CDT POLICY POST No.2 -- X9 TO DEVELOP TRIPLE-DES STANDARDS
------------------------------------------------------------------------ ****** ******** ************* ******** ********* ************* ** ** ** *** POLICY POST ** ** ** *** ** ** ** *** February 13, 1995 ** ** ** *** Number 2 ******** ********* *** ****** ******** *** CENTER FOR DEMOCRACY AND TECHNOLOGY ------------------------------------------------------------------------ A briefing on public policy issues affecting civil liberties online ------------------------------------------------------------------------ CDT POLICY POST 2/13/95 Number 2 CONTENTS: (1) X9 Committee Agrees to Develop 3x DES Encryption Standard (2) About the Center for Democracy and Technology This document may be re-distributed freely providing it remains in its entirety. ------------------------------------------------------------------------ X9 COMMITTEE AGREES TO DEVELOP 3x DES ENCRYPTION STANDARD Major Setback for NSA The NSA's efforts to push the adoption the Clipper/Skipjack government-escrowed encryption scheme encountered a major setback earlier this month with the decision by the Accredited Standards Committee X9 to proceed with the development of a data security standard based on triple-DES. The ASC X9 committee is responsible for setting data security standards for the US banking and financial services industries. These industries are heavy users of commercial cryptography, and standards developed for this community tend to drive the development of applications for the entire market. As a result, the committee's decision to proceed with a triple-DES standard has important implications for future cryptographic standards and US cryptography policy generally. The NSA, a voting member of the X9 committee, had lobbied hard against the proposal. In a November letter to committee members, the NSA threatened to prevent the export of triple- DES, citing existing US law and potential threats to national security (see attached NSA letter). The decision sets the stage for the development of a next generation of security standards based on publicly available, non-escrowed encryption schemes. A battle over the exportability of triple-DES applications is also on the horizon. Through export controls on cryptography, the proposed Clipper initiative, and interference in the standards setting processes, US government policies have consistently sought to make strong encryption and other privacy protecting technologies unavailable to the general public. The X9 decision and development of triple-DES and other alternitives to government-escrowed cryptography is an important victory in that it will increase the public's access to strong, privacy enhancing technologies. BACKGROUND Banks and other financial institutions use encryption to protect the billions of dollars in transactions and fund transfers which flow every day across the world's communications networks. The current encryption standard used by the banking industry is based on DES, which has been available since the early 1970's. DES is widely trusted because it has been repeatedly tested and is considered by experts to be unbreakable except by brute force (trying every possible key combination). The US government has also allowed the limited export of DES. Despite its popularity, DES is considered to be reaching the end of its useful life. The increasing speed and sophistication of computer processing power has begun to render DES vulnerable to brute force attacks. Cryptographers have recently demonstrated that DES codes can be cracked in as little as three hours with $1 million worth of currently available equipment. As a result, the banking and financial services industries have begun to explore alternatives to DES. Although there are many potential alternatives to DES, triple-DES is widely seen as the most practical solution. Triple-DES is based on DES, but has been enhanced by increasing the key length and by encrypting through multiple iterations. These enhancements make triple-DES less vulnerable to brute force attacks. Triple-DES is also popular because it can be easily incorporated into existing DES systems and is based on standards and procedures familiar to most users. NSA SETBACK IS A VICTORY FOR CLIPPER OPPONENTS In their November letter to X9 committee members, the NSA attempted to undermine the attractiveness of triple-DES by arguing that it is cryptographically unsound, a potential threat to national security, and would not be exportable under US law. The NSA, while offering no specific alternative to triple-DES, seemed to be attempting to push the committee to adopt the only currently available option -- Clipper. Privacy advocates also lobbied the X9 committee. In a letter sent in advance of the December 1994 ballot, CDT Deputy Director Daniel Weitzner (then EFF Deputy Policy Director) and EFF board member John Gilmore, an expert