1992 Annual Report of the National Computer System Security and Privacy Advisory Board March 1993 TABLE OF CONTENTS Executive Summary. . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 I. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 Board's Establishment and Mission . . . . . . . . . . . . . . . . . . 4 Board's Charter . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 Membership. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 II. Major Issues Discussed. . . . . . . . . . . . . . . . . . . . . . . 6 A National Review of the Use of Cryptography. . . . . . . . . . . . . 7 Trusted Systems FIPS. . . . . . . . . . . . . . . . . . . . . . . . . 8 NIST's Digital Signature Standard . . . . . . . . . . . . . . . . . . 8 III. Advisory Board Correspondence. . . . . . . . . . . . . . . . . . . 9 Cryptographic Technology, Including Encryption. . . . . . . . . . . . 9 Exhibits. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9 IV. 1993 Advisory Board Workplan. . . . . . . . . . . . . . . . . . . . 49 INTRODUCTION. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49 APPROVED 1993 WORK ITEMS FOR CSSPAB . . . . . . . . . . . . . . . . . 49 Action Items. . . . . . . . . . . . . . . . . . . . . . . . . . . 49 National Review of Cryptography . . . . . . . . . . . . . . . . . . . 49 Data Encryption Standard Revalidation . . . . . . . . . . . . . . . . 49 Public Key Cryptography . . . . . . . . . . . . . . . . . . . . . . . 49 Telecommunications Security . . . . . . . . . . . . . . . . . . . . . 50 Trusted System Criteria and Evaluation. . . . . . . . . . . . . . . . 50 Computer Security Guidelines and Standards. . . . . . . . . . . . . . 50 Security Evaluation Process . . . . . . . . . . . . . . . . . . . . . 50 Privacy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 50 Changes in National Computer Security Policies. . . . . . . . . . . . 51 Implementation of the Computer Security Act . . . . . . . . . . . . . 51 Risk and Threat Assessment. . . . . . . . . . . . . . . . . . . . . . 51 Electronic Data Interchange (EDI) Security. . . . . . . . . . . . . . 51 The National Computer Security Conference . . . . . . . . . . . . . . 51 Monitoring Activities . . . . . . . . . . . . . . . . . . . . . . . . 52 Security and Open Systems . . . . . . . . . . . . . . . . . . . . . . 52 Effective Use of Security Products and Features . . . . . . . . . . . 52 Status of Computer Emergency Response Capabilities in Civil Agencies. 52 International Hacking . . . . . . . . . . . . . . . . . . . . . . . . 52 Local Area Network (LAN) Security . . . . . . . . . . . . . . . . . . 53 Information Security Foundation . . . . . . . . . . . . . . . . . . . 53 Security and the Public Switched Network. . . . . . . . . . . . . . . 53 Citizen Access to Government Electronic Records . . . . . . . . . . . 53 V. Conclusions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 53 LIST OF APPENDICES A - Computer Security Act of 1987 (See separate file) B - Charter (See separate file) C - March Agenda and Minutes D - June Agenda and Minutes E - September Agenda and Minutes F - December Agenda and Minutes G - Federal Register Notices (not included) Executive Summary This Annual Report documents the activities of the National Computer System Security and Privacy Advisory Board during 1992, its fourth year. The Board, which met four times during the year, was established by Congress through the Computer Security Act of 1987 to identify emerging computer security issues. Dr. Willis Ware of RAND has served as Chairman of the Board since July of 1989. The Board identified the need and called for a National Cryptographic Review and has issued letters containing the Board's positions and recommendations to the appropriate Executive Branch officials. The letters identified issues surrounding cryptographic standards and the strength and availability of cryptographic products. The Board's recommendations for the review stressed the need to involve participants from a variety of communities, including: manufacturers, users, government unclassified, the Intelligence Community, law enforcement and others. The Board worked hard to guarantee appropriate public participation in this review before final decisions were made in the federal government. During the past two years the Board has continued to monitor the agency visit program by the Office of Management and Budget (OMB), the National Institute of Standards and Technology (NIST), and the National Security Agency (NSA). This was a series of meetings between senior federal agency officials and OMB/NIST/NSA representatives to discuss agency computer security programs. In January 1992, the Board sent a letter to the Director of OMB supporting the visit program and recommending that a summary report be prepared. In its final report on these visits, OMB referenced the Board's support for this activity. The federal criteria effort between NIST and NSA was also of continued interest to the Board this year. The Board asked for updates at each meeting to closely follow the effort's progress. While the Board took no universal position, some individual members expressed views somewhat skeptical of the overall project's goals and objectives. Next year the Board will continue to monitor this endeavor. NIST's cryptographic standards activities were closely followed by the Board this year. This included NIST's proposed digital signature standard and secure hash standard. In March 1992, the Board agreed not to take a formal position on the DSS until related cryptographic review issues were completed. Much of the September meeting was largely devoted to cryptographic issues including NIST's standards activities. The Board also examined a number of other issues, including: Virus Incidents; E-Mail Privacy; NIST's Information Technology Security Handbook; Information Technology Research Programs of the European Community; and Security Issues Inherent in Citizens Access to Government Electronic Records. The Board did not take a formal position on these issues, judging that to do so would be premature. However, the Board did provide a useful public forum for discussions of computer security issues within the unclassified sectors of the government. The Board also established a work plan for 1993 which identified candidate topics for in-depth examination. These include: - National Review of Cryptography; - Data Encryption Standard Revalidation; - Public Key Cryptography; - Telecommunications Security; - Trusted System Criteria and Evaluation; - Computer Security Guidelines and Standards; - Security Evaluation Process; - Privacy; - Changes in National Computer Security Policies; - Implementation of the Computer Security Act; - Risk and Threat Assessment; - Electronic Data Interchange (EDI) Security; - The National Computer Security Conference; - Monitoring Activities; - Security and Open Systems; - Effective Use of Security Products and Features; - Status of Computer Emergency Response Capabilities in Civil Agencies; - International Hacking; - Local Area Network (LAN) Security; - Information Security Foundation; - Security and the Public Switched Network; and - Citizen Access to Government Electronic Records. The Board has expressed a desire to maintain a continuing interest in certain specific aspects of the NIST program or to receive periodic briefings on various critical issues, including: - NIST's Cryptographic Standards; - NIST/NSA Criteria Project; and - The Revision of A-130, Appendix III. These issues, coupled with an ever growing number of new security-related public policy issues, clearly demonstrated the extensive work which lies ahead for the Board in 1993 and beyond. I. Introduction Board's Establishment and Mission The passage of the Computer Security Act of 1987 (P.L. 100-235, signed into law on January 8, 1988 by President Reagan) established the Computer System Security and Privacy Advisory Board. The Board was created by Congress as a federal public advisory committee in order to: identify emerging managerial, technical, administrative, and physical safeguard issues relative to computer systems security and privacy. Appendix A includes the text of the Computer Security Act of 1987, which includes specific provisions regarding the Board. The Act stipulates that the Board: - advises the National Institute of Standards and Technology (NIST) and the Secretary of Commerce on security and privacy issues pertaining to federal computer systems; and - reports its findings to the Secretary of Commerce, the Director of the Office of Management and Budget (OMB), the Director of the National Security Agency (NSA), and appropriate committees of Congress. Board's Charter The Board was first chartered on May 31, 1988 and was rechartered for a second time on March 27, 1992 by U.S. Department of Commerce Assistant Secretary for Administration Preston Moore. (See Appendix B for the text of the current charter.) Consistent with the Computer Security Act of 1987, the Board's scope of authority extends only to those issues affecting the security and privacy of unclassified information in federal computer systems or those operated by contractors or state or local governments on behalf of the federal government. The Board's authority does not extend to private sector systems (except those operated to process information for the federal government) or systems which process classified information or Department of Defense unclassified systems related to military or intelligence missions as covered by the Warner Amendment (10 U.S.C. 2315). Membership The Board is composed of twelve computer security experts in addition to the Chairperson. The twelve members are, by statute, drawn from three separate communities: - four members from outside the Federal Government who are eminent in the computer or telecommunications industry, at least one of whom is representative of small or medium sized companies in such industries; - four members from outside the Federal Government who are eminent in the fields of computer or telecommunications technology, or related disciplines, but who are not employed by or representative of a producer of computer or telecommunications equipment; and - four members from the Federal Government who have computer systems management experience, including experience in computer systems security and privacy, at least one of whom shall be from the National Security Agency. Currently, Dr. Willis H. Ware, a senior researcher of the Corporate Research Staff of RAND, serves as Chairman of the Board. He was appointed in July 1989 following consultation with Congress which determined that it was inappropriate for a NIST official to chair the Board. As of December 1992, the full membership of the Board is as follows: - Chairman Willis H. Ware, RAND - Federal Members Bill D. Colvin, National Aeronautics and Space Administration Patrick R. Gallagher, National Security Agency Henry H. Philcox, Department of the Treasury, IRS Cynthia C. Rand, Department of Transportation - Non-Federal, Non-Vendor Cris R. Castro, ManTech, Inc. John A. Kuyers, Ernst and Young Sandra Lambert, Citibank Eddie L. Zeitler, Fidelity Investments - Non-Federal Gaetano Gangemi, Wang Laboratories, Inc. Steven B. Lipner, Digital Equipment Corporation, Subsequently of the MITRE Corporation Stephen T. Walker, Trusted Information