1996-01-17
Craig A. Johnson
Matt Blaze, the AT&T engineer who cracked the code on the Skipjack
logorithm underlying the Clipper chip, reports that Microsoft is
claiming some middle ground in the encryption export wars.
The following is excerpted from a message by Blaze appearing on
David Farber's IP list. The full post will be placed in the Cyber
Rights Library.
--caj
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Date: Wed, 17 Jan 1996 10:28:59 -0500
From: Dave Farber <•••@••.•••>
Subject: IP: Microsoft's CAPI
Date: Wed, 17 Jan 1996 10:02:27 -0500
From: Matt Blaze <•••@••.•••>
(Excerpts)
"I attended a meeting at Microsoft the other day at which they
described their Crypto API project."
"They've defined 23 cryptographic services (establish key, encrypt,
etc.) that an application is expected to use for its cryptographic
needs. The idea is to hide the crypto details (and keys) from
applications, and to make it easy to switch from, say, wimpy
export-approved crypto to good crypto just by switching to another DLL
at load-time. The cryptography used depends on the crypto modules in
use at runtime. The API will be part of the WIN32 interface. The
next version of NT (and windows 95, I think), to be released in a few
months will support loading ``Cryptographic Service Providers'' (CSPs)
that contain the crypto functions that sit below the API. They have
(or will have soon) an application development kit to allow you to
write code that uses the API, and a CSP development kit to let you
write the crypto functions.
"The interesting part is that they say they've made a deal with the government
to
allow applications that use the API to be exportable as long as they
don't also try to implement crypto on their own.
"The API will be part of the WIN32 interface. The
next version of NT (and windows 95, I think), to be released in a few
months will support loading ``Cryptographic Service Providers''
(CSPs) that contain the crypto functions that sit below the API.
They have (or will have soon) an application development kit to allow
you to write code that uses the API, and a CSP development kit to let
you write the crypto functions.
"The OS will not load just any old Cryptographic Service
Provider (CSP). CSPs have to be signed by Microsoft. The kernel
contains a (hardcoded?) 1024 RSA public key that it uses to check
the signature when the user tries to load a CSP. If the signature
check fails, the CSP won't load. Microsoft says it will sign any CSP
from anyone AS LONG AS THEY CERTIFY THAT THEY WILL FOLLOW THE EXPORT
RULES. So you can get your CSP signed if you use exportable
cryptography or if you agree not to send it outside the US and
Canada, etc. But an end user can't just compile crypto code and use
it as a CSP, even for his or her own use, without getting it signed
by Microsoft first (actually, the CSP development kit does allow
this, but it uses a special version of the OS)."
"I think it will be easy to get around the CSP signature requirements
and use homebrew, unsigned crypto even with pre-compiled .exe files
from other sources."
~ CYBER-RIGHTS ~
~=-=-=-=-=-=-=-=~=-=-=-=-=-=-=-=-=~-~=-=-=-=-=-=-=-=~=-=-=-=-=-=-=-=-=~
For subscription info, archived postings/documents, and other useful
material, visit the CPSR Cyber-Rights Web Page at:
http://www.cpsr.org/cpsr/nii/cyber-rights/
You are encouraged to forward and cross-post list traffic,
pursuant to any contained copyright & redistribution restrictions.
~=-=-=-=-=-=-=-=~=-=-=-=-=-=-=-=-=~-~=-=-=-=-=-=-=-=~=-=-=-=-=-=-=-=-=~
