[107114] in Cypherpunks
Re: Triple DES ``standard``?
daemon@ATHENA.MIT.EDU (Rich Ankney)
Fri Jan 1 21:29:38 1999
From: "Rich Ankney" <rankney@erols.com>
To: <cryptography@c2.net>, <cypherpunks@cyberpass.net>, <dcsb@ai.mit.edu>,
"Digital Bearer Settlement List" <dbs@philodox.com>,
"Robert Hettinga" <rah@shipwright.com>
Date: Fri, 1 Jan 1999 21:20:00 -0500
Reply-To: "Rich Ankney" <rankney@erols.com>
I'd say Kawika and I are in total agreement about what's going on
in the banking security (standards) arena...
/ Rich
----------
> From: Robert Hettinga <rah@shipwright.com>
> To: cryptography@c2.net; cypherpunks@cyberpass.net; dcsb@ai.mit.edu;
Digital Bearer Settlement List <dbs@philodox.com>
> Subject: Re: Triple DES ``standard``?
> Date: Friday, January 01, 1999 5:20 PM
>
>
> --- begin forwarded text
>
>
> Date: Fri, 01 Jan 1999 15:05:09 -0500
> From: "Kawika Daguio" <kdaguio@aba.com>
> To: <rah@shipwright.com>
> Subject: Re: Triple DES ``standard``?
>
> Folks,
>
> I have been handling the technology policy and risk management issues at
> aba since 1992 and was at the Treasury before that. I often see odd
> reflections of the meetings and policy documents we are involved in and
> want to set the record straight.
>
> I can tell you that no one can tell the financial services industry how
to
> secure its systems. We talk to everyone, solicit a lot of advice, work
> with likeminded and some not so likeminded groups to find solutions that
> work for everyone, but no one tells us how to secure our systems.
>
> We have the greatest incentive, the most insight, experience, and the
> budgets (financial & other resources, change resources for example) that
> put us in the proper position to decide what we need to do.
>
> We appreciate the input of the NSA, NIST, and OMB.
> We work with the FBI, NSC and other alphabet soup agencies because we
have
> interests in common. These common interests include preventing or
stopping
> fraud, preventing attacks on our infrastructure. We may have other
> disagreements, but over time (and when we are in the right) our policy
> positions prevail.
>
> The battle over crypto (3des and clipper and export issues) has occupied
my
> time (partially) since 1993.
>
> Previous characterizations of the process lack a recognition of the
> complexity of the process and relationships between the parties involved.
> Much of the battles that appear to be being fought when looking at the
> historical record are dances performed for audiences outside the room and
> contradicted by personal communications between the two parties in the
room.
>
> When the proper parties (government and industry) work to educate each
> other over time, most of the problems and the politics "go away."
>
> After a great deal of work on all sides, we are pleased with the outcome:
>
> The 3des standard is in place;
> The AES is moving forward;
> The Federal government is adopting our standards:
> Export controls are no longer a restriction;
> Import controls (in other countries) are being addressed;
> Public key crypto and technology is positioned to supplement and in some
> places replace des;
> The industry has the foundations of a new policy in place to ensure that
> future transitions are smooth and less costly.
>
> I would encourage folks to stay away from looking at the day to day
> historical record because it isn't terribly instructive. The most
> important communications that take place in these debates are face to
face
> or over the telephone where records are not kept. In addition, the most
> aggressive and least representative communications are the ones sent and
> preserved on paper. Lastly, just like sausagemaking, policy making isn't
a
> pretty process.
>
> Happy New Year.
>
> Kawika Daguio
> speaking for myself, not the American Bankers Association (I am on
vacation)
>
> If someone would still like the record of the votes, I will provide it
upon
> request after I return to the office.
>
> <<< Robert Hettinga <rah@shipwright.com> 12/30 6:53p >>>
>
> --- begin forwarded text
>
>
> Reply-To: <rankney@erols.com>
> From: "Rich Ankney" <rankney@erols.com>
> To: <dcsb@ai.mit.edu>, "Digital Bearer Settlement List"
> <dbs@philodox.com>,
> "Robert Hettinga" <rah@shipwright.com>
> Subject: Re: Triple DES "standard"?