Systems, Inc. Bill Whitehurst, International Business Machines Corp. During 1992, Ms. Sandra Lambert was confirmed as a Board member filling the vacancy in the non-federal, non-vendor category. In addition, Mr. Bill Whitehurst of IBM Corp. replaced Mr. Lawrence Wills in the non-federal category, and Dr. Willis Ware was re-appointed Chairman. NIST's Associate Director for Computer Security, Mr. Lynn McNulty, serves as the Board's Secretary and is the Designated Federal Official (DFO) under the Federal Advisory Committee Act. The DFO is responsible for ensuring that the Board operates in accordance with applicable statutes and agency regulations. Additionally, the DFO must approve each meeting and its agenda. Through the Secretariat, NIST provides financial and logistical support to the Board as stipulated by the Computer Security Act of 1987. II. Major Issues Discussed The following section summarizes the discussions held by the Board in 1992. Additionally, the Board accomplishes much informal, non-decisional, background discussion and preparation for meetings by electronic mail between meetings. The Board's activities also complement the other activities of the Board's members, several of whom are quite active in many aspects of these topics. Note that the minutes and agenda from the March, June, September, and December meetings are included as Appendices C to F, respectively. The required Federal Register announcement notices for the meetings are presented in Appendix G. The substantive work of the Board during 1992 was devoted to various topics related to the security of federal unclassified automated information systems. Among the most important were: - A National Review of the Use of Cryptography; - Trusted Systems FIPS; and - NIST's Digital Signature Standard. A National Review of the Use of Cryptography During 1992, the Board identified the need for a national review of the public policy issues regarding the use of publicly available cryptography. The issue arose following the Board's examination of NIST's proposed DSS. The factors which led to the selection of this algorithm were indicative of larger issues, compounding the need for a national review. In March, Mr. Steve Walker proposed that the Board call for such a review. The Board explained that it saw the need for input from a wide variety of communities, including: - The federal government for its own operational needs and in its role within the international community; - The defense establishment, notably the communications security and various intelligence functions; - Law enforcement for not only its own security needs but also for counter- intelligence actions against law-breaking organizations; - Civil and other non-classified government to protect its unclassified yet sensitive data; - Private sector corporations that function domestically and internationally and must protect sensitive data and communications; - Society at large as users of telephony and other services that must assure confidentiality and privacy for communications; - The individual as a user of personal computers and the data networks of the world with their extensive array of information services; and - The academic community in pursuit of a legitimate discipline of study and research. The Board agreed with Mr. Walker's proposal and sent a letter to cognizant governmental officials with their recommendation for the review. (See Exhibits III and V.) During the year, the Board also sought to assist NIST in identifying prominent organizations and individuals who should participate in the review. In fact, a special three-day meeting was called by the Board in September for just this purpose. Facing a change of administrations following the Presidential election, the Board agreed to send two letters. The first was sent to Bush Administration officials urging that they notify their transition teams of the importance of the review. The second letter was sent to Clinton Administration officials urging them to support the review, (See Exhibits VII and IX.) Related to this effort, the Board also monitored the development of an agreement between the Software Publishers Association and the National Security Council to allow the expedited export of products containing specified cryptographic algorithms. The Board was particularly interested in the strength of the algorithms and their potential to emerge as defacto standards. Trusted Systems FIPS During 1992, the Board continued to monitor the joint NIST and NSA project to develop a replacement for the Department of Defense "Orange Book," the Trusted Computer Security Evaluation Criteria. The Board heard updates from Stu Katzke and Gene Troy of NIST's Computer Security Division and Lt. Col. Ron Ross of NSA on both the criteria effort and the Trusted Technology Assessment Program, under which evaluations against the criteria will be conducted. A first draft of the FIPS was expected to be released in January, 1993. The Board plans to continue to monitor this effort. NIST's Digital Signature Standard Since 1991, the Board has been actively interested in NIST's progress toward developing a DSS FIPS, which was proposed by NIST in mid-1991 for public review and comment. In February 1992 the public comment period for NIST's proposed DSS closed. The Board was briefed on the comments received by NIST and how NIST planned to respond. A number of issues remain outstanding before NIST recommends the adoption of the standard to the Secretary of Commerce for approval. The Board will continue to pursue its interest in this issue. Comments from the private sector were generally negative while those from federal agencies were neutral to favorable. Many also called for a federal key management standard using public key cryptography, which NIST is studying. In December 1991, the Board authorized and directed the Chairman to meet with Dr. John W. Lyons, Director of NIST, to express their concerns with respect to the DSS. In early 1993, Dr. Ware met with Dr. Lyons regarding the private sector opposition to DSS. Dr. Lyons said the private sector would have to clearly explain the negative economic impacts of the DSS if a change is desired. Dr. Lyons does not see a case from the DSS comments that the adoption of the DSS would cause significant financial hardship or dislocation for the private sector.III. Advisory Board Correspondence During 1992, the Board issued letters reporting its findings on cryptographic technology and the call for a national review of the issue. Cryptographic Technology, Including Encryption The Board issued a letter to the Secretary of Health and Human Services expressing its concerns for the need to protect the confidentiality of patient information. Also, on April 1, 1992, the Board issued letters to the Secretary of Commerce, the Department of Defense, the Attorney General of the Department of Justice, the Director of the Office of Management & Budget, The Director of the National Institute of Standards and Technology, and the Director of the National Security Agency, soliciting their support of a call for a national review of the use of cryptography. A resolution calling for a national review and two related resolutions pertaining to the endorsement of the DSS were included as enclosures to the letters. Exhibits The Board's correspondence and replies (when received) are included in the following exhibits: Exhibit I Letter dated, March 31, 1992, from Chairman Ware to the Honorable Louis Sullivan of HHS on protecting the confidentiality of patient data and patient records. Exhibit II Answer from Jeff Sanders, Director, Office of Legislation & Policy. Exhibit III Letter dated, April 1, 1992, from Chairman Ware to the following on the issue of a national cryptographic review: Honorable Barbara Hackman Franklin Secretary of Commerce Mr. Duane P. Andrews Department of Defense Honorable Richard G. Darman Office of Management & Budget Dr. John W. Lyons Director, National Institute of Standards and Technology Vice Admiral W.O. Studeman Director, National Security Agency Exhibit IV Answer from Under Secretary of Commerce for Technology (Dr. White) to Chairman Ware agreeing with a national cryptographic review Exhibit V Follow-up letter from Chairman Ware to the following on the issue of a national cryptographic review: Honorable Richard G. Darman Office of Management & Budget Honorable William P. Barr Attorney General Mr. Duane P. Andrews Department of Defense Vice Admiral John M. McConnell, USN Director, National Security Agency Exhibit VI Answer from the following to Chairman Ware regarding a national cryptographic review: Mr. James B. MacRae, Jr. Office of Management & Budget Mr. Duane P. Andrews Department of Defense Vice Admiral John M. McConnell, USN Director, National Security Agency Exhibit VII Letter dated, December 16, 1992, from Chairman Ware to the following requesting that appropriate action be taken on and the new administration be made aware of the issue of a national cryptographic review: Honorable Barbara Franklin Department of Commerce Honorable William P. Barr Attorney General Honorable Nicholas F. Brady Department of the Treasury Honorable Richard B. Cheney Department of Defense Honorable Richard G. Darman Office of Management & Budget Honorable Lawrence S. Eagleburger Secretary of State Honorable Robert M. Gates Director of Central Intelligence Honorable Brent Scowcroft Assistant to the President for National Security Affairs Exhibit VIII Answer from Mr. Theodore J. Clark, Central Intelligence Agency, to Chairman Ware in support of a national cryptographic review Exhibit IX Letter dated, January 22, 1993, from Chairman Ware to the following requesting support of a national cryptographic review: Honorable Ronald H. Brown Secretary of Commerce Honorable Les Aspin Department of Defense Honorable Warren Christopher Department of State Honorable Lloyd Bentsen Department of Treasury Mr. William S. Sessions Director, Federal Bureau of Investigation Honorable Anthony Lake National Security Council Honorable Robert Rubin Director, National Economic Council Honorable Leon Panetta Director, Office of Management and Budget Exhibit X Answers from the following to Chairman Ware regarding a national cryptographic review: Honorable Ronald H. Brown Secretary of Commerce Mr. William D. Clarke Department of State Mr. William S. Sessions Director, FBI Honorable Robert E. Rubin Director, National Economic Council IV. 1993 Advisory Board Workplan I. INTRODUCTION This section sets forth the proposed 1993 work plan for the Computer System Security and Privacy Advisory Board (CSSPAB). This document, approved by the Advisory Board, is intended to be used as a planning guide for the Board's 1993 activities. The Board recognizes that other subjects not previously identified in this planning document may arise during 1993. The Board reserves the right to address any matter that pertains to its fundamental missions and may modify its program plan to meet evolving situations and changing priorities. II. APPROVED 1993 WORK ITEMS FOR CSSPAB A. Action Items. The Board will examine the following topics during its 1993 program year: A.1. National Review of Cryptography. In March 1992, the Board recommended a national level review of the use of cryptography for protecting unclassified information. In its June and September