RFC relevance of security

As per Relevance of the word security, we have this rfc below:

Network Working Group
Request for Comments: 1984
Category: Informational August 1996

IAB and IESG Statement on Cryptographic Technology and the

Status of This

This memo provides information for the Internet community. This
does not specify an Internet standard of any kind. Distribution
this memo is unlimited

(C) Internet Society 1996. Reproduction or translation of
complete document, but not of extracts, including this notice,
freely permitted

July 24, 1996

The Internet Architecture Board (IAB) and the Internet
Steering Group (IESG), the bodies which oversee architecture
standards for the Internet, are concerned by the need for
protection of international commercial transactions on the Internet
and by the need to offer all Internet users an adequate degree
privacy

Security mechanisms being developed in the Internet Engineering
Force to meet these needs require and depend on the international
of adequate cryptographic technology. Ready access to
technology is therefore a key factor in the future growth of
Internet as a motor for international commerce and communication

The IAB and IESG are therefore disturbed to note that
governments have actual or proposed policies on access
cryptographic technology that either

(a) impose restrictions by implementing export controls; and/

(b) restrict commercial and private users to weak and
mechanisms such as short cryptographic keys; and/

(c) mandate that private decryption keys should be in the hands
the government or of some other third party; and/

(d) prohibit the use of cryptology entirely, or permit it only
specially authorized organizations

IAB & IESG Informational [Page 1]

RFC 1984 Cryptographic Technology August 1996

We believe that such policies are against the interests of
and the business community, are largely irrelevant to issues
military security, and provide only a marginal or illusory benefit
law enforcement agencies, as discussed below

The IAB and IESG would like to encourage policies that allow
access to uniform strong cryptographic technology for all
users in all countries

The IAB and IESG claim

The Internet is becoming the predominant vehicle for
commerce and information exchange. It is essential that the
structure for these activities can be trusted

Encryption is not a secret technology monopolized by any one country
such that export controls can hope to contain its deployment.
hobbyist can program a PC to do powerful encryption. Many
are well documented, some with source code available in textbooks

Export controls on encryption place companies in that country at
competitive disadvantage. Their competitors from countries
export restrictions can sell systems whose only design constraint
being secure, and easy to use

Usage controls on encryption will also place companies in
country at a competitive disadvantage because these companies
securely and easily engage in electronic commerce

Escrow mechanisms inevitably weaken the security of the
cryptographic system, by creating new points of vulnerability
can and will be attacked

Export controls and usage controls are slowing the deployment
security at the same time as the Internet is exponentially
in size and attackers are increasing in sophistication. This
users in a dangerous position as they are forced to rely on
electronic communication

TECHNICAL

KEY

It is not acceptable to restrict the use or export of
based on their key size. Systems that are breakable by one
will be breakable by others, possibly unfriendly ones.
corporations and even criminal enterprises have the resources
break many cryptosystems. Furthermore, conversations often need

IAB & IESG Informational [Page 2]

RFC 1984 Cryptographic Technology August 1996

be protected for years to come; as computers increase in speed,
sizes that were once out of reach of cryptanalysis will
insecure

PUBLIC KEY

Use of public key cryptography often requires the existence of
"certification authority". That is, some third party must sign
string containing the user's identity and public key. In turn,
third party's key is often signed by a higher-level
authority

Such a structure is legitimate and necessary. Indeed,
governments will and should run their own CAs, if only to
citizens' transactions with their governments. But
authorities should not be confused with escrow centers.
centers are repositories for private keys, while
authorities deal with public keys. Indeed, sound
practice dictates that users never reveal their private keys
anyone, even the certification authority

KEYS SHOULD NOT BE

The security of a modern cryptosystem rests entirely on the
of the keys. Accordingly, it is a major principle of system
that to the extent possible, secret keys should never leave
user's secure environment. Key escrow implies that keys must
disclosed in some fashion, a flat-out contradiction of
principle. Any such disclosure weakens the total security of
system