in this field, sent a letter to X9 committee members urging them to adopt the triple-DES standard. A copy of the letter is appended at the end of this post. By agreeing to develop a triple-DES standard, the X9 committee has clearly and decisively rejected Clipper as a solution. This vote thus represents a further repudiation to Clipper and yet another victory for opponents of government efforts to establish Clipper or other government-escrowed solutions as a national standard. NEXT STEPS X9F, a subcommittee of the X9 committee, will now develop technical standards for implementing triple-DES based applications. This process is expected to take one or two years to complete. Once technical standards are developed, the full X9 committee will vote as to whether to implement the subcommittee's technical recommendations. The availability of triple-DES applications received a further boost recently with the announcement by AT&T and VLSI Technologies that they were developing new data security products based on triple-DES. This will presumably provide additional options for X9 committee members, but the exportability of these products is still in doubt. The stage is thus set for a further battle between the NSA and the X9 committee over the exportability of triple-DES and final approval of the X9 standard. As a sitting member of the committee, NSA will presumably continue to lobby against efforts by the committee to develop triple-DES applications. Furthermore, the banking and financial services industries must still persuade the government to allow for the export of triple-DES. As an opponent of government-escrowed cryptography, CDT applauds the recent actions of the X9 committee. While CDT supports the development of a variety of security standards and alternatives to DES, we recognize the need of the banking and financial services industries to develop temporary stop- gap solution. CDT will continue to work towards the relaxation of export controls on cryptography and will support X9 committee members in their efforts to gain the ability to export triple-DES applications. For more information contact: Daniel J. Weitzner, Deputy Director <djw@cdt.org> Jonah Seiger, Policy Analyst <jseiger@cdt.org> +1.202.637.9800 ---------------------------------------------------------- GILMORE/WEITZNER LETTER TO X9 COMMITTEE MEMBERS November 18, 1994 Dear Accredited Standards Committee-X9 Member: The X9 Committee is currently voting as to whether to recommend the development of a standard for triple-DES (ballot number X9/94-LB#28). The Electronic Frontier Foundation (EFF) strongly urges you to vote in favor of the triple-DES standard. EFF supports the development of a variety of new data security standards and alternatives to DES. We believe the triple-DES standard provides the best immediate short term alternative because: * The basic algorithm, DES, is strong and has been tested repeatedly. * There are no known attacks that succeed against triple-DES. * It is clearly no less secure than DES. * It eliminates the brute-force problem completely by tripling the key length. * It runs at high speeds in easy-to-build chips. * It can be easily incorporated into existing systems. NSA's opposition to triple-DES appears to be an indirect attempt to push Clipper by eliminating credible alternatives. Clipper is not a viable alternative to triple-DES, and carries substantial liabilities. There has been no evidence of foreign acceptance of the standard and the skipjact algorithm is classified. The likelihood of any government accepting secret standards developed by a foreign security agency is slim. Clinton Administration efforts, through the NSA, to push Clipper as a domestic standard over the past two years have failed. We urge you to carefully consider the alternatives before you cast your ballot. We believe that the triple-DES issue should be decided on its own merits. Sincerely, John Gilmore Board of Directors Electronic Frontier Foundation Daniel J. Weitzner Deputy Policy Director Electronic Frontier Foundation ------------------------------------------------------------- NSA LETTER TO X9 COMMITTEE MEMBERS X9 Member: I will be casting a NO vote on the NWI for triple-DES, Letter Ballot X9/94-LB#28. The reasons are set forth below. You may find these useful as you determine your position. Jerry Rainville NSA REASONS FOR A NEGATIVE VOTE While NSA supports the use of DES in the global financial sector, we believe that standardization of triple-DES is ill- advised for a number of reasons. The financial community should be planning to transition to a new generation of cryptographic algorithms. When DES was first introduced, it represented the "only game in town". It supported encryption, authentication, key management, and secure hashing applications. With a broader interest in security, the market can now support optimized algorithms by application. Going