[2266] in cryptography@c2.net mail archive
Re: hp allowed to export strong crypto?
daemon@ATHENA.MIT.EDU (Stefek Zaba)
Mon Mar 9 14:25:31 1998
To: Tatu Ylonen <ylo@ssh.fi>
Cc: cryptography@c2.net
In-reply-to: Your message of "Sat, 07 Mar 1998 19:42:55 +0200."
<199803071742.TAA01578@pilari.ssh.fi>
Date: Mon, 09 Mar 1998 16:29:34 +0000
From: Stefek Zaba <sjmz@hplb.hpl.hp.com>
Tatu writes:
> The local Finnish computer weekly ("Tietoviikko") wrote in yesterday's
> issue that HP has gotten export permission for 128-bit 3DES without
> key escrow to a number of countries. They mention VerSecure.
>
> Does anyone know if this is true and what this is about? Is this a
> misunderstanding of the ICF, or something else?
>
[Summary: yes, it's about ICF, now called Versecure. Yes, HP has in-principle
approval for shipping "strong" crypto based on generic hardware units with
"dormant" crypto and (very probably) case-by-case licensed "selective
time-limited wakeup token issuing units".]
The official HP announcement and a degree of detail is Webbed at
http://www.hp.com/go/versecure
"Versecure" is the new marketing name for ICF: see
http://www.hpconnect.com/versecure/html/faqs.html#3
Most (probably all) of what you know about ICF applies to Versecure.
The HP announcement of fri27feb98 was about export approval at, as far as
I can work out, a "detailed-in-principle" level for the "framework" (concept,
architecture, detailed design) of ICF, in particular its "SDAs" - the
control points in the scheme which dole out tokens to "activate" selected
capabilities of the otherwise-dormant CUs (cryptographic units, i.e. the
hardware that's shipped in bulk, worldwide, without detailed US export control).
The announcement particularly concerned these SDAs - the announcement said
that HP had now "received government approval to export" these SDAs to a
list of 5 favoured nations: the United Kingdom, Germany, France, Denmark
and Australia. The announcement says this is only an initial list: "More
countries are expected to implement the VerSecure technology in the coming
months."
The announcement also made it clear that actual hardware (and SDA tools) is
not yet shipping: HP has announced this as a technology it is licensing to
partners; I can find nothing definitive on the website about whether HP will
itself ship Versecure-conformant products.
( http://www.hpconnect.com/versecure/html/faqs.html#10 in answer to
"Does HP deliver all the components of VerSecure technology?" says
"No. HP is working closely with hardware manufacturers to license
VerSecure technology for the cryptographic unit component." )
By implication, I guess HP may well plan itself to ship the "tools required
for the initial set up of the SDA" (see FAQ #24): and it's these tools and
the SDAs which the announcement of fri27feb98 deals with. Clarification is
still being sought as to the detail, but (again at FAQ #24) the indication
is that US government control ceases once an SDA has been approved for
export.
In particular, then, 128-bit 3DES *does* appear to be exportable from the
US within this framework: the list of "approved for export" algorithms at
http://www.hpconnect.com/versecure/html/crypt.html
includes "DES to TripleDES" with keylength in bits varying from 40 to 128,
and this same range of keylengths for RC2 and RC4, all *without* key recovery.
The same range of algorithms is also listed in variants which *do* enforce
key recovery.
Now, about what "approval to export" (as reported in the press releases)
means. Export approval for dual-use crypto items comes from the BXA
(US Commerce Dept Bureau of Export Administration), http://www.bxa.doc.gov/ .
As I understand matters, final export approval is granted for a specific
product, either in connection with one particular sale - which I expect
to be the case for SDAs, but what do I know - or as a broad "category" or
"commodity" license - which I expect, and the wording of FAQ #24 suggests,
will be the case for the CUs. Neither HP nor its licensees have yet
shipped concrete Versecure products, so final export approvals can't yet
be given. However, the bulk of the approvals process seems to have been done:
I understand that the approvals process is often run this way - an
approval-in-principle on the basis of detailed design, followed by a much
shorter final approval for products based on the previously submitted design,
rather than the "here's a product now give us a license whaddya mean it
could take months I've already AGREED to sell it overseas and the repo man is
breathing down my neck and my employees haven't been paid this month but it's
all gonna come right when we get the money from this huge overseas sale so
hurry it up dammit we pay our taxes for you people don't get in the way I'll
get my Congressman on you" method of export approval submission which, it's
said, can be a little counterproductive :-) All of which means that, though
final approval and technical details must await the shipping of concrete
product, timescales for which have not been announced, it looks as strong
crypto *not* under US policy control after the initial export approval (for
an SDA) could ship from the US under this framework.
In all of the above, I'm relying only on the HP Web-published materials;
though I work for HP (in England) on crypto stuff, I have no particular
connection with the Versecure programme, and can't and don't speak
"officially" for it or for HP on this list. The press contact given in
the press releases on the HP site is Bob Major at HP Cupertino; requests
for clarification should be directed in the first instance to him. As I
said in my earlier Versecure message on this list, I'm happy to pick up
reaction to Versecure fron y'all and pass it on internally as seems useful...
but I'm not able to provide much penetrating insight on ICF/Versecure
beyond what's on the HP websites.
Cheers, Stefek
