Network Security: The Need for a Civil Cryptography Board
Articles and Tips: tip
Senior Research Engineer
Security Development Manager
01 Oct 1998
In previous NetNotes on the Black Forest Group's 15 points of security, we addressed the need for an international Public Key infrastructure (PKI). We found that it is possible to navigate the laws and regulations surrounding international dataflows, at least enough so that a confidential transaction across international boundaries can occur. In doing so, the end-user can legally and efficiently manage an international cryptography infrastructure for business applications. In fact, NetWare 5's Public Key Infrastructure Services (PKIS) can do that (see the AppNote entitled "Assessing the Business and Technical Aspects of Public Key Infrastructure Deployment" in this issue).
This NetNote covers the next point: the need for a civil cryptography board. We aren't talking about being polite while you code for security. Rather, we answer three questions which many company managers, integrators, developers, and individuals tasked with implementing cryptography for their organization are asking today:
Why would the major companies in the world feel the need to have more types of cryptographyso many as to require a framework?
Are there enough types of cryptography for use today?
Doesn't the international Public Key Infrastructure mentioned previously handle the current cryptography problems, as well as any future needs for distributing and managing cryptography?
It is crucial that business people understand their needs are not satisfied by the few approved and internationally-used cryptographic algorithms. In the future businesses may want to employ various private cryptographic schemes that are stronger than the current ones. Today's cryptography may not be sufficient for tomorrow's solutions, and thus cryptographic change is inevitable.
Rules, Rules Everywhere
While cryptographic change may sound feasible, it brings up an old but unresolved issue: governments control cryptography, and the cryptography systems they allow are not easily substituted or modified by law. In other words, bureaucracies manage business access to cryptography. Almost every government in the world now has some cryptographic regulations, and the choices for implementation are affected by the Lowest Common Bound of Cryptography for business use. This impacts the ability of business to access good (strong) cryptography.
The Black Forest Companies (companies in the Global 100) recognize that government influence in this area is inevitable. As long as nations see cryptography as highly strategic in the military, diplomatic, and law enforcement areas, this attitude is not likely to change. Yet, business needs move quickly and business access to greater numbers in the types of cryptography available can be slowed to a standstill or, through government inattention, left to languish along the Internet highway. Without some action and influence by business this status quo will not change. Thus, it is important that businesses ask for and receive access to better types of cryptography, through business organizations or influence groups able to persuade government to provide higher levels of cryptography to business.
Asking governments for permission after you have made a different choice in cryptography is like asking for permission when you already tasted the pie; forgiveness is not likely. In many cases, governments have already laid down the rules which new and better cryptography must follow to be acceptable. Although governments will undoubtedly have influence on what cryptographic systems are approved for commercial use, they are probably not going to be the major suppliers of cryptography for value-laden commercial transactions. There will probably be several suppliers of cryptography in the market place. What we need is an organization for gaining cryptography approval on an international basis.
The Future of PKI Services
Commercially scalable and maintainable PKI services offered today may soon be used for operations beyond the current integrity and confidentiality services of secure e-mail. As a result, any framework for approving and issuing cryptography should take into consideration the number of suppliers as well as the variety of products.
Even with governmental approval and a variety of cryptography products, there still needs to be a secure method for implementing these products. The study of security reveals that cryptography cannot be implemented in a higher layer, like applications, since the integrity of the secrets is always in question. Also, international cryptography regulations require that the implementations of strong cryptography not be substitutable-the "cryptography with a hole" problem. Application developers are thus faced with a problem they cannot solve without support from the operating system, or they must use applications employing weak cryptography by Lowest Common Bound governmental mandates which accept abrogated "trust" for the safety and integrity of their secrets at every level of the system. Otherwise, the application developers must become cryptography experts and export lawyers.
Don't Forget the Integrators
Integrators should also have the benefit of widely available cryptography and an operating system-level API to access the cryptography. This provides a governmentally correct method to access cryptography and leaves the export and import issues to the operating systems vendor. It also keeps integrators from having to deal with the serious questions of changing international cryptography.
It is natural that the provider of the operating system also provide the cryptographic API set. The value for applications programmers is in the API set, while the cryptography-with-a-hole problem is solved by the operating systems vendors. This allows vendors to sell product in every country, without the requirement of a code changed for the local changing or various cryptographies.
A civil cryptography framework allows for the interaction of many governments on various types of cryptography available. This means that businesses can have ready access to strong cryptography via the infrastructure.
* Originally published in Novell AppNotes
The origin of this information may be internal or external to Novell. While Novell makes all reasonable efforts to verify this information, Novell does not make explicit or implied claims to its validity.