through the expense of installing a stop- gap can only serve to delay progress in achieving interoperable universal appropriate solutions. While we understand the appeal of a snap-in upgrade, our experience has been that any change is expensive, especially one where the requirements on the key management system change. We do not agree that replacing DES with triple-DES is significantly less expensive than upgrading to more appropriate technology. Tripling of any algorithm is cryptographically unsound. Notice that tripling DES, at best, only doubles the length of the cryptovariable (key). Phrased another way, the DES was optimized for security at 56 bits. We cannot vouch that any of the schemes for doubling the cryptovariable length of DES truly squares security. We understand the financial community has concerns with current key escrow based encryption, however, we are committed to searching for answers to those concerns. But the government is also committed to key escrow encryption, and we do not believe that the proposal for triple DES is consistent with this objective. US export control policy does not allow for general export of DES for encryption, let alone triple-DES. Proceeding with this NWI would place X9 at odds with this long standing policy. It also violates the newly accepted X9 cryptographic policy. The US government has not endorsed triple-DES; manufacturers and users may be reluctant to use triple-DES products for fear of possible liability. Finally, further proliferation of triple-DES is counter to national security and economic objectives. We would welcome the opportunity to discuss these concerns with an appropriate executive of your institution. --------------------------------------------------------------------- ABOUT THE CENTER FOR DEMOCRACY AND TECHNOLOGY The Center for Democracy and Technology is a non-profit public interest organization. The Center's mission is to develop and advocate public policies that advance constitutional civil liberties and democratic values in new computer and communications technologies. Contacting us: General information on CDT can be obtained by sending mail to <info@cdt.org> www/ftp/gopher archives are currently under construction, and should be up and running by the middle of March. ### ------------------------------------------------------------------------ ****** ******** ************* ******** ********* ************* ** ** ** *** POLICY POST ** ** ** *** ** ** ** *** February 13, 1995 ** ** ** *** Number 2 ******** ********* *** ****** ******** *** CENTER FOR DEMOCRACY AND TECHNOLOGY ------------------------------------------------------------------------ A briefing on public policy issues affecting civil liberties online ------------------------------------------------------------------------ CDT POLICY POST 2/13/95 Number 2 CONTENTS: (1) X9 Committee Agrees to Develop 3x DES Encryption Standard (2) About the Center for Democracy and Technology This document may be re-distributed freely providing it remains in its entirety. ------------------------------------------------------------------------ X9 COMMITTEE AGREES TO DEVELOP 3x DES ENCRYPTION STANDARD Major Setback for NSA The NSA's efforts to push the adoption the Clipper/Skipjack government-escrowed encryption scheme encountered a major setback earlier this month with the decision by the Accredited Standards Committee X9 to proceed with the development of a data security standard based on triple-DES. The ASC X9 committee is responsible for setting data security standards for the US banking and financial services industries. These industries are heavy users of commercial cryptography, and standards developed for this community tend to drive the development of applications for the entire market. As a result, the committee's decision to proceed with a triple-DES standard has important implications for future cryptographic standards and US cryptography policy generally. The NSA, a voting member of the X9 committee, had lobbied hard against the proposal. In a November letter to committee members, the NSA threatened to prevent the export of triple- DES, citing existing US law and potential threats to national security (see attached NSA letter). The decision sets the stage for the development of a next generation of security standards based on publicly available, non-escrowed encryption schemes. A battle over the exportability of triple-DES applications is also on the horizon. Through export controls on cryptography, the proposed Clipper initiative, and interference in the standards setting processes, US government policies have consistently sought to make strong encryption and other privacy protecting technologies unavailable to the general public. The X9 decision and development of triple-DES and other alternitives to government-escrowed cryptography is an important victory in that it will increase the public's access to