Computer underground Digest Tue Aug 17 1993 Volume 5 : Issue 62 ISSN 1004-042X Editors: Jim Thomas and Gordon Meyer (TK0JUT2@NIU.BITNET) Archivist: Brendan Kehoe Shadow-Archivists: Dan Carosone / Paul Southworth Ralph Sims / Jyrki Kuoppala Ian Dickinson Copie Editor: Etaoin Shrdlu, Senior CONTENTS, #5.62 (Aug 17 1993) File 1--CU News ("Software felons," "Valuing Info," et. al.) File 2--CuNews ("Technofogies" and more) File 3--Another BBS Seizure in Hartford File 4--Call for Clipper Comments Cu-Digest is a weekly electronic journal/newsletter. Subscriptions are available at no cost electronically from tk0jut2@mvs.cso.niu.edu. The editors may be contacted by voice (815-753-0303), fax (815-753-6302) or U.S. mail at: Jim Thomas, Department of Sociology, NIU, DeKalb, IL 60115. Issues of CuD can also be found in the Usenet comp.society.cu-digest news group; on CompuServe in DL0 and DL4 of the IBMBBS SIG, DL1 of LAWSIG, and DL1 of TELECOM; on GEnie in the PF*NPC RT libraries and in the VIRUS/SECURITY library; from America Online in the PC Telecom forum under "computing newsletters;" On Delphi in the General Discussion database of the Internet SIG; on the PC-EXEC BBS at (414) 789-4210; and on: Rune Stone BBS (IIRG WHQ) (203) 832-8441 NUP:Conspiracy; RIPCO BBS (312) 528-5020 CuD is also available via Fidonet File Request from 1:11/70; unlisted nodes and points welcome. EUROPE: from the ComNet in LUXEMBOURG BBS (++352) 466893; In ITALY: Bits against the Empire BBS: +39-461-980493 ANONYMOUS FTP SITES: UNITED STATES: ftp.eff.org (192.88.144.4) in /pub/cud etext.archive.umich.edu (141.211.164.18) in /pub/CuD/cud halcyon.com( 202.135.191.2) in /pub/mirror/cud aql.gatech.edu (128.61.10.53) in /pub/eff/cud AUSTRALIA: ftp.ee.mu.oz.au (128.250.77.2) in /pub/text/CuD. EUROPE: nic.funet.fi in pub/doc/cud. (Finland) ftp.warwick.ac.uk in pub/cud (United Kingdom) COMPUTER UNDERGROUND DIGEST is an open forum dedicated to sharing information among computerists and to the presentation and debate of diverse views. CuD material may be reprinted for non-profit as long as the source is cited. Authors hold a presumptive copyright, and they should be contacted for reprint permission. It is assumed that non-personal mail to the moderators may be reprinted unless otherwise specified. Readers are encouraged to submit reasoned articles relating to computer culture and communication. Articles are preferred to short responses. Please avoid quoting previous posts unless absolutely necessary. DISCLAIMER: The views represented herein do not necessarily represent the views of the moderators. Digest contributors assume all responsibility for ensuring that articles submitted do not violate copyright protections. ---------------------------------------------------------------------- Date: Sat, 31 Jul 93 02:01:00 BST From: grmeyer@GENIE.GEIS.COM Subject: File 1--CU News ("Software felons," "Valuing Info," et. al.) Software Felons =============== A federal grand jury in California handed down felony indictments for software piracy near the first week of July. These are the first indictments under the law that makes copyright infringement a fel ony. The indictments follow coast-to-coast raids over the past four months where US Marshals seized over 9.5 millions dollars worth of MS-DOS and Windows operating systems. (Information Week. July 12, 1993. pg 8) Valuing Information =================== How much are your computer files really worth? The Information Systems Security Association has put together a panel to create a methodology for determining the value of information. Representatives from Chase Manhattan Bank, Bank America, and Motorola are among the panel members. The ISSA suggests that valuation can be determined in three ways: Cost to acquire/develop/maintain the info, value to owners/others, and commercial value. (Information Week. July 12, 1993. pg 62) Virus "fax vote" results ======================== Information Week magazine recently conducted a self-selected survey of IS managers and virus security. Some of the more interesting results include: Measures implemented to deal with virus threat: 65% training 86% purchased anti-viral software Company practices altered as a result of virus threat: 49% use of shareware 47% downloading from BBSs State of the virus threat during the past 12 months: 48% increased 34% stayed the same Number of machines infected during past year: 42% none 46% less than 25% For the complete results in each category, and for other questions and comments, refer to Information Week. July 19, 1993. Pgs 25 and following. Holy Data Islands! ================== The Wall Street Journal (July 12, 1993 p B-2) reports that a company founded by Ed Leonard has been farming out data for storage at monasteries. Customers like the prices, and the dedication and discretion of the monks is apparently unmatched. (Information Week. July 19, 1993. pg 62) Singapore Piracy ================ Lotus and Novell have filed criminal charges against a man and wife in Singapore after they were found guilty in a civil suit for copyright and trademark violations. The companies obtained a court or der to freeze nearly one million dollars in assets belonging to the pair, who had sold thousands of illegal software copies in Southeast Asia. (Information Week. May 10, 1993. pg. 8) Computer Ethics Institute Conference ==================================== Information Week reports that Congressman Edward Markey (D - Mass.) made the following remarks at the conference. "Just because personal information can be collected electronically, can be gleaned off the network as people call 800 number or click channels on the television, or can be cross-referenced into sophisticated lists and put on line for sale to others, does not mean that it has been technologically predetermined that privacy and social mores should be bent to that capability. (...) The Constitution is a 200-year-old parchment, simply because we digitize the words should not suggest their meanings change." Later, Markey commented that "Real harm can be done in the virtual world." Refer to "Ethics and Cyberculture" , Information Week, May 10, 1993 pg. 60 for more information on the conference and Markey's speech. Follow-up on Epson America Email Case ===================================== Alana Shoars, plaintiff in a case against Epson America, reports that she's "slogging forward" with the case. Shoars was dismissed from her Email administrator job in January 1990 after she complained that by monitoring employees' Email the company was invading their privacy. Her wrongful termination lawsuit, as well as a class-action lawsuit brought on behalf of 170 Epson employees, is in appellate court. (Information Week. July 26, 1993. pg 62) Political Censorship at Microsoft? ================================== Gregory Steshenko was allowed to emigrate from the Soviet Union to the US in 1987. Last September he landed a job with Microsoft as a support engineer. Last month he was fired, he says, for sending political messages over the Internet. Microsoft contends it was solely for performance reasons. Steshenko's messages typically centered on the political situation in his native Ukraine, and his view that the Ukrainian government is more corrupt than the previous Communist government. ( In fact, Steshenko was once imprisoned in the Soviet Union for spreading "anti-Soviet propaganda"). He comments: ". ..it looks to me like I've found another kind of Big Brother. In the Soviet Union it was the party and the state. In the US, it is the corporation." (Information Week. July 26, 1993. pg 62) Fraud Free with AT&T ==================== AT&T has announced a service that will help protect corporate calling card users from fraudulent use of their card number: AT&T Card Protect (sm) Service gives you real control over card usage. To help prevent unauthorized use, we offer you a range of measures such as geographic restrictions, purchase limits and account passwords to meet your specific calling needs. 24 hours a day, 7 days a week, our Fraud Analysis and Surveillance Center provides state-of-the-art security coverage for every one of your employee's cards. It helps to identify unauthorized card use in real time, allowing prompt action to be taken. Dr. Dobb's Editor Speaks Out Against Clipper Chip ================================================= Jonathan Erickson, editor-in-chief of Dr. Dobb's Journal, writes about the government's "clipper" chip in his July 1993 editorial. Mr. Erickson begins by describing some of the antics and crimes of Ke vin Poulsen, a hacker whose story is familiar to regular CuD readers. After discussing Paulsen, the gist of the FBI's proposal, and the clipper Erickson concludes with this statement: Money and export concerns aside, the real issues remain those of privacy and the government's attitude towards its citizens. What we're witnessing is a fundamental shift from what we've considered to be our Constitutional right to privacy to a view that the government is privy to our most private conversations. This alone is enough to make Kevin Poulsen look like nothing more than an angel with a dirty face. (Dr. Dobb's Journal. July 1993. pg 8) Nosy Bosses =========== Based on a survey in Macworld, an estimated 20 million US