: Crypto'95 Santa Barbara not available 9/27/95- 9/29/95: DCCA-5, Champaign, IL Ravi Iyer 10/10/95-10/13/95: NCSC-18, Baltimore NCS_Conference@Dockmaster.ncsc.mil 5/ 5/96- 6/ 9/96: IFIP/SEC 96 - Greece IFIP TC 11 Key: CCSS = 7th Annual Canadian Computer Security Symposium CSFW = Computer Security Foundations Workshop DCCA = Dependable Computing for Critical Applications IEEE S&P = IEEE Symposium on Research in Security and Privacy IFIP/SEC = International Conference on Information Security (IFIP TC11) IFIP WG11.3 = IFIP WG11.3 9th Working Conference on Database Security NCSC = National Computer Security Conference NSPW = New Security Paradigms Workshop PSRG-Symp = Internet Society 1995 Symposium on Network and Distributed System Security __________________________________________________________________________ Interesting Links __________________________________________________________________________ Format: URL (first line) followed by description (second line) Government sources: ------------------- http://www.whitehouse.gov If you want to start at the top! http://csrc.ncsl.nist.gov/ NIST Computer Security Resource Clearinghouse - pointers to many places http://www.itd.nrl.navy.mil:80/ITD/5540/ NRL Center for High Assurance Computer Systems, with IEEE and XTP-1 ptrs http://infosec.nosc.mil/infosec.html SPAWAR INFOSEC Homepage http://ftp.arpa.mil/ ARPA home page http://mosaic.larc.nasa.gov/nasaonline/gov.html NASA Langley Research Center - and pointers to other Government Labs http://www.sei.cmu.edu/ Software Engineering Institute Information Server Professional societies and organizations: ----------------------------------------- http://www.computer.org IEEE Computer Society home page http://www.acm.org ACM home page, with pointers to IFIP, Internet Society, etc. http://info.isoc.org/ Internet Society Home Page http://www.ietf.cnri.reston.va.us/home.html Internet Society's Internet Engineering Task Force home page http://www.dit.upm.es/~cdk/ifip.html IFIP Home Page Other places for interesting research papers and announcements -------------------------------------------------------------- http://www.csl.sri.com/ SRI-CSL SRI International Computer Science Lab home page http://riwww.osf.org:8001/ OSF Research Institute home page http://info.gte.com/ftp/doc/doc.html Distributed Object Computing - GTE Research group home page http://www.research.att.com/ An AT&T Bell Laboratories Research World-Wide Web Server http://www.rdt.monash.edu.au/tr/siteslist.html Computer Science Technical Reports Archive Sites http://www.comlab.ox.ac.uk/oucl/people/jonathan.bowen.html Jonathan Bowen http://www.tansu.com.au/Info/communications.html {Tele}Communications Information Sources http://dfw.net:80/~aleph1/ Uebercracker's Security Web __________________________________________________________________________ TC Officer Roster __________________________________________________________________________ Chair: Vice Chair: Terry Vickers Benzel Deborah Cooper Trusted Information Systems Director, Information Systems Security 11340 W. Olympic Blvd, Suite 265 Unisys Govt. Information Systems Group Los Angeles, CA 90064 12010 Sunrise Valley Drive (310) 477 - 5828 Reston, VA 22091 tcvb@la.tis.com (703)847-3895 cooper@rtc.reston.paramax.com Newsletter Editor: Standards Subcommittee Chair Carl Landwehr [VOLUNTEEER NEEDED!] Code 5542 Naval Research Laboratory Washington, DC 20375-5337 (202)767-3381 Landwehr@itd.nrl.navy.mil _____________________________________________________________________________ Information for Subscribers and Contributors _____________________________________________________________________________ SUBSCRIPTIONS: To subscribe, send e-mail to (which is NOT automated) with subject line "subscribe". To remove yourself from the subscription list, send e-mail to cipher-request@itd.nrl.navy.mil with subject line "unsubscribe". Those with access to hypertext browsers may prefer to read Cipher that way. It can be found at URL http://www.itd.nrl.navy.mil/ITD/5540/IEEE/cipher CONTRIBUTIONS: to are invited. Cipher is a NEWSletter, not a bulletin board or forum. It has a fixed set of departments, defined by the Table of Contents. Please indicate in the subject line for which department your contribution is intended. For Calendar entries, please include an e-mail address for the point-of-contact. ALL CONTRIBUTIONS CONSIDERED AS PERSONAL COMMENTS; USUAL DISCLAIMERS APPLY. All reuses of Cipher material should respect stated copyright notices, and should cite the sources explicitly; as a courtesy, publications using Cipher material should obtain permission from the contributors. ARCHIVES: don't exist yet! =============================================================================