strong, privacy enhancing technologies. BACKGROUND Banks and other financial institutions use encryption to protect the billions of dollars in transactions and fund transfers which flow every day across the world's communications networks. The current encryption standard used by the banking industry is based on DES, which has been available since the early 1970's. DES is widely trusted because it has been repeatedly tested and is considered by experts to be unbreakable except by brute force (trying every possible key combination). The US government has also allowed the limited export of DES. Despite its popularity, DES is considered to be reaching the end of its useful life. The increasing speed and sophistication of computer processing power has begun to render DES vulnerable to brute force attacks. Cryptographers have recently demonstrated that DES codes can be cracked in as little as three hours with $1 million worth of currently available equipment. As a result, the banking and financial services industries have begun to explore alternatives to DES. Although there are many potential alternatives to DES, triple-DES is widely seen as the most practical solution. Triple-DES is based on DES, but has been enhanced by increasing the key length and by encrypting through multiple iterations. These enhancements make triple-DES less vulnerable to brute force attacks. Triple-DES is also popular because it can be easily incorporated into existing DES systems and is based on standards and procedures familiar to most users. NSA SETBACK IS A VICTORY FOR CLIPPER OPPONENTS In their November letter to X9 committee members, the NSA attempted to undermine the attractiveness of triple-DES by arguing that it is cryptographically unsound, a potential threat to national security, and would not be exportable under US law. The NSA, while offering no specific alternative to triple-DES, seemed to be attempting to push the committee to adopt the only currently available option -- Clipper. Privacy advocates also lobbied the X9 committee. In a letter sent in advance of the December 1994 ballot, CDT Deputy Director Daniel Weitzner (then EFF Deputy Policy Director) and EFF board member John Gilmore, an expert in this field, sent a letter to X9 committee members urging them to adopt the triple-DES standard. A copy of the letter is appended at the end of this post. By agreeing to develop a triple-DES standard, the X9 committee has clearly and decisively rejected Clipper as a solution. This vote thus represents a further repudiation to Clipper and yet another victory for opponents of government efforts to establish Clipper or other government-escrowed solutions as a national standard. NEXT STEPS X9F, a subcommittee of the X9 committee, will now develop technical standards for implementing triple-DES based applications. This process is expected to take one or two years to complete. Once technical standards are developed, the full X9 committee will vote as to whether to implement the subcommittee's technical recommendations. The availability of triple-DES applications received a further boost recently with the announcement by AT&T and VLSI Technologies that they were developing new data security products based on triple-DES. This will presumably provide additional options for X9 committee members, but the exportability of these products is still in doubt. The stage is thus set for a further battle between the NSA and the X9 committee over the exportability of triple-DES and final approval of the X9 standard. As a sitting member of the committee, NSA will presumably continue to lobby against efforts by the committee to develop triple-DES applications. Furthermore, the banking and financial services industries must still persuade the government to allow for the export of triple-DES. As an opponent of government-escrowed cryptography, CDT applauds the recent actions of the X9 committee. While CDT supports the development of a variety of security standards and alternatives to DES, we recognize the need of the banking and financial services industries to develop temporary stop- gap solution. CDT will continue to work towards the relaxation of export controls on cryptography and will support X9 committee members in their efforts to gain the ability to export triple-DES applications. For more information contact: Daniel J. Weitzner, Deputy Director <djw@cdt.org> Jonah Seiger, Policy Analyst <jseiger@cdt.org> +1.202.637.9800 ---------------------------------------------------------- GILMORE/WEITZNER LETTER TO X9 COMMITTEE MEMBERS November 18, 1994 Dear Accredited Standards Committee-X9 Member: The X9 Committee is currently voting as to whether to recommend the development of a standard for triple-DES (ballot number X9/94-LB#28). The Electronic Frontier Foundation (EFF) strongly urges you to vote in favor of the triple-DES standard. EFF supports the development of a variety