meetings, the Board heard commentary on issues surrounding the national review. The Board will continue to follow this important issue in 1993 with emphasis on the impact that the Data Encryption Standard (DES) revalidation decision, the recent Software Publishers' Association/U.S. Government agreement, and the Digital Signature Standard (DSS) will have on this review. In conjunction with this item, the Board will pursue these related topics: A.1.a. Data Encryption Standard Revalidation. The DES will come up for revalidation in early 1993. The Board may be the only public forum, outside of the Congress, where this matter can be discussed in a dispassionate manner by knowledgeable individuals from the public and private sectors. The Board will review developments in this subject area. A.1.b. Public Key Cryptography. The Board will continue to review the progress in developing a Digital Signature Standard for use by the unclassified segment of the Federal Government. Of equal importance will be an examination of the infrastructure issues related to the use of public key cryptography by Federal agencies. Regardless of the algorithm to be selected as the basis for the standard, it is important that critical policy and technical alternatives be identified for managing the issuance and distribution of certificates. Which organizational entities of the Government should have operational responsibilities for the infrastructure? A.1.c. Telecommunications Security. Law enforcement and national security interests have advocated legislation that might place limits on the security of the communications facilities available to the public. The Board will review the implications of current proposals for the security and privacy of computer and communications systems available to civil Government and the private sector. A.2. Trusted System Criteria and Evaluation. The Board has followed the development of Federal Computer Security Evaluation Criteria during 1992. This criteria, expected to become available in early 1993, will play a critical role in the evolution of trusted system technology in the U. S. and internationally. The Board will closely follow developments with the Federal Criteria, their relationship with the DoD Trusted Computer System Evaluation Criteria (TCSEC), and the mechanisms being evolved for the conduct of evaluations in the U.S. The following specific topic areas will be covered: A.2.a. Computer Security Guidelines and Standards. The Board will monitor the National Institute of Standards and Technology (NIST) and the National Security Agency (NSA) plans and programs for the international harmonization of computer security requirements as well as their experiences and plans for guidelines, standards, and interpretations. The Board will pay particular attention to the execution of the NIST/NSA Work Plan on Trusted System Technology. A.2.b. Security Evaluation Process. The Draft NIST/NSA Work Plan on Trusted System Technology identifies the possibility of NSA focusing on the higher levels of trust with NIST participation (B2 and above) and NIST focusing on the lower levels of trust with NSA participation (C2 and B1), perhaps using the mechanisms of the National Voluntary Laboratory Accreditation Program (NVLAP). This suggestion may help increase the availability and timeliness of evaluated products at all levels by focusing attention and increasing resources available to specific areas. The Board will review the possibilities of this development through discussions and briefings from the NSA, the NIST, and civilian and defense organizations that would be affected by this new arrangement. One model for such an evaluation program might be the FIPS 140-1 cryptographic module product evaluation process. The Board will review this evolving process as part of its overall examination. A.3. Privacy. There is a continued interest in privacy issues in the public press with mixed signals coming from the general public, showing concern for privacy but unwillingness to pay for protection or be inconvenienced. The Board should review the measures that are needed or being taken by the Government to protect privacy in Federal programs and issue recommendations on what NIST and others should be doing to encourage protection of individual privacy. Specific briefings from agencies involved in handling personal information should be scheduled early in the year. The scope of this activity will also include monitoring developments in European privacy regulations to assess their potential impact upon U.S. entities. A.4. Changes in National Computer Security Policies. The Board will continue to receive written updates and briefings from the Executive Secretary on any pending or proposed changes in national computer security policies. This area will include the revision to Appendix III, Office of Management and Budget (OMB) Circular A-130, which the Board recognizes as a critical component in the foundation of security policy foundation for the Government's unclassified systems. A.5. Implementation of the Computer Security Act. Subsumed under this heading are the various related issues the Board would like to address in 1993 including the role of the Inspectors General in computer security, and computer security training and its effectiveness. The Board will review the current status of OMB/NIST/NSA agency security planning visits and plans for follow-up activities. A.5.1. Risk and Threat Assessment. The Board will review the state of risk management practices in the Federal Government, and make recommendations on the process by which agencies evaluate their threat, vulnerability, and risk posture in the process of devising cost-effective programs of security measures. The Board will review the status of FIPS Publication 65, Guideline for ADP Risk Analysis, and of agencies' application of this guideline. The Board will review the product of the DCI Threat IV study, and consider the extent of its relevance and availability to civil agencies. The Board will develop recommendations on the availability of threat data to civil agencies and on their use of threat and vulnerability data to perform risk analysis and develop security programs. A.5.2. Electronic Data Interchange (EDI) Security. Many Federal agencies are about to launch ambitious automation programs that will make extensive use of EDI technology. There are significant security policy and technical issues that must be addressed to assure that the use of EDI complies with the spirit and intent of the Computer Security Act and other existing computer security Government directives. The Board will address this issue both from a policy and technology perspective. A.6. The National Computer Security Conference. NIST and NSA have for over ten years jointly sponsored this major conference that brings together users, suppliers, and evaluators of computer security. The Board will review the status of the conference and the extent to which it serves the needs of the unclassified community and the civil agencies of Government. The Board will make recommendations as appropriate. B. Monitoring Activities. The Board has expressed a desire to maintain a continuing interest in various critical issues. The Board may choose to exercise its statutory reporting responsibilities if it believes that a specific issue has become sufficiently important to warrant such action. B.1. Security and Open Systems. A major segment of the NIST Computer Systems Laboratory program is directed to achieving the concept of open systems. The Board will review the current status of security within the open systems context and seek to identify any critical areas where security issues may impede the full utilization of open systems. One frequently voiced problem area involves the lack of an adequate public key based cryptographic key distribution standard. Is this a valid concern and are there other security gaps that need to be addressed by NIST and other standards entities? B.2. Effective Use of Security Products and Features. A study conducted by the President's Council on Integrity and Efficiency indicated that many security functions and features were either unused or misused by system administrators and users. The experience of emergency response teams further bears this out. The Board would like to examine what must be done to change this and whether better guidelines, training, etc., are needed on how to use basic security tools and features designed into existing products. B.3. Status of Computer Emergency Response Capabilities in Civil Agencies. The Board has heard from several sectors of the U.S. Government that have organized highly effective emergency response teams and centers. How well prepared are other agencies such as HHS, HUD, etc., to handle computer emergencies? Is there a requirement for such agencies to establish such a capability? Periodic briefings on the use of a Computer Security Incident Response Capability (CSIRC) and what lessons can be learned to improve security would be useful. Since most incidents occur because accepted routine security practices are not followed, should this not be well publicized as an awareness or training tool? B.4. International Hacking. Cases of international hacking such as those that Cliff Stoll documented seem to keep occurring. Hackers continue to exploit the same old vulnerabilities that Stoll and many others have documented. Where is the accountability for taking care of known problems? Also, there appears to be continuing organizational confusion on the international hacking problem (i.e., who in the Government, if anyone, is or should be responsible?). B.5. Local Area Network (LAN) Security. Federal agencies are experiencing significant security problems with the utilization of LAN technology. The pace of the installation of this technology, combined with the security exposures resulting from the use of LANs, has created a new level of risk for Federal information systems. Another aspect of this issue will be the potential explosive growth in the installation of wireless LAN technology over the next few years. The Board will examine the LAN issue to determine what can be accomplished to improve the security of installed LANs and what research, policy, and/or other initiatives must be undertaken to effect a long term improvement in LAN security. B.6. Information Security Foundation. The Board will monitor developments in this area and offer appropriate comments/guidance as needed. B.7. Security and the Public Switched Network. A number of studies have highlighted the vulnerabilities of the public switched network. At the moment, much activity is taking place behind closed doors on this issue, particularly in the National Security Emergency Preparedness arena. At some point, this issue needs to be surfaced and examined by the Board. B.8. Citizen Access to Government Electronic Records. There is considerable discussion underway concerning this issue. A legislative proposal, S. 1940, "Electronic Freedom of Information Improvement Act of 1991," was recently introduced for Congressional consideration. The Board will examine the information system security and related privacy issues inherent in this important public policy debate. V. Conclusions During 1992, the Board focused on the important issues which will affect the state of computer