employees may be victims of electronic monitoring on the job. Of the 21% of employers admitting to checking up on employees, 74% had searched electronic work files, 42% had searched workers' email and 15% had searched voice mail. When the survey asked why, the nosy respondents replied that their snooping was to monitor work flow or to invest igate espionage and theft. (Communications of the ACM. Aug 1993. pg 9 reprinted with permission) Lax on Tapes ============ The Clinton administration has been blasted by a federal judge on its promise to make good on preserving nearly 6,000 computerized White House records that hold millions of National Security Council e mail messages. In January the judge ordered the tapes copied for preservation. As of late June, the judge threatened to fine the White House and National Archives $50K a day for not complying with prior orders each day the tapes aren't copied. Justice Department lawyers have tried in vain to appeal the order, citing the timetable of the task as causing "irreparable disruption of White House operations". (Communications of the ACM. Aug 1993. pg 10 reprinted with permission) Disco Tech ========== Timothy Leary, the Harvard prof known for his hallucinogenic escapades in the '60s and Virtual Reality experimentation of more recent times, has designed the VR programs for Light, Wisdom, and Sound, a new night club in New York. VR could be on the brink of rivaling dance floors as nightlife entertainment. However, club owners are worried that happy clubbers may never leave the private VR sex room once they get in - it's one of the main attractions of the club. (Communications of the ACM. Aug 1993. pg 10 reprinted with permission) ------------------------------ From: grmeyer@GENIE.GEIS.COM Date: Sat, 7 Aug 93 21:38:00 BST Subject: File 2--CuNews ("Technofogies" and more) Technofogies ============= A survey by Dell Computer Corp found that technophobia is alive and well in the United States. In a survey of 500 adults and 1000 teenagers found that about 25% of the adults has never used a computer, programmed a VCR, or set-up the stations on their car radio. About a third said they feared they might damage a computer during normal use, and a quarter of them said they wouldn't use a computer un less they were forced to do so. About the same percentage said they still miss their typewriters. As you might expect, the results were drastically different for the teens in the sample. Only 8% of them had never used a computer. About the same percentage said they felt uncomfortable using one without assistance. Roughly two-thirds of both groups said they wished computer terminology was easier to understand. Contact Dell Computer Corp for more information about the study. (Information Week. August 2, 1993 pg. 46) More on "Tiger Teams" ===================== Harlan Crouse, a security specialist with the US Army, has a guest editorial in the August 2, 1993 issue of Information Week (pg. 52). Crouse responds to IW's earlier story about firms that use so-called 'tiger teams' of ex-hackers to test security. The following are some excerpts from the editorial. ...using convicted computer criminals to do information security work is the height of folly. We don't use former armed robbers as bank guards and we don't use child molesters as sex therapists; why should we trust our precious information to convicted felons? (...) Common sense dictates that if you something to valuable, you work to protect it. That means all the time - not just when it's convenient or when a security deficiency has become nearly disastrous. What would you think of people who lock the door to their houses only sometimes, or only after their houses have already been burglarized? Lapses in security are almost always traceable, directly or indirectly, to management's inattention to the need to protect organizational assets. Yet managers are seldom held accountable for their negligence. Unfortunately, it's the taxpayers, customers, stockholders, and employees who pay. ------------------------------ Date: Wed, 11 Aug 93 11:58:26 GMT From: Wes Morgan Subject: File 3--Another BBS Seizure in Hartford This was posted to Usenet's alt.censorship newsgroup. > * Forwarded by MATT GIWER from the Main Board conference. > * Original from DON KIMBERLIN to ALL on 08-09-93. > >Date: 08-03-93 (22:35) Number: 1089 >From: KENNETH PAVLAK Refer#: NONE > To: ALL Recvd: NO >Subj: Sysop held on $500,000 Bail Conf: (24) F-Law&Dis >--------------------------------------------------------------------------- >The Hartford Courant on August 5, 1993 (page b-4) stated that a 21 year >old computer BBS