From: p.v.mcmahon.rea0803@oasis.icl.co.uk
Date: Thu, 9 Jun 94 17:45:03 PDT
To: cypherpunks@toad.com
Subject: RE: NIST to propose cryptographic APIs
Message-ID: <9406100045.AA28704@getafix.oasis.icl.co.uk>
MIME-Version: 1.0
Content-Type: text/plain








> NIST to propose cryptographic APIs
 
> patent rights issues for years. "They're not trying to work with
> industry on this," he said.

This is unfair. NIST have made efforts to work in both US, and international
industry groups on crypto APIs. For example NIST are represented this week
(here) along with IBM, HP, Novell, Olivetti, Bull, ICL, Amdahl, SCO, Sun,
SNI, Andersens etc at the X/Open Security Working Group.

>  NIST plans to unveil the APIs in about a month.

The NIST draft FIPS has already been contributed, along with other inputs 
from industry and government such as the draft X.9 Layered API for
Cryptographic Modules, IBM crypto APIs, Mosaic Interface Control
document, SESAME Basic Cryptographic APIs, Olivetti Cryptographic
APIs (etc), as input to X/Open.

I recall that the NIST crypto APIs work was also presented to IEEE POSIX
last year.


> >With the APIs, the user's application could make use
> >of any cryptographic algorithm, regardless or whether it's Digital
> >Encryption Standard, Skipjack or RSA, Smid said.
> 
> I'd be more interested in what kind of an API they have for SkipJack.
> Are they real API's or are we talking BlackBox programming?

I guess more black than "real".


Example:

The following are the main paremeters for the Encipher primitive:

 identifier   1 selects DES, 2 selects Skipjack
 mode         ECB, CBC, cipher feedback, output feedback
 plaintext
 key
 iv
 feedback     number of bits
 chain        whether chaining required, if so: where in chain
 status



- pvm