security in the years ahead, in particular, the strength and availability of cryptographic products and standards as well as international harmonized trusted system standards. The Board issued letters to appropriate Executive Branch officials and, to date, has received numerous responses supporting the national review effort. In September 1992, the Board called together a number of hardware/software vendors, cryptographic product vendors, public advocacy groups and stakeholders/users to identify and recommend issues which NIST should ensure are covered in the review and to recommend an approach to conducting the review. The federal criteria effort between NIST and NSA was also of continued interest to the Board this year. Some Board members noted the need for a broad cross section of users to participate in the development and review process of the federal trusted criteria document. While the Board took no universal position, some individual members expressed views somewhat skeptical of the overall project's goals and objectives. The Board has continued to monitor the agency visit program by OMB/NIST/NSA and sent a letter to the Director of OMB noting particularly, the enthusiastic reactions of agency participants that visits to their agencies have resulted in greater awareness of computer security issues on the part of senior officials in their organizations. The Board also developed its work plan and priorities for 1993. The Board has begun to examine those issues which it should study further and has heard from a number of agencies and organizations as to their priorities on these important computer security issues. While the Board has initiated an action plan to identify emerging computer security and privacy issues, much remains to be accomplished in successfully addressing the computer security challenges of the 1990s. MINUTES OF THE MARCH 17-18, 1992 MEETING OF THE COMPUTER SYSTEM SECURITY AND PRIVACY ADVISORY BOARD March 17, 1992 I. Call to Order Dr. Willis Ware, Chairman of the Board, called the meeting to order at 9:00 a.m. at the Sheraton Inner Harbor Hotel in Baltimore, Maryland. Members present were: Gallagher, Wills, Gangemi, Philcox, Zeitler, Colvin, Rand, Kuyers, Lipner and Walker. The Chairman and Mr. Lynn McNulty, Board Secretary, welcomed Ms. Sandra Lambert, a nominee to the Board, who was also in attendance (in a non- voting capacity). Mr. Lynn McNulty, Board Secretary, provided the Board with an update of various computer security items, including: NIST's completion of a Memorandum of Understanding with the Canadian Communications Security Establishment, potential Congressional hearings on computer security, the Second Computers, Freedom and Privacy Conference, and the response from OMB to the Board's December letter. Mr. Colvin relayed to the Board a newsletter reference to the National Industrial Security Program, and requested that the Secretariat obtain further information for the members of the CSSPAB. (ACTION - SECRETARY) Mr. McNulty then reviewed the two bills proposing to restructure the Intelligence Community (S. 2198 and H.R. 4165). Both contain provisions which would expand the computer security role of the National Security Agency (NSA). NIST believes that the legislation was prepared in unintentional ignorance of the Computer Security Act of 1987. Mr. Gallagher emphasized that these were Congressional proposals; the Administration was not involved in their preparation. Mr. Gallagher also said that NSA is pleased with the current division of responsibilities and level of cooperation between NIST and NSA. The Chairman asked the Secretary to monitor progress of the bills. (ACTION - SECRETARY) II. NIST Update #1: Michelangelo Virus and NIST's Response Mr. Dennis Steinauer of NIST provided an update of the Michelangelo Virus Incidents. (See Reference #1.) The virus was first noted in February 1991, and has spread very rapidly, as compared to other computer viruses. One reason for this is that it was distributed via infected software products sold commercially. The virus is triggered by starting a system on March 6. At this time, insufficient data is available on the number of systems infected or for an estimate of losses. It does appear, however, that more systems were hit overseas. A taped news interview showing a brief review of NIST's activities to counter the virus was viewed by the Board. (As discussed below, the next day the Board agreed to send a letter regarding the performance of CERTs to OMB.) III. NIST Update #2: Trusted System FIPS Dr. Stu Katzke, Chief of NIST's Computer Security Division and Col. Ron Ross of NSA briefed the Board on the most recent activities of the joint NIST/NSA program to develop a single federal trusted criteria document. (See Reference #2 for details of their briefings.) Col. Ross noted that the project was on track with its scheduled milestones. In the discussion which followed, a number of Board members noted the need for a broad cross section of users to participate in the development and review process. The groups GUIDE, SHARE, the Council of Data Center Administrators, and ISSA were proposed for possible collaboration. Mr. Walker requested the names of the individuals involved in the criteria project. The Secretary agreed to obtain and distribute this information. (ACTION -Col. ROSS and SECRETARY) The Board requested a briefing at their next meeting on the status of the testing of products (Objective #4 as referenced in the presentation) first. IV. Privacy Enhanced Mail Following lunch, a panel was convened to discuss privacy enhanced electronic mail in the Internet. Mr. Morrie Gasser of Digital Equipment Corporation provided an overview of Internet Privacy Enhanced Mail (PEM). He emphasized that the goal of their work was to make enhanced security broadly available to the Internet community. He reviewed the aspects of the architecture, including the security services supported, discussed cryptographic keys and certificates, and certification authorities. The three types of PEM messages to be provided are: encrypted, message integrity check (MIC) only, and a variation on MIC without transfer encoding. Processing steps to be accomplished by the originator and recipient were also presented. Overall, Mr. Gasser sees PEM architecture as evolving as a basis for interoperable implementations. (See Reference #3.) Mr. Steve Walker, Board Member and President of Trusted Information Systems, Inc., briefed the Board on TIS's activities for PEM sponsored by DARPA. (See Reference #4.) The "RSAREF" product, available to individuals from RSA without charge, was then briefly discussed. Fees for services to be provided by the Certificate Authorities have not yet been established. V. Digital Signature Standard Update Next, Mr. Miles Smid, manager of the Security Technology Group of NIST's Computer Security Division, updated the Board on NIST's activities regarding the proposed draft Digital Signature Standard (DSS). Since the last meeting of the Board, the public comment period on the standard has officially closed. Approximately 110 comments were received by NIST. The majority of the comments from the private sector were negative while those from government organizations were generally neutral to favorable. The Board was generally pleased with the technical progress NIST has made in answering technical comments on the standard. For example, instead of fixing the modulus at a 512 bit quantity, NIST plans to allow the modulus to range in multiples of 64 from 512 up to 1024 bits. (See Reference #5.) During a discussion period following the formal presentation, Mr. Walker noted that at Congressional hearings calling for public key standards no distinction was made between signature and confidentiality standards. He asked when key management standards were going to be forthcoming. Mr. Smid replied that key management standards were still under development within the government. The situation with regard to patents remains unclear. NIST will be meeting shortly with individuals who claim that the DSS infringes their patents. Dr. Ware reported on his recent meeting with Dr. John Lyons, Director of NIST. (At the December meeting, the Board authorized the Chairman to raise the Board's concerns regarding the DSS with the Director.) Dr. Ware said that the private sector was going to have to become more vocal in their opposition to DSS if a change is desired. Dr. Lyons and Dr. Ware agreed that the patent issue remained a difficult one. Mr. McNulty added that Dr. Lyons did not see a case from the DSS comments that the adoption of the DSS would cause significant financial hardship or dislocation for the private sector. VI. National Cryptographic Strategy - Part I After a brief discussion of the United Kingdom's reluctance to standardize on encryption algorithms, Mr. Walker provided the Board with a proposed issue statement for cryptography. He proposed that the Board call for a public national review on the uses of cryptography. The proposal included statements regarding when the DSS should be considered for approval by the Secretary of Commerce. (These proposals were modified before adoption, as discussed below.) Mr. Walker started by noting that the law enforcement and national security communities make good arguments that making sound cryptography widely available is harmful. However, these issues are usually discussed behind closed doors within the government although there is a need for the discussion to be accomplished in public. The highest levels of the government should be required to decide the issue regarding the use of cryptography for commercial and unclassified sensitive government applications. Clearly, everyone is losing now; cryptography is becoming more widely available (harming law enforcement) while export controls remain in place (harming the commercial sector). Discussion of this issue continued the following day. VII. Information Security Technology Handbook Update Ms. Barbara Guttman and Mr. Ed Roback of NIST's computer security program, updated the Board on the progress NIST has made in developing a computer security handbook. Development of such a handbook was recommended to NIST by the Board in late 1990. Current plans envision completion of the handbook by mid-1993. (See Reference #6.) Wednesday, March 18, 1992 VIII. National Cryptographic Strategy - Part II Mr. Walker presented a draft recommendation for the Board's consideration in light of the prior discussions. Mr. Walker motioned for its approval, which was seconded by Mr. Lipner. The Chairman then stated that the issue was on the floor for discussion. The item of principal contentiousness was whether the motion would constrain NIST's activities to move forward with other activities (e.g., the infrastructure study) which would be necessary for the implementation of the DSS. The Board then agreed to develop additional clarifying language, which was considered later. IX. International Information Security Foundation Ms. Sandra Lambert, nominee to the Board, presented an update of the International Information Security Foundation. Mr. Cris Castro had intended to make the presentation, but was unable to attend. (See Reference #7.) X. IT Security Research Program of the European Community The meeting then turned to the European Community's (EC) "Information Systems