operator was arrested for maintaining a computer >bulletin board that had a bomb making recipe. > >Michael Elansky was charged by the West Hartford police with inciting >injury to persons or property - a felony charge - and risk of injury >to a minor. > >He was held in lieu of $500,000 bond (in CT the bond for a person accused >of murder is normally $100,000) > >Det. Capt. James Gustafson said the case was "sealed" and no information >could be released. > >Michal Elansky's father said information from the Anarchists Cook Book >(Available from Paladin Press, P.O. Box 1307, Boulder, CO 80306, >phone 303-443-7250) was on the bbs placed there by person or persons >unknown; it was impossible for his son to keep track of due to the >number of calls to his bbs. > >And so, Big Brother now says that passing along information will get >a person 21 years old locked up on a half a million dollars bail, while >accused murderers get out on 100,000 dollars. The newspaper did not >say if the computer or the files from it were taken. > >Can the people who were on that bbs look forward to a "Visit" from >the servants of Big Brother? > >Will they be arrested if they downloaded VERBOTEN information? Will >there be MASS ARRESTS of people who have knowledge that is no longer >permitted? > >Time will tell > >=== GEcho 1.00 > > * SPEED 1.30 >01< * Remember, god works in meaningless ways. > > >-- >Internet: Matt Giwer@mechanic.fidonet.org >UUCP: ...!myrddin!mechanic!326!Matt.Giwer >Note: mechanic is a Fidonet<>USENET gate for TAMPA BAY,FL. > The opinions stated in this post are only my own! ------------------------------ Date: Tue, 17 Aug 1993 14:23:16 EST From: Dave Banisar Subject: File 4--Call for Clipper Comments Call for Clipper Comments The National Institute of Standards and Technology (NIST) has issued a request for public comments on its proposal to establish the "Skipjack" key-escrow system as a Federal Information Processing Standard (FIPS). The deadline for the submission of comments is September 28, 1993. The full text of the NIST notice follows. CPSR is urging all interested individuals and organizations to express their views on the proposal and to submit comments directly to NIST. Comments need not be lengthy or very detailed; all thoughtful statements addressing a particular concern will likely contribute to NIST's evaluation of the key-escrow proposal. The following points could be raised about the NIST proposal (additional materials on Clipper and the key escrow proposal may be found at the CPSR ftp site, cpsr.org): * The potential risks of the proposal have not been assessed and many questions about the implementation remain unanswered. The NIST notice states that the current proposal "does not include identification of key escrow agents who will hold the keys for the key escrow microcircuits or the procedures for access to the keys." The key escrow configuration may also create a dangerous vulnerability in a communications network. The risks of misuse of this feature should be weighed against any perceived benefit. * The classification of the Skipjack algorithm as a "national security" matter is inappropriate for technology that will be used primarily in civilian and commercial applications. Classification of technical information also limits the computing community's ability to evaluate fully the proposal and the general public's right to know about the activities of government. * The proposal was not developed in response to a public concern or a business request. It was put forward by the National Security Agency and the Federal Bureau of Investigation so that these two agencies could continue surveillance of electronic communications. It has not been established that is necessary for crime prevention. The number of arrests resulting from wiretaps has remained essentially unchanged since the federal wiretap law was enacted in 1968. * The NIST proposal states that the escrow agents will provide the key components to a government agency that "properly demonstrates legal authorization to conduct electronic surveillance of communications which are encrypted." The crucial term "legal authorization" has not been defined. The vagueness of the term "legal authorization" leaves open the possibility that court-issued warrants may not be required in some circumstances. This issue must be squarely addressed and clarified. * Adoption of the proposed key escrow standard may have an adverse impact upon the ability of U.S. manufacturers to market cryptographic products abroad. It is unlikely that non-U.S. users would purchase communication security products to which the U.S. government