From: smb@research.att.com
To: cypherpunks@toad.com
Message Hash: 7acffc76ba3ede3703dd53b97d0099ee55209c2b5d0a26a7a203ce00f9784cf8
Message ID: <9406172135.AA21111@toad.com>
Reply To: N/A
UTC Datetime: 1994-06-17 21:35:46 UTC
Raw Date: Fri, 17 Jun 94 14:35:46 PDT
From: smb@research.att.com
Date: Fri, 17 Jun 94 14:35:46 PDT
To: cypherpunks@toad.com
Subject: a bit more information on key escrow
Message-ID: <9406172135.AA21111@toad.com>
MIME-Version: 1.0
Content-Type: text/plain
I and a few others sent a short list of questions to Dorothy Denning
and Steve Kent, with a request that they forward them to the other review
panel members. Here are Denning's answers. I do not know if they
represent the view of the other committee members, or if more details
will be forthcoming. In particular, I do not know if anyone on the
committee will ask NSA to declassify any information relative to these
questions. I did ask that if the answer to anything was ``it's
classified'', that a persuasive rationale for the classification
status be given.
Reposted with permission....
--Steve Bellovin
------- Forwarded Message
Date: Fri, 17 Jun 94 16:01:43 EDT
From: denning@chair.cosc.georgetown.edu (Dorothy Denning)
Steve,
Here are answers to the questions you asked. The answers generally
apply to the current system. In some cases, I noted changes that will
be made in the target system that is under development.
Regards,
Dorothy
Questions on Key Escrow
1. How are the halves of the unit key generated? What is
the function?
The Device Unique Key (KU) is a function of two Random Seed
values that are brought to the chip programming facility
by Escrow Officers from each of the Escrow Agents,
arbitrary input from the keyboard provided by the Escrow
Officers, and the Device Unique Identifier (UID). The exact
function is classified in order to avoid revealing
cryptographic principles about generating good keys.
2. How are the seeds generated for the unit key generation
process? These are extremely sensitive values, since
their compromise could give away an entire production run.
Each Escrow Agent generates a separate Random Seed using a PC
and NIST-developed smart card. The smart card implements a
pseudorandom number generator (PRNG) approved for cryptographic
key generation in FIPS 171. Input from the keyboard as well as
keystroke timing are used as input to the Secure Hash
Algorithm. After hashing, the result is fed to the PRNG.
Compromise of the Random Seed values could not give away an
entire production run since the Unique Keys are also a function
of arbitrary input from the keyboard. In addition, the
algorithm for generating the KU values, being classified, is
not generally available.
3. How is the serial number generated? Randomly? With only
32 bits, the probability of a collision is moderately high.
The serial numbers are generated in sequence.
4. How are the seeds destroyed after generation?
The Escrow Officers bring the seeds on floppy disks. These
disks are to be destroyed or stored in the double-locked safe
inside the programming facility (SCIF) until they can be
destroyed.
The seeds and all other key data is erased from the memory and
hard disk of the computer used for key generation at the end of
a programming session. The disk is then stored in the safe.
5. How is the session key encrypted within the LEAF?
The details of the LEAF creation method, including the exact
modes of encryption used, are classified in order to make it
more difficult to build an interoperable rogue product that
produced fake LEAFs in the event the Family Key should be
compromised, and also to avoid revealing cryptographic
principles.
6. How is the entire LEAF encrypted? The LEAF/IV package use
in Tessera? In particular, is the family key used for
session-level cryptographic protection of the IV?
The IV is passed in the clear. See 5 about how the LEAF is
encrypted.
7. How is the checksum in the LEAF calculated?
See 5.
9. What is the nature of the key exchange and key negotiation
protocol?
The key exchange protocol on the Capstone chip is classified to
avoid revealing cryptographic principles of key generation and
exchange. However, it is not a requirement to use this
algorithm. Other techniques can be used instead. The Escrowed
Encryption Standard (EES) does not specify a key exchange
method and the Clipper chip does not implement one.
10. How does the Tessera card generate its random keys and IVs?
A true random number generator? A pseudo-random number generator?
How is it seeded? From a true random source? Why not use that
all the time?
There is a true random number generator on the Capstone chip.
This can be used to generate all random values including the
IV. The target programming device may use this random number
generator in the generation of Device Unique Keys, but it would
not replace the entire algorithm.
11. How are escrowed keys protected during transport and storage?
What about backup?
Escrowed Key Components are stored in encrypted form on floppy
disks inside double locked safes. It takes 2 Escrow Officers at
each Escrow Agent site to open a safe, and it takes an Escrow
Officer from each Escrow Agent to form the Key Enciphering Key
(KCK) needed to decrypt the Encrypted Key Components. KCK is a
function of two Key Numbers, KN1 and KN2, each of which is held
by one of the Escrow Agents in its safe.
For backup, there are two copies of key escrow data in each
safe. In addition, each Escrow Agent has a backup safe, which
contains an additional two copies.
Encrypted Key Components are transported on floppy disks inside
tamper-detecting packages. A number is written on each
package. Upon arrival, the packages are checked for tampering and
the numbers are checked. In the target system, key escrow data
will be transmitted electronically using cryptography for
protection.
12. What mechanisms will protect the key halves during transmission
to authorized wiretap agents?
The same methods as for 11.
13. How will an audit trail be maintained of unit key requests
and usage?
Audit records are written for the following events: generation
of keying material, storage of and access to keying material,
request for Key Components, confirmation of a key release
certification, and notification that a Unique Key was deleted
in the Decrypt Processor. These records are kept in the double
locked safes under two person control.
14. How will wiretap keys expire?
When the Escrow Officers load the Key Components into the
Decrypt Processor, they also type in the expiration date. The
date is stored with the Unique Key, but the person operating
the Decrypt Processor must issue a command to delete the key.
When that happens, the Escrow Agents are to be notified of the
key deletion. In the target system, the key will be deleted
automatically when the court order expires, and the
notification will be sent automatically from the Decrypt
Processor.
------- End of Forwarded Message
Return to June 1994
Return to “smb@research.att.com”