Security Initiative." Mr. James Burrows, Director of NIST's Computer Systems Laboratory, presented a summary of a an earlier briefing given at NIST by EC personnel. (See Reference #8.) He reviewed the EC's actions in standards, verification and certification procedures, technological developments, regulation (in the context of policy making), and constructive international interaction. The projects and tasks of the security program were presented. Also, the EC's recommendations for future activities were examined. The disparity between the EC's $40 million program and NIST's $3.5 million security program was noted by Board members. A panel of industry representatives was convened to provide their reactions to the EC's plans. This panel consisted of: Mr. Stephen Kane, Sr. of Wang Laboratories, Mr. Steve Lipner (formerly of DEC), Board Member, and Mr. Steve Walker, (TIS) Board Member. Mr. Kane noted that he was concerned how vendors should respond to the EC to protect their own interests. He wondered whether the U.S. is doing anything to respond to the EC efforts. Mr. Walker noted the large size of the EC effort compared to NIST's program. There is a need for vendors to find a way to organize themselves with or without the government's assistance. Mr. Lipner said that NIST should do all it legally can to bring together such a government/industry capability to respond. Mr. Walker asked for the Board to be briefed on the vendors workshop at the June meeting. (ACTION - SECRETARY) XI. National Cryptographic Strategy - Part III Following lunch, another version (labelled "draft 2") of the proposal on cryptography was presented. Mr. Walker motioned to accept a portion of the document (through paragraph #2). After further discussion and a separation of the two proposed paragraphs labelled #3, three votes were held during this open, public session. The first resolution, calling for the national debate, was passed unanimously. The second, passed with Messrs. Gallagher and Gangemi opposing, resolved that "the approval of the Digital Signature Standard (DSS) by the Secretary of Commerce should be considered only upon conclusion of the national review." The third passed unanimously and resolved that "the Board defers making a recommendation on approval of the Digital Signature Standard (DSS) pending progress on the national review." (See Attachments #1-#3.) The Chairman agreed to prepare appropriate transmittal letters of the recommendations (which were sent on April 1, 1992, to the Director of NIST, the Director of NSA, the Secretary of Commerce, the Director of OMB, the Attorney General, and the Assistant Secretary of Defense for C3I.) XII. DIA's Compartmented Mode Workstation Mr. Michael Zajdek of the Defense Intelligence Agency (DIA) briefed the Board on a program summary and demonstration of DIA's Compartmented Mode workstation. (See Reference #9.) XIII. Public Participation No members of the public wished to address the Board. XIV. Wrapup The Chairman reminded the Board that comments on the draft annual report are due by the end of March. Also, he asked for the Board's permission to draft the cover letter for the resolutions and to send a letter to OMB regarding the performance of the CERT structure during the Michelangelo virus incidents. The Board approved these requests unanimously. (ACTION -CHAIRMAN) At the June meeting, the Board asked to hear presentations on: citizens access programs, the I2SF update, DSS update, the vendor workshop briefing, update on NIST/EC discussions, federal criteria update, and the NIST EDI workshop. The meeting was adjourned at 3:00 p.m. References Note: References are not included as attachments to the minutes, but are maintained on file with the Secretariat. #1 - Steinauer briefing #2 - Katzke and Ross briefings Lynn McNulty #3 - Gasser briefing Secretary #4 - Walker presentation #5 - Smid presentation CERTIFIED as a true #6 - Guttman/Roback presentation and accurate summary #7 - Lambert materials of the meeting #8 - Huber/Blatchford materials #9 - Zajdek presentation Attachments Willis Ware 1 - Resolution #1 Chairman 2 - Resolution #2 3 - Resolution #3 MINUTES OF THE SEPTEMBER 15-17, 1992 MEETING OF THE COMPUTER SYSTEM SECURITY AND PRIVACY ADVISORY BOARD Tuesday, September 15, 1992 Call to Order The Chairman, Dr. Willis Ware, called the meeting to order at 9:00 a.m. in Lecture Room D of the Administration Building at NIST. Mr. Edward Roback, Acting Board Secretary, reviewed the agenda and materials distributed to the Board. He welcomed Mr. Bill Whitehurst to the meeting, as a nominee for membership to the Board. The Chairman read a statement of purpose for the meeting, emphasizing that the meeting was to assist NIST in conducting the National Cryptographic Review, called for by the Board in March. (See Reference #1.) A quorum was present. Framing the Issues Mr. David Kahn, a reporter with Newsday and author of The Codebreakers surveyed the larger public policy issues inherent in the cryptographic issue. One of the central questions which must be addressed is whether we will have strong or weak cryptography available in this country. There is a direct linkage between the strength of cryptography and the ability to break codes in order to gather information. The Government has been concerned about this for years, as evidenced by ITAR export regulations, requests for prepublication review of cryptology-related articles by the National Security Agency (NSA), patent controls, the debate over the government's role in DES, and more recently DSS. He expressed the opinion that NSA is deeply divided between the two sides of the agency on this issue. Mr. Kahn also noted that there is a clash of two values but liberty does have its costs. A discussion followed. Technical Overview Professor Dorothy Denning of Georgetown University provided the Board with an overview of cryptography - including the differences between secret and public key based systems and between RSA and DSS digital signatures. (See Reference #2.) In answer to a question on the size of the DSS modulus, she noted that 512 bits was strong but if she were building a new system from scratch, she would aim for 700 or 1024. In a discussion of NIST's proposed reaffirmation of the DES standard, Dr. Denning noted that DES is perfectly adequate for at least another five, and possibly ten, years. She also stated that she disagreed with Mr. Kahn's positions on the use of cryptography. More citizens are concerned about crime than the protection of their e-mail. Liberty can not exist without law enforcement control. She is opposed to the loss of wire tapping capability of law enforcement. There are a number of registration procedures in this country (e.g., births, automobiles, etc.) and one could conceivably set up a registration process for cryptographic keys. These would be available under court order to decrypt encrypted communications Approaches to the National Cryptographic Review Mr. James Burrows, Director of NIST's Computer Systems Laboratory, briefed two possible approaches to conducting the Review. The first is a broad public policy approach which would examine the many public policy issues inherent in the widespread availability and use of cryptographic products. The second would be a focused approach to solve a specific problem - such as occurred with the Software Publishers Association (SPA) agreement with the National Security Council (NSC). (See Reference #3.) NIST has not selected an approach for the Review and sought the Board's input on the scope and approach to the Review, what specific outputs should be developed, what issues should be examined, who should participate, and the specific components to the Review. He did stress, however, that some national security and law enforcement issues would remain outside the scope of the Review. On a related issue, NIST is having difficulty obtaining accurate estimates of the market size for cryptographic products as well as future market projections. Such information would be useful for policy makers who should understand the business impact of any decisions which may be made with regard to cryptography. General discussion followed. Among the items discussed were the SPA agreement for the export of RC2/RC4 with 40 bit key size. This may become a de facto standard - and possibly obviate the need for the Review. It was suggested that whatever Lotus and Microsoft end up putting into their software may become the internationally accepted standard. Mr. Philcox noted the need for a market study, stratified by market segment, of the need for cryptographic products by time (e.g., 0-3 years, 3-8 years, 8+ years). The desirability of conducting a survey to assist NIST was considered. Mr. Burrows noted that NIST could only conduct a voluntary survey. However, since only interested parties were likely to respond, statistical problems were likely to arise. Dr. Ware then inquired of Mr. Burrows what NIST would do in the absence of any additional input from the Board. Mr. Burrows replied that he may start by collecting relevant national policies. He said it was possible to discuss the issue within the Administration to see how policies could be changed to help people - but accurate market estimates and projections were needed. He believes that there is far less flexibility on this issue than many outside of government believe. The market acceptance or rejection of the SPA/RC2/RC4 solution will also be important in such discussions. NIST Updates The Board then received an update of two NIST programs: 1) the Federal Criteria and 2) Cryptographic standards. Mr. Gene Troy, NIST Project Manager of the IT Security Criteria Project, reviewed the overall objectives of the federal criteria, the current status of the project, a proposed approach to a Trust Technology Assessment Program (TTAP), and a review of related international activities. Discussion followed on ways to decrease the time it takes to complete an evaluation. Mr. Gallagher clarified that the effort will produce a single criteria - jointly administered with NIST focusing its efforts on the low end while NSA focuses on the high end. Mr. Miles Smid, Manager of the Security Technology Group of NIST's Computer Security Division updated the Board on cryptographic standards activities at NIST. Approval of FIPS 140- 1 by the Secretary of Commerce is expected in the first quarter of FY-93. NIST is near to entering into a contract to develop validation tests for FIPS 140-1. Mr. Smid noted that he is proceeding with modifying the proposed DSS for publication for comments in the Federal Register. A workshop on DSS applications will be held at NIST on January 19-20, 1993. There will be a session at the NSA/NIST National Conference on electronic certification, which will include vendors and smart card applications. Dr. Ware inquired of Mr. Burrows what the status of the legal issues regarding claims of patent infringement were regarding the DSS. Mr. Burrows replied that they remained unresolved, but the issue was being worked. The Secure Hash Standard is being finalized for submission to the Secretary of Commerce. No substantive comments were received on the technical merits of the standard. Finally, on September 11, 1992, NIST proposed the third reaffirmation of DES in the Federal Register. Comments are due by December 10, 