holds keys. Comments on the NIST proposal should be sent to: Director, Computer Systems Laboratory ATTN: Proposed FIPS for Escrowed Encryption Standard Technology Building, Room B-154 National Institute of Standards and Technology Gaithersburg, MD 20899 Submissions must be received by September 28, 1993. CPSR has asked NIST that provisions be made to allow for electronic submission of comments. Please also send copies of your comments on the key escrow proposal to CPSR for inclusion in the CPSR Internet Library, our ftp site. Copies should be sent to . ================================================================= FEDERAL REGISTER VOL. 58, No. 145 DEPARTMENT OF COMMERCE (DOC) National Institute of Standards and Technology (NIST) Docket No. 930659-3159 RIN 0693-AB19 A Proposed Federal Information Processing Standard for an Escrowed Encryption Standard (EES) 58 FR 40791 Friday, July 30, 1993 Notice; request for comments. SUMMARY: A Federal Information Processing Standard (FIPS) for an Escrowed Encryption Standard (EES) is being proposed. This proposed standard specifies use of a symmetric-key encryption/decryption algorithm and a key escrowing method which are to be implemented in electronic devices and used for protecting certain unclassified government communications when such protection is required. The algorithm and the key escrowing method are classified and are referenced, but not specified, in the standard. This proposed standard adopts encryption technology developed by the Federal government to provide strong protection for unclassified information and to enable the keys used in the encryption and decryption processes to be escrowed. This latter feature will assist law enforcement and other government agencies, under the proper legal authority, in the collection and decryption of electronically transmitted information. This proposed standard does not include identification of key escrow agents who will hold the keys for the key escrow microcircuits or the procedures for access to the keys. These issues will be addressed by the Department of Justice. The purpose of this notice is to solicit views from the public, manufacturers, and Federal, state, and local government users so that their needs can be considered prior to submission of this proposed standard to the Secretary of Commerce for review and approval. The proposed standard contains two sections: (1) An announcement section, which provides information concerning the applicability, implementation, and maintenance of the standard; and (2) a specifications section which deals with the technical aspects of the standard. Both sections are provided in this notice. DATES: Comments on this proposed standard must be received on or before September 28, 1993. ADDRESSES: Written comments concerning the proposed standard should be sent to: Director, Computer Systems Laboratory, ATTN: Proposed FIPS for Escrowed Encryption Standard, Technology Building, room B-154, National Institute of Standards and Technology, Gaithersburg, MD 20899. Written comments received in response to this notice will be made part of the public record and will be made available for inspection and copying in the Central Reference and Records Inspection Facility, room 6020, Herbert C. Hoover Building, 14th Street between Pennsylvania and Constitution Avenues, NW., Washington, DC 20230. FOR FURTHER INFORMATION CONTACT: Dr. Dennis Branstad, National Institute of Standards and Technology, Gaithersburg, MD 20899, telephone (301) 975-2913. SUPPLEMENTARY INFORMATION: This proposed FIPS implements the initiative announced by the White House Office of the Press Secretary on April 16, 1993. The President of the U.S. approved a Public Encryption Management directive, which among other actions, called for standards to facilitate the procurement and use of encryption devices fitted with key-escrow microcircuits in Federal communication systems that process sensitive, but unclassified information. Dated: July 26, 1993. Arati Prabhakar, Director.