From the NY Times online (www.nytmes.com)
February 28, 1998 Hewlett-Packard Granted License For Encryption System By PETER WAYNER The Commerce Department has granted Hewlett-Packard an export license for its VerSecure encryption architecture allowing the company and its licensees to export strong encryption tools, the company announced Friday. The catch is that the products must take their orders from a central computer system that will dictate how all the products will behave in each country. The company hopes that the solution would break the deadlock between the Clinton Administration, which continues to restrict the export of secure computer technology throughout the world, and the computer industry, which contends that foreigners are not interested in buying products that don't protect their secrets. The new solution effectively disconnects the problem of distributing encryption technology from the process of determining the policy for government access to information. The heart is a new class of trusted hardware cards and chips that take their orders from a central company known as a Security Domain Authority or SDA. In countries, like France, that require people to keep a record of keys for unlocking data, the SDA would only allow the computers to encrypt information if it complied with the laws. In countries with no laws about encryption usage like the United States, Germany and Great Britain, the SDA would allow users to encrypt in whatever manner they choose. ------------------------------------------------------------------------ It is very hardware-specific with the flexibility of software and that gives us a lot of strength in terms of tamper resistance Feisal Mosleh, business development manager at Hewlett-Packard ------------------------------------------------------------------------ Hewlett-Packard sees the solution as a win for the industry, which will be able to build one set of hardware and software that can be shipped throughout the world. The SDA's will set the local rules because the computers will not encrypt information without first getting permission from the SDA. Doug McGowan, one of the director of Hewlett-Packard's efforts, said in a telephone interview, "Never before has a general purpose cryptography tool been exportable from the United States, with or without key recovery. We're opening a huge market for American industry to enable commerce on a worldwide basis." The price for this flexibility is the need for specialized hardware that treats the SDA as its master. In an ordinary computer, the owner can control all aspects of what the computer does. This extra hardware will raise the price of machines and is bound to be more expensive than software which can be distributed at minimal cost. Feisal Mosleh, a business development manager at Hewlett-Packard, pointed out that specialized hardware can offer faster performance and more security. "It is very hardware-specific with the flexibility of software and that gives us a lot of strength in terms of tamper resistance" he said in a phone interview. Many security experts continue to point out that general-use microcomputers and their operating systems are dangerously insecure. In one recent attack, hackers were able to begin transfers from a bank account by manipulating accounting software. Off-loading the process to specialized hardware makes it simpler to ensure that the system is secure because the special hardware has only one job. Hewlett-Packard says that it is licensing the architecture to a number of different computer vendors and announced that IBM, Motorola, CertCo, Trusted Information System, Microsoft and RSA Data Securities had already signed licenses. The vendors will be free to choose how they implement the special computer hardware, but most will probably use firmware with an embedded microprocessor. The initial version will reportedly include DES, triple DES, RSA, RC2, RC4 and Diffie Hellman algorithms. Each of these solutions can be sped up by specialized hardware, but only a general microprocessor can handle all of them with equal agility. The specialized hardware will also be tamper-proof to prevent people from circumventing the commands of the SDA. When an encryption card is first started up, it cannot begin working until it has received instructions from an SDA in its country. This information is contained in a "policy token." Joe Beyers, general manager of Hewlett-Packard's Internet Software business unit, explained, "The token says, 'You can use this amount of key, this amount of strength for this amount of time.'" Beyers went on to say, "The aspect of time allows the government to evolve their policy. Time limits are one of the attributes that made it attractive to the U.S. government." It would be possible for a government to change policy with the system from time to time, perhaps forcing citizens to use long keys in time of war to protect themselves and then relaxing the policy after peace emerged. In the current plan, policy tokens would be good for one year, forcing computers to re-register with an SDA in order to keep working. The SDA would have no control of a token after it was issued and would only be able to change policies at the renewal. The relationship between the SDA and the key recovery program is more difficult to describe. The SDA would not keep any records of any keys that would allow the police to eavesdrop on calls. But the policy tokens would force the embedded hardware to obey the local laws that might include key recovery. The FBI has asked Congress to mandate key recovery systems that give it clear access to all communications. The yearly interrogation between the SDA and the individual computers does not mean that the system will be foolproof. Someone could simply carry a laptop from a country that allows personal privacy to a country with more invasive laws and use it freely until the policy token runs out. Also, it may be possible to spoof the token authorization procedure by pretending that the request came from one country instead of another. Some critics found the use of special hardware to be problematic. Jim Lucier, a policy analyst for the Americans for Tax Reform, a Republican think tank, pointed out that specialized hardware was ignored by the marketplace in the past. "None of it ever works" he said, "because the more obvious solution, which is end-to-end encryption, is already there." Lucier also pointed out that specialized hardware is more complicated to engineer and much more expensive to distribute than software. "Atoms cost more than bits, it just comes down to that," he said. In a press conference Friday morning, Beyers promised that the new hardware was "months, not years away" and also promised that the hardware costs would be as low as possible. Marc Rotenberg, director of the Electronic Privacy Information Center, suggested that replacing the current export control bureaucracy with a network of SDA's was not a significant advance. "Government efforts to regulate crypto will only slow the development of commerce," he said. In fact, the decision by the United States government to grant a license to Hewlett-Packard's architecture is far from liberating. Companies making VerSecure products can only ship them to countries approved by the United States government, a list which at this time is limited to the United Kingdom, Germany, France, Denmark and Australia. More countries will become open if and when they create an SDA infrastructure that is acceptable to the United States. Hewlett-Packard has gone to great lengths to prevent rogue nations from setting up their own unauthorized SDA's by cloning hardware. The infrastructure uses CertCo's secure certificate servers to restrict the ability to create the software necessary to build the tokens. Beyers says that no one person at Hewlett-Packard has the ability to do this in order to reduce the potential for corruption and theft. Hewlett-Packard is also working heavily with foreign countries to assure them that the system does not include back doors that might be accessible by the United States government. Beyers said that the company had retained an international group of cryptographic experts to vet the system and allay any fears of hidden back doors. A press release from Hewlett-Packard quoted William A. Reinsch, undersecretary of commerce, as saying, "We are pleased to support HP's effort to develop and market encryption products that encourage the use of key recovery in providing robust, secure encryption. This approval and our ongoing dialogue with the industry are consistent with the Clinton Administration's goal of allowing the market to develop recoverable encryption products." Peter Wayner at pwayner@nytimes.com welcomes your comments and suggestions. Copyright 1998 The New York Times Company