> Date: Wed, 30 Dec 1998 09:40:38 -0500
> Sender: <dbs@philodox.com>
> List-Subscribe: <mailto:requests@philodox.com?subject=subscribe%20dbs>
>
> <snip>
> > Actually, as I recall the tale, the Amercian Bankers
> > Association-sponsored ANSI-accredited X.9 Committee's blessing of DES3
> was
> > itself pretty interesting.
> >
> > I understood that the NSA lobbied bitterly against the X9 effort to
> > standardize 3DES as an ANSI standard, insisting that DES would surfice
> > until its successor was chosen.
> >
> > A couple years ago, when the X9 committee -- or maybe one of the X9
> > crypto subcommittees -- rejected that advice and initially recommended
> that
> > 3DES be made a standard, I was told that the NSA rep angrily declared
> that
> > 3DES would _never_ get an export license and would never be shipped
> > overseas. (Which may have put a damper on the 3DES standardization
> > effort;-)
> >
> > Unfortunately, these standards development efforts usually escape
> > the media's attention. Anyone on the list active in X9 and can give us
> the
> > real story?
> >
>
> I was at the meeting. This was a meeting of (I think) X9F3, which is a
> working
> group in X9F, which has several working groups doing security. 3DES was
> being pushed really hard by the Fed. The vote was to get a sense of how
> much interest there was in a 3DES standard. (There is no requirement to
> have such a vote to work on something; the X9 rules require a new work
item
> ballot sent to all X9 members.) The NO votes were, IIRC, from NSA (with
the
> above quote, more or less), IRS, and IRE (a commercial outfit located in
> Baltimore). NIST abstained. I don't recall the official X9 vote, but it
> was along
> the same lines. The work was done in a different working group, X9F1,
> chaired
> by the legendary Blake Greenlee. The standard was published a few months
> ago. Again, the Fed pushed really hard on this; kudos to them.
>
> I'm sure Cindy Fuller of the X9 Secretariat (cfuller@aba.com) would have
> the
> official X9 ballot results if anyone is interested...
>
> > Since the birth of X9 in the late 70s, the US National Security
> > Agency has its own representative on the X9 Committee. As one might
> > expect, the NSA has traditionally had significant influence over the
ANSI
> > "F" (crypto) subcommittees and cryptographic standards in financial
> > services. There was a time when Ft. Meade effectively dictated those
> > standards. Now, that is not necessarily so....
> >
>
> > (After the NSA blundered so badly in trying to force the Banking
> > industry to switch from DES to CCEP/Clipper in the late 80s, the
Agency's
> > mesmerizing control broken. The initial intro of CCEP/Clipper -- at an
> ABA
> > meeting -- proposed that only US owned institutions could have access
to
> > Clipper. At the time, as I recall, maybe 10-15 percent of the US banks
> > were foreign owned;-) The bankers couldn't believe that these idiots --
> > obviously so ignorant about the workings of the industry they were
trying
> > to defacto regulate -- were from the NSA of Legend and Lore.)
> >
>
> I didn't start attending meetings till the early '90's, but I can
certainly
> testify that Clipper/Fortezza were pushed really hard. In fact, X9F1 may
> still have open work items on some of this stuff (no work going on, but
> it needs a formal vote to remove it from the list). My major objection
was
> the attempt to standardize on a particular *product*, which used
classified
> algorithms, vs. standardizing on a public algorithm which could be
> implemented
> in H/W or S/W. So X9 ended up with: 3DES instead of Skipjack; DSA and
> RSA (and ECDSA real soon now) for signatures; and DH, RSA, and EC (real
> soon now) for key management. It's interesting that our DH standard
seems
> to have reinvented much of the interesting stuff in KEA.
>
>
> Regards,
> Rich
>
> --- end forwarded text
>
>
> -----------------
> Robert A. Hettinga <mailto: rah@philodox.com>
> Philodox Financial Technology Evangelism <http://www.philodox.com/>
> 44 Farquhar Street, Boston, MA 02131 USA
> "... however it may deserve respect for its usefulness and antiquity,
> [predicting the end of the world] has not been found agreeable to
> experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
>
>
>
>
> --- end forwarded text
>
>
> -----------------
> Robert A. Hettinga <mailto: rah@philodox.com>
> Philodox Financial Technology Evangelism <http://www.philodox.com/>
> 44 Farquhar Street, Boston, MA 02131 USA
> "... however it may deserve respect for its usefulness and antiquity,
> [predicting the end of the world] has not been found agreeable to
> experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