(NIST) ++++++++++++++++++++++++++++++++++++++++++++++++++++ Federal Information Processing Standards Publication XX 1993 XX Announcing the Escrowed Encryption Standard (EES) Federal Information Processing Standards Publications (FIPS PUBS) are issued by the National Institute of Standards and Technology (NIST) after approval by the Secretary of Commerce pursuant to section 111(d) of the Federal Property and Administrative Services Act of 1949 as amended by the Computer Security Act of 1987, Public Law 100-235. Name of Standard: Escrowed Encryption Standard (EES). Category of Standard: Telecommunications Security. Explanation: This Standard specifies use of a symmetric-key encryption (and decryption) algorithm and a Law Enforcement Access Field (LEAF) creation method (one part of a key escrow system) which provide for decryption of encrypted telecommunications when interception of the telecommunications is lawfully authorized. Both the algorithm and the LEAF creation method are to be implemented in electronic devices (e.g., very large scale integration chips). The devices may be incorporated in security equipment used to encrypt (and decrypt) sensitive unclassified telecommunications data. Decryption of lawfully intercepted telecommunications may be achieved through the acquisition and use of the LEAF, the decryption algorithm and escrowed key components. To escrow something (e.g., a document, an encryption key) means that it is "delivered to a third person to be given to the grantee only upon the fulfillment of a condition" (Webster's Seventh New Collegiate Dictionary). A key escrow system is one that entrusts components of a key used to encrypt telecommunications to third persons, called key component escrow agents. In accordance with the common definition of "escrow", the key component escrow agents provide the key components to a "grantee" (i.e., a government agency) only upon fulfillment of the condition that the grantee properly demonstrates legal authorization to conduct electronic surveillance of communications which are encrypted using the specific device whose key component is requested. The key components obtained through this process are then used by the grantee to reconstruct the device unique key and obtain the session key (contained in the LEAF) which is used to decrypt the telecommunications that are encrypted with that device. The term, "escrow", for purposes of this standard, is restricted to the dictionary definition. The encryption/decryption algorithm has been approved for government applications requiring encryption of sensitive unclassified telecommunications of data as defined herein. The specific operations of the algorithm and the LEAF creation method are classified and hence are referenced, but not specified, in this standard. Data, for purposes of this standard, includes voice, facsimile and computer information communicated in a telephone system. Telephone system, for purposes of this standard, is limited to systems circuit-switched up to no more than 14.4 kbs or which use basic-rate ISDN, or to a similar grade wireless service. Data that is considered sensitive by a responsible authority should be encrypted if it is vulnerable to unauthorized disclosure during telecommunications. A risk analysis should be performed under the direction of a responsible authority to determine potential threats and risks. The costs of providing encryption using this standard as well as alternative methods and their respective costs should be projected. A responsible authority should then make a decision, based on the risk and cost analyses, whether or not to use encryption and then whether or not to use this standard. Approving Authority: Secretary of Commerce. Maintenance Agency: Department of Commerce, National Institute of Standards and Technology. Applicability: This standard is applicable to all Federal departments and agencies and their contractors under the conditions specified below. This standard may be used in designing and implementing security products and systems which Federal departments and agencies use or operate or which are operated for them under contract. These products may be used when replacing Type II and Type III (DES) encryption devices and products owned by the government and government contractors. This standard may be used when the following conditions apply: 1. An authorized official or manager responsible for data security or the security of a computer system decides that encryption is required and cost justified as per OMB Circular A-130; and 2. The data is not classified according to the National Security Act of 1947, as amended, or the Atomic Energy Act of 1954, as amended. However, Federal departments or agencies which use encryption devices for protecting data that is classified according to either of these acts may use those devices also for protecting unclassified data in lieu of this standard. In addition, this standard may be adopted and used by non-Federal Government organizations. Such use is encouraged when it provides the desired security. Applications: Devices conforming to this standard may be used for protecting unclassified communications. Implementations: The encryption/decryption algorithm and the LEAF creation