Triple DES "standard"?

Robert Hettinga rah at shipwright.com
Tue Dec 29 19:35:38 PST 1998




--- begin forwarded text


Date: Tue, 29 Dec 1998 19:11:37 -0500
To: jehill at nexis.org
From: Vin McLellan <vin at shore.net>
Subject: Re: Triple DES "standard"?
Cc: Rodney Thayer <rodney at tillerman.nu>, Cryptography at C2.net
Sender: owner-coderpunks at toad.com

Rodney Thayer reported:

>> Curiously enough, there seem to be no references to a standard before
>> the X9.52 effort,  which appears to be only a year or two old.  NIST calls
>> Triple DES a "private" standard.

Josh Hill <jehill at nexis.org> responded variously:

>?

>Before things become standards, they are just good ideas.  Triple DES is
>widely used, despite the fact that there is no absolute standard.  The
>draft standard, itself, is actually quite straight forward... Nothing
>really interesting about it, aside from ANSI's blessing.

>NIST does the "we'll just refer to another standard and call it ours"
>thing a fair bit... Look at FIPS 186-1: The RSA signature scheme accepted
>is the one specified in ANSI X9.31.

	Actually, as I recall the tale, the Amercian Bankers
Association-sponsored ANSI-accredited X.9 Committee's blessing of DES3 was
itself pretty interesting.

	I understood that the NSA lobbied bitterly against the X9 effort to
standardize 3DES as an ANSI standard, insisting that DES would surfice
until its successor was chosen.

	A couple years ago, when the X9 committee -- or maybe one of the X9
crypto subcommittees -- rejected that advice and initially recommended that
3DES be made a standard, I was told that the NSA rep angrily declared that
3DES would _never_ get an export license and would never be shipped
overseas. (Which may have put a damper on the 3DES standardization
effort;-)

	Unfortunately, these standards development efforts usually escape
the media's attention. Anyone on the list active in X9 and can give us the
real story?

	Since the birth of X9 in the late 70s, the US National Security
Agency has its own representative on the X9 Committee.  As one might
expect, the NSA has traditionally had significant influence over the ANSI
"F" (crypto) subcommittees and cryptographic standards in financial
services. There was a time when Ft. Meade effectively dictated those
standards. Now, that is not necessarily so....

	(After the NSA blundered so badly in trying to force the Banking
industry to switch from DES to CCEP/Clipper in the late 80s, the Agency's
mesmerizing control broken. The initial intro of CCEP/Clipper -- at an ABA
meeting -- proposed that only US owned institutions could have access to
Clipper.  At the time, as I recall, maybe 10-15 percent of the US banks
were foreign owned;-) The bankers couldn't believe that these idiots --
obviously so ignorant about the workings of the industry they were trying
to defacto regulate -- were from the NSA of Legend and Lore.)

	I always felt that the NSA's alienation of the Bankers was probably
the single most important factor in the collapse of the government's Cipper
campaign.

	Suerte,
		_Vin



-----
      Vin McLellan + The Privacy Guild + <vin at shore.net>
  53 Nichols St., Chelsea, MA 02150 USA <617> 884-5548
                         -- <@><@> --

--- end forwarded text


-----------------
Robert A. Hettinga <mailto: rah at philodox.com>
Philodox Financial Technology Evangelism <http://www.philodox.com/>
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'






More information about the cypherpunks-legacy mailing list