of new data security standards and alternatives to DES. We believe the triple-DES standard provides the best immediate short term alternative because: * The basic algorithm, DES, is strong and has been tested repeatedly. * There are no known attacks that succeed against triple-DES. * It is clearly no less secure than DES. * It eliminates the brute-force problem completely by tripling the key length. * It runs at high speeds in easy-to-build chips. * It can be easily incorporated into existing systems. NSA's opposition to triple-DES appears to be an indirect attempt to push Clipper by eliminating credible alternatives. Clipper is not a viable alternative to triple-DES, and carries substantial liabilities. There has been no evidence of foreign acceptance of the standard and the skipjact algorithm is classified. The likelihood of any government accepting secret standards developed by a foreign security agency is slim. Clinton Administration efforts, through the NSA, to push Clipper as a domestic standard over the past two years have failed. We urge you to carefully consider the alternatives before you cast your ballot. We believe that the triple-DES issue should be decided on its own merits. Sincerely, John Gilmore Board of Directors Electronic Frontier Foundation Daniel J. Weitzner Deputy Policy Director Electronic Frontier Foundation ------------------------------------------------------------- NSA LETTER TO X9 COMMITTEE MEMBERS X9 Member: I will be casting a NO vote on the NWI for triple-DES, Letter Ballot X9/94-LB#28. The reasons are set forth below. You may find these useful as you determine your position. Jerry Rainville NSA REASONS FOR A NEGATIVE VOTE While NSA supports the use of DES in the global financial sector, we believe that standardization of triple-DES is ill- advised for a number of reasons. The financial community should be planning to transition to a new generation of cryptographic algorithms. When DES was first introduced, it represented the "only game in town". It supported encryption, authentication, key management, and secure hashing applications. With a broader interest in security, the market can now support optimized algorithms by application. Going through the expense of installing a stop- gap can only serve to delay progress in achieving interoperable universal appropriate solutions. While we understand the appeal of a snap-in upgrade, our experience has been that any change is expensive, especially one where the requirements on the key management system change. We do not agree that replacing DES with triple-DES is significantly less expensive than upgrading to more appropriate technology. Tripling of any algorithm is cryptographically unsound. Notice that tripling DES, at best, only doubles the length of the cryptovariable (key). Phrased another way, the DES was optimized for security at 56 bits. We cannot vouch that any of the schemes for doubling the cryptovariable length of DES truly squares security. We understand the financial community has concerns with current key escrow based encryption, however, we are committed to searching for answers to those concerns. But the government is also committed to key escrow encryption, and we do not believe that the proposal for triple DES is consistent with this objective. US export control policy does not allow for general export of DES for encryption, let alone triple-DES. Proceeding with this NWI would place X9 at odds with this long standing policy. It also violates the newly accepted X9 cryptographic policy. The US government has not endorsed triple-DES; manufacturers and users may be reluctant to use triple-DES products for fear of possible liability. Finally, further proliferation of triple-DES is counter to national security and economic objectives. We would welcome the opportunity to discuss these concerns with an appropriate executive of your institution. --------------------------------------------------------------------- ABOUT THE CENTER FOR DEMOCRACY AND TECHNOLOGY The Center for Democracy and Technology is a non-profit public interest organization. The Center's mission is to develop and advocate public policies that advance constitutional civil liberties and democratic values in new computer and communications technologies. Contacting us: General information on CDT can be obtained by sending mail to <info@cdt.org> www/ftp/gopher archives are currently under construction, and should be up and running by the middle of March. ###
CDT writes:
The NSA's efforts to push the adoption the Clipper/Skipjack government-escrowed encryption scheme encountered a major setback earlier this month with the decision by the Accredited Standards Committee X9 to proceed with the development of a data security standard based on triple-DES.
The ASC X9 committee is responsible for setting data security standards for the US banking and financial services industries.