method shall be implemented in electronic devices (e.g., electronic chip packages) that can be physically protected against unauthorized entry, modification and reverse engineering. Implementations which are tested and validated by NIST will be considered as complying with this standard. An electronic device shall be incorporated into a cyptographic module in accordance with FIPS 140-1. NIST will test for conformance with FIPS 140-1. Cryptographic modules can then be integrated into security equipment for sale and use in an application. Information about devices that have been validated, procedures for testing equipment for conformance with NIST standards, and information about obtaining approval of security equipment are available from the Computer Systems Laboratory, NIST, Gaithersburg, MD 20899. Export Control: Implementations of this standard are subject to Federal Government export controls as specified in title 22, Code of Federal Regulations, parts 120 through 131 (International Traffic of Arms Regulations -ITAR). Exporters of encryption devices, equipment and technical data are advised to contact the U.S. Department of State, Office of Defense Trade Controls for more information. Patents: Implementations of this standard may be covered by U.S. and foreign patents. Implementation Schedule: This standard becomes effective thirty days following publication of this FIPS PUB. Specifications: Federal Information Processing Standard (FIPS XXX)(affixed). Cross Index: a. FIPS PUB 46-2, Data Encryption Standard. b. FIPS PUB 81, Modes of Operation of the DES c. FIPS PUB 140-1, Security Requirements for Cryptographic Modules. Glossary: The following terms are used as defined below for purposes of this standard: Data-Voice, facsimile and computer information communicated in a telephone system. Decryption-Conversion of ciphertext to plaintext through the use of a cryptographic algorithm. Device (cryptographic)-An electronic implementation of the encryption/decryption algorithm and the LEAF creation method as specified in this standard. Digital data-Data that have been converted to a binary representation. Encryption-Conversion of plaintext to ciphertext through the use of a cryptographic algorithm. Key components-The values from which a key can be derived (e.g., KU sub 1 + KU sub 2). Key escrow -A process involving transferring one or more components of a cryptographic key to one or more trusted key component escrow agents for storage and later use by government agencies to decrypt ciphertext if access to the plaintext is lawfully authorized. LEAF Creation Method 1-A part of a key escrow system that is implemented in a cryptographic device and creates a Law Enforcement Access Field. Type I cryptography-A cryptographic algorithm or device approved by the National Security Agency for protecting classified information. Type II cryptography-A cryptographic algorithm or device approved by the National Security Agency for protecting sensitive unclassified information in systems as specified in section 2315 of Title 10 United State Code, or section 3502(2) of Title 44, United States Code. Type III cryptography-A cryptographic algorithm or device approved as a Federal Information Processing Standard. Type III(E) cryptography-A Type III algorithm or device that is approved for export from the United States. Qualifications. The protection provided by a security product or system is dependent on several factors. The protection provided by this standard against key search attacks is greater than that provided by the DES (e.g., the cryptographic key is longer). However, provisions of this standard are intended to ensure that information encrypted through use of devices implementing this standard can be decrypted by a legally authorized entity. Where to Obtain Copies of the Standard: Copies of this publication are for sale by the National Technical Information Service, U.S. Department of Commerce, Springfield, VA 22161. When ordering, refer to Federal Information Processing Standards Publication XX (FIPS PUB XX), and identify the title. When microfiche is desired, this should be specified. Prices are published by NTIS in current catalogs and other issuances. Payment may be made by check, money order, deposit account or charged to a credit card accepted by NTIS. Specifications for the Escrowed Encryption Standard 1. Introduction This publication specifies Escrowed Encryption Standard (EES) functions and parameters. 