1992. Wednesday, September 16, 1992 Identification of Issues: Hardware/Software Vendor Perspective With the presence of a quorum, the session began with a joint presentation by Mr. David Peyton, Senior Director, Government Relations of the Information Technology Association of America (ITAA, formerly ADAPSO) and Mr. Robert Rarog, Manager, Export Policy, Digital Equipment Corp., on behalf of the Computer and Business Equipment Manufacturers Association (CBEMA). Mr. Peyton stated that ITAA and CBEMA strongly support a governmentwide review of commercial cryptographic security policy. He also presented their views as to the scope of the Review, opposition to the DSS, general support for reaffirmation of DES, and opposition to the FBI telephony proposal. (See Reference #4.) Mr. Rarog continued with a focus on the need to reform U.S. export controls on encryption products. (See Reference #5.) He reviewed issues such as why a Review is necessary and specifics of the ITAR export licensing process. The current controls do not achieve their objective since encryption products are available overseas and since mass-market software is basically uncontrollable. He stressed the need for DES-based products to be included in export control liberalization. The following should be involved in the Review: all affected federal agencies, all affected U.S. industry, academe, public interest groups, and user groups. Mr. Peyton was asked what his position was on whether DES needs to be strengthened. He replied that the proposed reaffirmation was just recently published and his organization had not yet reached a position on it. Regarding the use of encryption by member organizations, he stated that EMA would be a better source of information. Next, Ms. Ilene Rosenthal, General Counsel of the Software Publishers Association, provided that organization's input to the Board on holding the Review. She made five major points during her presentation: 1) encryption technology is and will be available worldwide: it cannot be effectively controlled; 2) U.S. Government attempts to restrict the use of encryption just hurt American industry; 3) the U.S. Government should not impede the competitiveness of America's software publishers through unrealistic export controls; 4) America's software publishers are trying to meet user demand for information security; and 5) because the technology is so widespread, the tradeoff between law enforcement/national security and privacy is illusory. (See Reference #5.) Following her presentation, she provided a summary of the process which led to the SPA agreement with the Administration for the export of RC2/RC4. A SPA press release on the agreement was also distributed. (See Reference #6.) Identification of Issues: Cryptographic Product Vendors Mr. D. James Bidzos, President of RSA Data Security, Inc. summarized his view of the cryptographic issues for the Board. (See Reference #7.) The Review is needed to balance the interests of industry with those of NSA. The DSS, proposed by NIST is too weak, too slow, has questionable origin, is not royalty free, is only half a standard (i.e., lacks key management capability), and ignores developments in the marketplace and international standards organizations. NIST has lost credibility in this proposal and appears to have been forced to cater to other interests. Two legislative proposals, S266 and FBI's digital telephony proposal, have been vigorously opposed by industry, academia, and many private citizens. Government policy on cryptography has caused friction and is unproductive. Regarding RC2/RC4, he stated RSA Inc. developed these encryption algorithms, which are not public-key based, in the mid-1980s. The algorithms, which have been incorporated into Lotus Notes have not been published at the request of the U.S. Government. He stated that products with RC2/RC4 and RSA have been exported. The recent SPA agreement gives the vendor every reason to adopt RC2/RC4 instead of DES. Next, Mr. Robert Fougner, Director of Licensing for Public Key Partners (PKP), told the Board that the proponents of DSS should be aware that DSS will not be royalty free, as the government has announced. Patents which cover the use of DSS were developed under funding by the National Science Foundation at Stanford University and MIT. Those universities granted non-exclusive government-use licenses to the U.S. Government; however, the extent of the license is not well defined. PKP, which was formed in 1990, has exclusive licensing rights to these patents and seeks to license the patents broadly and non-onerously. PKP has been successful in doing so. Clients include AT&T, IBM and many others. Mr. Fougner recently received an invitation from NIST to discuss licensing arrangements with NIST legal personnel. During the meetings it became clear that there are many common areas of thinking regarding a uniform licensing policy. He also noted that he did not believe that the timing of the meeting with NIST and the CSSPAB meeting were coincidental. For the record, the Chairman stated that the Board had no role in seeking a meeting between PKP and NIST. Mr. Paul Jones, Vice President for General Marketing of Racal-Guardata, Inc., provided the views of Racal-Guardata to the Board. (See Reference #8.) DES should be recertified, but plans should be initiated to develop a replacement, which will eventually be needed. Use of security should be mandated, for example for the protection of data on individuals. There will be a need for an enforcement authority to be established as well. Regarding the issue of export, he discussed the need for worldwide reciprocal agreements on export/import of cryptographic products. Identification of Issues: Public Advocacy Groups Professor David Farber, a member of the Board of Directors of the Electronic Frontier Foundation (EFF) summarized EFF's written submission to the Board. (See Reference #9.) Among other goals, EFF seeks to work to develop and implement public policies to maximize freedom, competitiveness, and civil liberty in the emerging electronic social environments. There is a need to take a comprehensive approach to examine the "digital privacy" policy as a whole. This requires looking beyond the cryptography questions to include issues raised by law enforcement regarding the pace of digital infrastructure innovation. Reliable privacy protection can not be achieved without the use of robust encryption. EFF also called for a robust public debate over the government's efforts to control cryptography. For example, EFF believes that NSA policy encourages firms to produce a single product for both domestic and worldwide use, resulting in minimal privacy and security for users both here and abroad. When addressing these issues, the Review must also examine the FBI's digital telephony proposal and its implications. The FBI proposal would require manufacturers to seek an FCC "license" certifying that their technologies are susceptible to electronic surveillance. In effect, the FBI proposal may create a domestic version of the export control laws for computer and telecommunication technology. The Computer Professionals for Social Responsibility (CPSR) was represented by Mr. Marc Rotenberg, Director of CPSR's Washington Office. Mr. Rotenberg reviewed the CPSR's interest in cryptography, the changing significance of cryptography in society, and the long-term questions raised by current policy debates. (See Reference #10.) CPSR recommends expanding the group of stakeholders, to include groups such as the ACLU, USPC, ACM, and IEEE, privacy and legal scholars, and policy makers. There is also the need to pursue a broad research agenda, to include: 1) an overview of current law and policy, 2) examination of several issue clusters, and the exploration of long-term policy questions. Finally, CPSR believes the Review should seek to establish a commission, convene hearings, and publish a report. Discussion followed. Identification of Issues: Users Mr. Robert Burke, Director of Corporate Services and Security, Monsanto Corp., and Chairman of the State Department's Overseas Security Advisory Council (OSAC), briefed the Board on the security needs and concerns of the OSAC membership. (See Reference #11.) Of particular concern to the members of OSAC (large FORTUNE 100 firms) is the need to protect trade secrets and other proprietary information. Many foreign government intelligence services are collecting this information for local firms. Because American firms are reluctant to publicly admit breaches of security, there are few detailed case histories which can be presented. Among the ways information is collected is via faxes, phone calls, telexes, hotel break-ins, and social contacts. American business' need for secure encryption overseas is very high. These products should be of a strength sufficient to withstand intelligence services' efforts to break the encryption. Current procedures, however, hinder exportability of needed products. Mr. Burke was clear that OSAC was not looking to the U.S. Intelligence Community for business intelligence reports or other such assistance. Ms. Vaune Rimkus, President of Information Systems Security Association (ISSA), provided an overview of ISSA's 2300 members and the benefits to U.S. industry of strong information security practices. (See Reference #12.) She was followed by Mr. Geoff Turner who provided ISSA's detailed perspective on national cryptographic policy issues. Mr. Turner's presentation focused on five issues: 1) cryptographic export controls, 2) FBI law enforcement initiatives, 3) federal public- key cryptography standardization, 4) renewal of DES as a federal standard, and 5) NIST, NSA, and the Computer Security Act of 1987. (See Reference #13.) During his talk he emphasized the need for NSA to be more open about export restrictions and the FBI to be more open regarding their requirements for wiretapping. The selection of the digital signature algorithm by NIST is endemic of a larger issue - namely the independence of NIST from NSA under the Computer Security Act. He believes that DES is good for at least another five years and noted that the SPA agreement was an excellent one. Public Participation During this period members of the public are afforded the opportunity to speak to the Board. Mr. James Bidzos asked the Board whether NSA's approval of RC2/RC4 for export was an implied endorsement of the algorithm. This was taken by the Board to ask the question of NSA. (ACTION - SECRETARY) (Secretary's Note: NSA replied that it was their standing policy not to comment on private algorithms.) Discussion with Stakeholders During a wide-ranging discussion with the earlier speakers, it was suggested that U.K. DTI may have useful economic impact data. RSA, which is planning to open a European office, stated that only locations in Belgium and Switzerland were being considered, given restrictive cryptographic export laws of other European countries. It was also mentioned that the Review proposed by the Board in March was not intended to be wholly public, but would include proprietary and classified components. Mr. Burrows relayed a summary of a recent visit by Microsoft's Bill Gates to meet with NIST officials. He envisions that all of their software products will incorporate encryption within five years. Board members then