Are the minutes of the deliberations of X9, in complete or digest form, available to the public anywhere ? It would be useful to get a sense of how close the vote was, whose representatives voted which way, and the arguments the members found most compelling in reaching their decision. We need to gather as much feedback as possible, in order to determine which strategies are liable to be effective in the future. The answers may not come as a surprise, but confirmation of our suspicions would be nice. -L. Futplex McCarthy
"L. McCarthy" <lmccarth@ducie.cs.umass.edu> writes: Are the minutes of the deliberations of X9, in complete or digest form, available to the public anywhere ? It would be useful to get a sense of how close the vote was, whose representatives voted which way, and the arguments
I haven't seen that kind of detail, but here's a piece with some of the players posted by one member in December. I don't have the message from voorhees that he responded to. Jim Gillogly Mersday, 24 Solmath S.R. 1995, 01:27 _________________________________________________________________ From: x9a3@aol.com (X9a3) Newsgroups: talk.politics.crypto Subject: Re: Triple-DES Date: 12 Dec 1994 20:50:26 -0500 Organization: America Online, Inc. (1-800-827-6364) Lines: 29 Sender: news@newsbf01.news.aol.com Message-ID: <3ciul2$hc8@newsbf01.news.aol.com> References: <3cg57o$hvq@interport.net> NNTP-Posting-Host: newsbf01.news.aol.com In article <3cg57o$hvq@interport.net>, voorhees@interport.net writes: Rich has the 3DES ballot results correct. It is currently our for reconsideration which happens when there are 'no' votes. It is expected to pass. Marty Ferris (Treasury and chair of X9F) chaired the X9F meeting in Austin - which I attended as well as the earlier meeting of X9F4 on Home Banking - and reported that the 3DES WI would probably go to Blake and X9F1. There will probably be a subworking group chaired by Glenda Barnes of Cylink to shepard the 3DES along. Several of us will be participating in the action. We don't intend to let Blake sit on it or kill it. His rantings over some of the DES stuff is based on pure conjecture and perhaps visions delivered in the night by NSA. There are no short cuts to a properly implemented DES system - only exhaustion. Ask Bihnam and Shamir. The majority of folks (read banks) interested in 3DES wan to see a two key system and not the 3 key proposed by Cylink for a variety of reasons. 2key EDE DES produces key strength of 112 and not somewhere between 70 and 80 as claimed by Father Blake. The 70-80 is probably more disinformation from the NSA to make SKIPJACK appear more acceptable. Many of us are convinced that Blake is paid by the spooks but he will not publicly admit that he is. The 3DES WI originated in X9F3 chaired by Gary Chauklin of the FRB and the 3DES WI was moved from X9F3 to X9F1 over the objections of the X9F3 members and Gary. When Marty was questioned how that decision was made it became clear it was arbitrary and Marty probably made it himself. The meeting will be in Feb in Balitmore - should be interesting..... watch this space!!! ... peace ... abe Abraham & Associates, Inc.; Applications in Cryptography; Concord, NC _________________________________________________________________
Jim Gillogly <jim@rand.org> writes: ...I don't have the message from voorhees that he responded to.
Woops, just found it. This is the predecessor to my previous forward from x9a3, relating to Triple DES (3DES), complete with votes. Jim Gillogly Mersday, 24 Solmath S.R. 1995, 01:46 _________________________________________________________________ From: voorhees@interport.net Newsgroups: talk.politics.crypto Subject: Triple-DES Date: 12 Dec 1994 00:24:24 GMT Organization: Interport Communications Lines: 87 Message-ID: <3cg57o$hvq@interport.net> Reply-To: voorhees@interport.net NNTP-Posting-Host: voorhees.port.net X-Newsreader: IBM NewsReader/2 v1.03 The following post is from Rich Ankeny, a member of X9F1 and possibly F3, too. He does not have easy access to newsgroups, so I am posting it on his behalf. --Mark I have a few comments on triple DES: 1. X9F1 to Develop the Standard? I read with interest your recent Usenet post about triple DES. I was not aware that Marty Ferris (X9F chair) had already (offically) decided to give the work to Blake. We (various X9F1/3 members) had figured the way to delay it the longest is to form a new working group (X9F5:-). 2. Blake's Opinions Blake's claim is that triple DES (with two keys) is not 112 bits strong; in fact it is somewhere between 70 and 80 bits strong. He gives no details to back this up, though. His other objection is that, since there are only 32 bits input to the DES S-boxes in each round, at some point in the future (say 10 years or so) this can be "cryptanalyzed" using table lookups rather than test encryptions or other means, even on a desktop sized machine (with lots of memory). This is actually a reasonable prediction, but it applies to single DES. As to two-key triple DES, the only published attack I'm aware of is a paper by Paul van Oorschot and Michael Wiener of BNR (cited in Applied Cryptography, among other places); their attack uses *lots* of memory and running time of less than 2^100 steps. I guess it all depends on who you think is the better cryptanalyst:-) Anyway, the X9 proposal was to use three-key triple DES; one would hope that's at least 112 bits strong. 