2. General This standard specifies use of the SKIPJACK cryptographic algorithm and the LEAF Creation Method 1 (LCM-1) to be implemented in an approved electronic device (e.g., a very large scale integration electronic chip). The device is contained in a logical cryptographic module which is then integrated in a security product for encrypting and decrypting telecommunications. Approved implementations may be procured by authorized organizations for integration into security equipment. Devices must be tested and validated by NIST for conformance to this standard. Cryptographic modules must be tested and validated by NIST for conformance to FIPS 140-1. 3. Algorithm Specifications The specifications of the encryption/decryption algorithm (SKIPJACK) and the LEAF Creation Method 1 (LCM-1) are classified. The National Security Agency maintains these classified specifications and approves the manufacture of devices which implement the specifications. NIST tests for conformance of the devices implementing this standard in cryptographic modules to FIPS 140-1 and FIPS 81. 4. Functions and Parameters 4.1 Functions The following functions, at a minimum, shall be implemented: 1. Data Encryption: A session key (80 bits) shall be used to encrypt plaintext information in one or more of the following modes of operation as specified in FIPS 81: ECB, CBC, OFB (64) CFB (1, 8, 16, 32, 64). 2. Data Decryption: The session key (80 bits) used to encrypt the data shall be used to decrypt resulting ciphertext to obtain the data. 3. Key Escrow: The Family Key (KF) shall be used to create the Law Enforcement Access Field (LEAF) in accordance with the LEAF Creation Method 1 (LCM-1). The Session Key shall be encrypted with the Device Unique Key and transmitted as part of the LEAF. The security equipment shall ensure that the LEAF is transmitted in such a manner that the LEAF and ciphertext may be decrypted with legal authorization. No additional encryption or modification of the LEAF is permitted. 4.2 Parameters The following parameters shall be used in performing the prescribed functions: 1. Device Identifier (DID): The identifier unique to a particular device and used by the Key Escrow System. 2. Device Unique Key (KU): The cryptographic key unique to a particular device and used by the Key Escrow System. 3. Cryptographic Protocol Field (CPF): The field identifying the registered cryptographic protocol used by a particular application and used by the Key Escrow System (reserved for future specification and use). 4. Escrow Authenticator (EA): A binary pattern that is inserted in the LEAF to ensure that the LEAF is transmitted and received properly and has not been modified, deleted or replaced in an unauthorized manner. 5. Initialization Vector (IV): A mode and application dependent vector of bytes used to initialize, synchronize and verify the encryption, decryption and key escrow functions. 6. Family Key (KF): The cryptographic key stored in all devices designated as a family that is used to create the LEAF. 7. Session Key (KS): The cryptographic key used by a device to encrypt and decrypt data during a session. 8. Law Enforcement Access Field (LEAF): The field containing the encrypted session key and the device identifier and the escrow authenticator. 5. Implementation The Cryptographic Algorithm and the LEAF Creation Method shall be implemented in an electronic device (e.g., VLSI chip) which is highly resistant to reverse engineering (destructive or non-destructive) to obtain or modify the cryptographic algorithms, the KU, the EA, the CPF, the operational KS, or any KU, the EA, the CPF, the operational KS, or any other security or Key Escrow System relevant information. The device shall be able to be programmed/personalized (i.e., made unique) after mass production in such a manner that the DID, KU (or its components), KF (or its components) and EA fixed pattern can be entered once (and only once) and maintained without external electrical power. The LEAF and the IV shall be transmitted with the ciphertext. The specifics of the protocols used to create and transmit the LEAF, IV, and encrypted data shall be registered and a CPF assigned. The CPF shall then be transmitted in accordance with the registered specifications. The specific electric, physical and logical interface will vary with the implementation. Each approved, registered implementation shall have an unclassified electrical, physical and logical interface specification sufficient for an equipment manufacturer to understand the general requirements for using the device. Some of the requirements may be classified and therefore would not be specified in the unclassified interface specification. ------------------------------ End of Computer Underground Digest #5.62 ************************************