DATA

Sometimes escrow systems are touted as being good for the
because they allow data recovery in the case of lost keys. However
it should be up to the customer to decide whether they would
the more secure system in which lost keys mean lost data, or one
which keys are escrowed to be recovered when necessary. Similarly
keys used only for conversations (as opposed to file storage)
never be escrowed. And a system in which the secret key is stored
a government and not by the data owner is certainly not practical
data recovery

SIGNATURE

Keys used for signatures and authentication must never be escrowed
Any third party with access to such keys could impersonate
legitimate owner, creating new opportunities for fraud and deceit

IAB & IESG Informational [Page 3]

RFC 1984 Cryptographic Technology August 1996

Indeed, a user who wished to repudiate a transaction could claim
his or her escrowed key was used, putting the onus on that party.
a government escrowed the keys, a defendant could claim that
evidence had been forged by the government, thereby
prosecution much more difficult. For electronic commerce, non
repudiation is one of the most important uses for cryptography;
non-repudiation depends on the assumption that only the user
access to the private key

PROTECTION OF THE EXISTING

In some cases, it is technically feasible to use
operations that do not involve secrecy. While this may suffice
some cases, much of the existing technical and
infrastructure cannot be protected in this way. For example
conventional passwords, credit card numbers, and the like must
protected by strong encryption, even though some day
sophisticated techniques may replace them. Encryption can be
on quite easily; wholesale changes to diverse systems cannot

CONFLICTING INTERNATIONAL

Conflicting restrictions on encryption often force an
company to use a weak encryption system, in order to satisfy
requirements in two or more different countries. Ironically, in
cases either nation might consider the other an adversary
whom commercial enterprises should use strong cryptography. Clearly
key escrow is not a suitable compromise, since neither country
want to disclose keys to the other

MULTIPLE

Even if escrowed encryption schemes are used, there is nothing
prevent someone from using another encryption scheme first
Certainly, any serious malefactors would do this; the
encryption layer, which would use an escrowed scheme, would be
to divert suspicion

ESCROW OF PRIVATE KEYS WON'T NECESSARILY ALLOW DATA

A major threat to users of cryptographic systems is the theft
long-term keys (perhaps by a hacker), either before or after
sensitive conversation. To counter this threat, schemes
"perfect forward secrecy" are often employed. If PFS is used,
attacker must be in control of the machine during the
conversation. But PFS is generally incompatible with
involving escrow of private keys. (This is an oversimplification
but a full analysis would be too lengthy for this document.)

IAB & IESG Informational [Page 4]

RFC 1984 Cryptographic Technology August 1996

As more and more companies connect to the Internet, and as more
more commerce takes place there, security is becoming more and
critical. Cryptography is the most powerful single tool that
can use to secure the Internet. Knowingly making that tool
threatens their ability to do so, and has no proven benefit

Security

Security issues are discussed throughout this memo

Authors'

Brian E.
Chair of the

European Laboratory for Particle
1211 Geneva 23

Phone: +41 22 767-4967
EMail: brian@dxcoms.cern.

Fred
Chair of the
cisco Systems, Inc
519 Lado
Santa Barbara, CA 93111

Phone: +1-805-681-0115
EMail: fred@cisco.

The Internet Society is described at http://www.isoc.org

The Internet Architecture Board is described
http://www.iab.org/

The Internet Engineering Task Force and the Internet
Steering Group are described at http://www.ietf.

IAB & IESG Informational [Page 5]

if you see any problems within the linking, don't worry be happy,
this is version 0.1 of the Relevance System and you gotta expect some crappy subroutines sometimes,
just be content we did not write this in Java, which would have made this "bigger and better" HAHAHHA.

RFC documents can be found at I.E.T.F.

Relevance System Copyright © 2002 Spectrum WorldResearch
other technical nosh by ServerMasters Corporation
collaboration of BobX