continued the discussion among themselves. A suggestion was made to recommend that a national (Presidential or Congressional) commission be chartered to conduct the Review. The proposal was not acted upon but was further discussed the next day. Advisory Board's Workplan for CY-1993 The Chairman announced that, with the approach of a new year, it was time to prepare a draft workplan for CY-1993. Messrs. Lipner, Walker and Whitehurst volunteered to serve on an ad hoc drafting committee to draft a plan for consideration at the December meeting. (ACTION - Messrs. LIPNER, WALKER and WHITEHURST) The Secretary was requested to e-mail a copy of the 1992 plan to the members of the committee. (ACTION - SECRETARY) Updates A brief update of the IISF was provided to the Board. SRI is taking the position that they own the IISF and has collected approximately $20,000 in restricted gifts, which are believed to still be in escrow. The IISF does not appear to be very active - and the organizing committee is planning to meet again to discuss if it will have a future. DSS Infrastructure The DSS Infrastructure briefing was postponed until December to allow for additional discussion of the cryptographic issues. (ACTION - SECRETARY) Thursday, September 17, 1992 General Accounting Office (GAO) Computer Security Review Plans Mr. Jack Brock, Director of Government Information and Financial Management at GAO, provided the Board with an overview of their activities in the area of computer security. GAO has traditionally not done a lot of work in the computer security area because of the lack of interest among their constituents. However, every two or three years a major incident occurs and GAO returns to the issue. Most systems GAO reviews do not follow applicable rules and procedures, are inadequately funded for security, have poorly trained staff, and do not use audit trails. The Department of Justice is the single agency at which GAO has done significant computer security work. GAO is working to develop a standardized computer security methodology for conducting computer security reviews. GAO is testing this approach during computer security audits at selected Department of Energy laboratories. GAO is also working on a generalized IRM methodology for audits, based on a life-cycle approach. General discussion followed, including comments on the requirement that GAO certify government financial systems. Discussion of Cryptographic Issues, cont. Discussion continued on whether to make any recommendations to NIST on conducting the Review. It was suggested that the Chairman be tasked to discuss the Review with officials in the government. Mr. Philcox pointed out the need to talk to Department of Commerce officials prior to going to other agencies. The Chairman replied that Dr. White would be the first person he would try to meet with. A motion was made, seconded, and passed with the sole objection of Mr. Colvin. (See Attachment #1.) Discussion returned to a larger proposal developed by Messrs. Lipner and Gangemi. A motion was made to recommend to NIST that it focus its efforts on collecting publicly available information which may be useful in conducting the Review. The motion was passed unanimously. (See Attachment #2.) Closing Finally, the Board discussed ideas for the December meeting, including hearing: government views on the Review, a report of the NSC/SPA October meeting, presentations by representatives of mass market software publishers, the 1993 workplan committee report, the DSS infrastructure study, a Congressional update, and threat information. The meeting was adjourned at 12:00 noon. Attachments # 1 - Resolution # 2 - Resolution References Lynn McNulty # 1 - Statement of Purpose Secretary # 2 - Denning # 3 - NIST - Burrows # 4 - ITAA/CBEMA - Peyton CERTIFIED as a true # 5 - SPA - Rosenthal accurate summary of # 6 - SPA Press Release the meeting # 7 - RSA - Bidzos summary # 8 - Racal-Guardata- Jones/Epstein # 9 - EFF - Farber #10 - CPSR - Rotenberg Willis Ware #11 - OSAC - Burke Chairman #12 - ISSA - Rimkus #13 - ISSA - Turner COMPUTER SYSTEM SECURITY AND PRIVACY ADVISORY BOARD RESOLUTION #1 September 17, 1992 The Board resolves to: Authorize and empower the Chairman of the Computer System Security and Privacy Advisory Board to discuss the National Cryptographic Review with appropriate Federal Officials. FOR: Zeitler, Walker, Gallagher, Gangemi, Lipner, Rand, Kuyers, Castro, Philcox AGAINST: Colvin ABSTAIN: none COMPUTER SYSTEM SECURITY AND PRIVACY ADVISORY BOARD RESOLUTION #2 September 17, 1992 The Board recommends that NIST focus on identifying publicly accessible information relevant to the conduct of the National Cryptographic Review. Such information includes, but is not limited to, the current status of laws and regulations pertaining to cryptography worldwide, the interests of public stakeholders, and the identification of specific parties who should be asked to participate in the National Cryptographic Review. The Board requests that NIST provide an update of their progress in this matter at the next Board meeting. FOR: Zeitler, Walker, Gallagher, Gangemi, Colvin, Lipner, Rand, Kuyers, Castro, Philcox AGAINST: none ABSTAIN: none MINUTES OF THE DECEMBER 9-10, 1992 MEETING OF THE COMPUTER SYSTEM SECURITY AND PRIVACY ADVISORY BOARD Wednesday, December 9, 1992 Opening Business A quorum being present, the Chairman, Dr. Willis Ware, called the meeting to order at the Marriott Hotel in Gaithersburg, Maryland at 9:00 a.m. Mr. Lynn McNulty, Executive Secretary, reviewed the materials provided to the Board and announced that all nominations for Board membership have been approved. (No vacancies currently exist on the Board.) He welcomed the appointment of Ms. Lambert and Mr. Whitehurst as well as the re-appointment of the Chairman. Mr. McNulty also announced that the draft 1992 Annual Report of the Board's activities would be circulated for review by mid-February. (ACTION - SECRETARY). The entire meeting was held in open, public session. National Cryptographic Review: Report from the Chairman In September, 1992, the Board directed the Chairman to visit appropriate federal officials to discuss the Board's recommendations for the National Cryptographic Review (the "Review"). The Chairman, accompanied by Mr. McNulty, visited eight officials who were expected to still be in place after the Presidential transition. Overall there was a great deal of personal support for the Review; this did not indicate, however, that organizational support was present or would be forthcoming. To ensure frank discussions, the Chairman agreed not to quote officials interviewed during these meetings. However, some common themes emerged during these discussions: 1) The Review should not and could not take place solely within the government. Private sector input should be solicited and encouraged. 2) All parties should have the opportunity to clearly state their positions. 3) There should be a recognition that the U.S. cannot control worldwide cryptographic policy. 4) While it is not clear how dynamic this issue may be, delays in addressing this issue must be avoided, since market forces and technology can change quickly. 5) The Board could serve a useful purpose by focusing attention on this issue during the transition period. These officials also indicated that a June 1993 date for completion of the Review was unrealistic, particularly given the transition process. NIST Cryptographic Update Mr. McNulty provided the Board with an update of recent NIST cryptographic- related activities. NIST is completing the technical requirements on the Digital Signature Standard in preparation for a second round of public comments. A Federal Register notice is expected by mid-January soliciting public comments on this draft Federal Information Processing Standard (FIPS). Discussions to resolve the patent issues continue. NIST has been informed by the Patent and Trademark Office that the patent application on the Digital Signature Standard (DSS) has been approved. The patent should be formally granted within a few months. The revision of FIPS 140-1, "Security of Cryptographic Modules," has been completed and is beginning the administrative process leading to approval by the Secretary of Commerce. Approval is expected in late January or early February. NIST has recommended that the draft Secure Hash Standard (SHS) be approved by the Secretary of Commerce as a FIPS. The ANSI X9 community has started the process to approve SHS as an ANSI national standard. Regarding the Review, Mr. McNulty informed the Board that NIST was acting upon the Board's recommendation to document all public laws and regulations regarding cryptography. This is expected to be completed by mid-May 1993. The second phase of the study will examine the legal and regulatory environment in a select group of foreign countries. This phase is to be completed by mid-Summer. Both studies would be publicly available from NIST. The Board requested a briefing from the study directors at the March meeting. (ACTION - SECRETARY) NIST is also working to establish a contract for a study to examine issues involving the economic stakeholders in the cryptographic field. The study will focus more on the demand side, e.g., who needs the products. Suggestions were made by the Board, including one from Mr. Whitehurst that embedded cryptography be included. The Board requested to hear from the study director in March. (ACTION - SECRETARY) In discussion which followed, Mr. McNulty indicated that there is a growing realization that NIST cannot conduct the entire Review. However, NIST is ideally positioned to represent the interests of the commercial and unclassified government sectors. Public Comments on the Reaffirmation of FIPS 46-1 (DES) Ms. Shirley Radack of NIST provided the Board with a summary of the comments received on the proposed reaffirmation of the Data Encryption Standard. (See Reference #1.) As of December 8, 1992, twenty comments were received. All supported reaffirmation, although some suggested modifications. Arguments for reaffirmation included: 1) the technology is still viable and 2) there is a large installed base of DES equipment. A suggestion for modification was to allow for DES implementations in software. Also, there was a suggestion that NIST reaffirm the DES but begin work on a replacement. Review of Proposed Board Letters The text of two draft letters regarding the Review were discussed. The first would be sent to Bush Administration officials urging that they notify their transition officials of the importance of the Review. The second letter would be sent to Clinton Administration officials urging them to support the review. Suggestions were made for rewording the letters for discussion on the following day. Proposed Board Resolutions Mr. Walker prepared and distributed two draft Board resolutions for the Board's consideration. Mr. Gallagher raised a point of order, indicating that consideration of these proposals was inconsistent with the rules adopted by the Board for consideration of action items. After some discussion, it was decided that the proposals would not be proposed for adoption at this meeting, but would only be used for discussion purposes. Mr. Walker then proceeded to review the documents, which focus on the strength of the DES and RC2/RC4 algorithms . (See References #2 and #3.) In noting the amount of time it would take to break DES encrypted data with varying size keyspaces, Mr. Walker noted that a gigabit DES chip could completely check a 40 bit keyspace in approximately 18 minutes. Mr. Walker indicated that he would like to have his materials informally submitted to NIST for their consideration. Representatives from Business Interests: Software Publishers Following lunch, a panel of representatives of software publishers was assembled to provide the Board with their viewpoints on the Review and related cryptographic issues. Included were: Ilene Rosenthal, General Counsel of the Software Publishers Association; Ira Rubinstein of Microsoft; Kevin Kingdon of Novell; Cameron Mashayekhi of WordPerfect; and Alan Eldridge of Iris/Lotus, Inc. Ms. Rosenthal introduced the panel. The speakers were asked to address four points: 1) the DES reaffirmation; 2) the effects of cryptographic export restrictions; 3) whether RC2/RC4 has solved the export problem; and 4) the viability of DSS. All speakers except Mr. Eldridge supported the reaffirmation of DES, with Mr. Kingdon calling for it to be implementable in software. Mr. Eldridge indicated that Lotus takes no position on DES since they use RC2 instead, which they would like to see receive some sort of official standing. Mr. Kingdon was asked whether Novell would change to DES if the government allowed export of 56-bit key DES implementations. Such a change would not necessarily occur, since RC2 was designed for software implementations. He also noted that in the product development process, the benefits of adding data privacy features is weighed against the costs of export control processing; as a result, the security features typically are dropped. Mr. Rubinstein said that demand for security was increasing for large corporate customers, health care, financial and government (both domestic and foreign) sectors. He referenced an article in INFOWorld which ranked the importance of features in electronic messaging products; security/privacy was ranked first. Regarding export controls, it was stated that depending on the products offered (by the vendors on the panel), 60-75% of sales are from overseas. Foreign customers do inquire about the availability of DES-based solutions and note that foreign suppliers can provide DES products. Regarding the marketing of a product with two security levels (for domestic and overseas markets), Mr. Rubinstein discussed the almost insurmountable problems of how to sell two levels of the same product. Mr. Kingdon noted that Novell has had to do a lot of apologizing for the security level of their products. Lotus does make products with two security levels. Many of Lotus' overseas customers do not find the key length acceptable. Mr. Rubinstein noted that we are already at a point where the State Department should be allowing export of 48-bit algorithms. A rate of increase of 1 bit per year is necessary. On RC2/RC4, Mr. Mashayekhi stated that the SPA agreement for exportability of RC2/RC4 has had a positive impact - better security options are now available and the case-by-case export approval process is not necessary. The discussion then proceeded to the issue of the viability of the proposed DSS. Mr. Rubinstein stated that he was concerned for two reasons: 1) the initial negative reaction from industry as well as the research/academic community and 2) the lack of specifications for key exchange. Mr. Kingdon noted that Novell's customers were satisfied with their offering of RSA-based products and that Novell was disconcerted at the prospect of implementing a second standard. Put simply, DSS does not solve any problem which has not been solved before. There was universal agreement that DSS has viability as a commercial standard since RSA served as the de facto standard. Mr Walker stressed the need for the members of the panel to formally submit their comments to NIST on these issues. NIST Update: Trusted Criteria Dr. Stu Katzke and Col. Ron Ross provided the Board with an update of the trusted criteria project, with special emphasis on the progress being made on the Trusted Technology Assessment Program (TTAP). (See References #4 and #5.) Dr. Katzke stated that the draft criteria should be out for review in one month. Copies would be sent to Board members (ACTION - SECRETARY) Dr. Katzke summarized the TTAP, which envisions NSA having the lead with NIST participation for high-end assurance evaluations, while NIST has the lead with NSA participation for the lower end products. NIST seeks to build on the success of its National Voluntary Laboratory Accreditation Program (NVLAP) to certify organizations to conduct evaluations. The goal is to minimize evaluation time while maximizing the availability of products. There will be a single U.S. Government Evaluated Products List. Board's 1993 Workplan Mr. Walker provided the Board with a draft of the 1993 CSSPAB Workplan (See Reference #6.) for discussion purposes. A few changes were made to the draft, with some rearrangement. Mr. Philcox motioned that the plan be accepted, which was seconded by Mr. Castro. The plan was then unanimously approved. During the ensuing discussion, Chairman Ware offered to conduct a one hour briefing at the March meeting on the "A-Zs of Privacy," a presentation he is giving at a conference in 1993. (ACTION - CHAIRMAN & SECRETARY) He also offered to provide a briefing on the issues involved with the privacy of medical records at the June meeting. (ACTION - CHAIRMAN & SECRETARY) It was noted that there are other ongoing privacy efforts. The EC recently published a second draft of their privacy guidelines and SRI is organizing a national privacy group. The Board should be briefed on both of these. (ACTION - SECRETARY) Prior to closing for the day, Mr. Walker distributed a think piece on the goals of the Review for consideration by Board members. (See reference #8.) Thursday, December 10, 1992 Executive Secretary's Note. Due to an overnight snowfall which adversely affected driving conditions in the metropolitan Washington D.C. area, several Board members were unable to attend the December 10 meeting. Those members in attendance at this session were: Castro, Gangemi, Kuyers, Lambert, Philcox, Ware, Whitehurst, and Zeitler. In response to a question from the Chairman, Mr. McNulty advised the Board that a quorum of voting members was present and that under the terms of its charter, the Board could consider and adopt the motions discussed during the previous day. Discussion of Cryptographic Issues At the request of the Chairman, the Board moved to formal consideration of the draft letter to be sent to appropriate senior officials of the current administration concerning the national cryptographic review. This proposed communication had been discussed the day before. After a short period of discussion, a formal motion was made that the revised letter be formally adopted by the Board. This motion was approved by a 7-0 vote. (See Attachment #1 for a complete text and dissemination list of the approved final communication.) The Chairman then requested that the Board consider a similarly worded letter to be sent to the new appointees of the Clinton Administration once their names were publicly announced. A motion was made, seconded, and passed unanimously. The Board then moved to a discussion of draft resolutions concerning the revalidation of the Data Encryption Standard and the potential impact upon the security of federal computer systems resulting from the universal incorporation of the 40 bit RC2/4 algorithms in commercial mass market software. It was agreed that these two motions should be withdrawn and re-considered at the March meeting. (ACTION - SECRETARY) Mr. Burrows provided the Board with information about additional responses on the DES standard received as of the close of business on December 9. Digital Signature Infrastructure Study Mr. McNulty briefed the Board on a study project he is managing that addresses the policy, legal, and responsibility issues associated with the government-wide use of DSS. He reviewed the rationale for undertaking this project and described how the study is being conducted by the MITRE Corporation acting as a contractor on behalf of NIST. He stated that the study would examine the privatization of certificate management services as an integral part of the study, as required by OMB. Mr. McNulty described the progress of the project to date, discussed the schedule for completing the effort and briefly reviewed the final products to be delivered to NIST at the conclusion of the effort. (See Reference #8.) The General Services Administration's (GSA) Secure Packet Switched Service Offering Mr. Al Williams of GSA briefed the Board on a new initiative by GSA to provide secure end-to- end data communications to unclassified users of the FTS 2000 telecommunications systems. (See Reference #9.) He stated that GSA has contracted with a private sector vendor of endorsed DES cryptographic equipment to provide federal agencies with cryptographic services, to include key management, for a modest monthly service charge ($88 per installation). To obtain this security service the using agency enters into an agreement with GSA and the service is provided under the terms of the established GSA contract. Mr. Williams stated that four federal agencies have already agreed to use this service to secure their data network. Mr. Williams concluded his presentation by stating that this program was an important initiative on the part of GSA to provide federal agencies with cost effective network security services. He expressed the desire to keep the Board informed on the future direction of this program. The Chairman accepted this offer and requested that Mr. Williams maintain communication with the Board's Executive Secretary. Public Participation At this time the Chairman asked if any of the members of the public at the meeting had any remarks they wished to address to the Board. There were no comments from the floor. Closing The Chairman advised the Board members that there was no further business for the group to consider. He asked if the Board members had any comments or suggestions for the March meeting. Mr. Whitehurst stated that he believed that the Board members would be interested in reviewing the draft Data Protection Guidelines recently released by the European Community. He also advised the Board that the Organization for Economic Cooperation and Development had just finalized its network security guidance document. He suggested that the Board receive a briefing on these initiatives at its March meeting. The Chairman asked the Executive Secretary to incorporate these subjects into the agenda for the next meeting. (ACTION - SECRETARY) There being no additional business for the Board, the Chairman adjourned the meeting at 11:15 A.M. Attachments #1 - Letter to Bush Administration Lynn McNulty #2 - Letter to Clinton Administration Secretary References CERTIFIED as a true accurate summary of #1 - Radack presentation the meeting #2 - Draft "Resolution #1" #3 - Draft "Resolution #2" #4 - Katzke presentation #5 - Ross presentation Willis Ware #6 - 1993 Workplan Chairman #7 - "Possible Results of National Review on Cryptography" #8 - McNulty presentation #9 - Williams presentation