3. The X9 Vote I got the voting record from X9 on the triple DES NWI: YES: Applied Communications, AT&T, Bank of America, Bank of Boston, Chemical Bank, Deluxe Check Printers(!), Federal Reserve, Fidelity Investments, Mastercard, Mellon Bank, VISA, Wells Fargo. NO: NSA, NationsBank (their rep is X9 chair). ABSTAIN: ABA, American Express, Canadian Bankers Assoc., Moore Business Forms, NIST, Unisys, Xerox. 10 members didn't return their ballots, including Citibank, Chase Manhattan, and IBM. This is not unusual for larger organizations where the ballots sit on someone's desk for three or four months. I imagine many will be voting on the reconsideration ballot. NO votes must have reasons, and abstentions typically do as well: NSA: We've seen their reasons already in earlier postings. NationsBank: Too much controversy and too many open issues (based, I would think, on the NSA comments) ABA: Concerned about the NSA comments (esp. exportability) and that adopting triple DES now would affect the number of options available in the long term. ABA is opposed to Clipper/Capstone as currently proposed. In particular: (a) it must have congressional support, (b) at least one escrow agent must be a private sector entity, (c) it must be exportable, (d) there must be a *demonstrable* mechanism whereby escrow keys used in wiretap equipment cannot be compromised and are destroyed at the end of the wiretap period, (e) the algorithm must be unclassified or made available for an acceptable evaluation procedure by the banking industry, and (f) analysis of other issues is needed, including possiblity of software implementation, and compatibility with installed DES infrastructure. Federal Reserve: Supports triple DES, as an immediate alternative to DES. Also offers some much less negative wording for the reconsideration ballot. (The original ballot did everything but recommend a NO vote.) I don't have Usenet access (without "borrowing" a friend's account), so please feel free to repost any of this you feel might interest the EFF and other newsgroups. Regards, Rich Ankney (Fischer Int'l) _________________________________________________________________
gnu@toad.com writes:
In their November letter to X9 committee members, the NSA attempted to undermine the attractiveness of triple-DES by arguing that it is cryptographically unsound, a potential threat to national security, and would not be exportable under US law.
One is forced to wonder at the sort of person that can with a straight face argue that on the one hand an algorithm is cryptographically unsound, while at the same time posing a threat to national security. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ | Nobody's going to listen to you if you just | Mike McNally (m5@tivoli.com) | | stand there and flap your arms like a fish. | Tivoli Systems, Austin TX | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Mike McNally originally said the following...
gnu@toad.com writes:
In their November letter to X9 committee members, the NSA attempted to undermine the attractiveness of triple-DES by arguing that it is cryptographically unsound, a potential threat to national security, and would not be exportable under US law.
One is forced to wonder at the sort of person that can with a straight face argue that on the one hand an algorithm is cryptographically unsound, while at the same time posing a threat to national security.
Just playing Devil's Advocate, but maybe he's saying that it's so faulty that trusting banking communications to it would be a threat to national security... You know, it's so faulty it's dangerous.. Kinda like Dan Qyale for president. *8) ----------------------------------------------------------------------------- Greg Morgan <mac5tgm@hibbs.vcu.edu> | "I dunno Brain, me and Pipi Mail me for PGP Key: 0xE0D222A9 | Longstocking? I mean what would Key Fingerprint : 2430 BAA4 1EE4 AA2F | the children look like?" - Pinki 3B76 3516 3DEF 5529 | -----------------------------------------------------------------------------
In a November letter to committee members, the NSA threatened to prevent the export of triple- DES, citing existing US law and potential threats to national security (see attached NSA letter). Oh, no, surely not. There must be some misunderstanding here - they *promised* they wouldn't block export of non-Clipper things. They wouldn't lie! Jack Repenning M/S 1-875 jackr@engr.sgi.com Silicon Graphics, Inc. x3-3027 Off:(415) 390-3027 Visual Magic Division Fax:(415) 390-6056
participants (6)
-
gnu -
Greg Morgan -
Jack Repenning -
Jim Gillogly -
L. McCarthy -
m5@vail.tivoli.com