Subject: RISKS DIGEST 13.75 REPLY-TO: risks@csl.sri.com RISKS-LIST: RISKS-FORUM Digest Thursday 20 August 1992 Volume 13 : Issue 75 FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator Contents: CPSR Letter on Crypto Policy (Marc Rotenberg via Dave Banisar) The RISKS Forum is moderated. Contributions should be relevant, sound, in good taste, objective, coherent, concise, and nonrepetitious. Diversity is welcome. CONTRIBUTIONS to RISKS@CSL.SRI.COM, with relevant, substantive "Subject:" line. Others may be ignored! Contributions will not be ACKed. The load is too great. **PLEASE** INCLUDE YOUR NAME & INTERNET FROM: ADDRESS, especially .UUCP folks. REQUESTS please to RISKS-Request@CSL.SRI.COM. Vol i issue j, type "FTP CRVAX.SRI.COMlogin anonymousAnyNonNullPW CD RISKS:GET RISKS-i.j" (where i=1 to 13, j always TWO digits). Vol i summaries in j=00; "dir risks-*.*" gives directory; "bye" logs out. The COLON in "CD RISKS:" is essential. "CRVAX.SRI.COM" = "128.18.10.1". =CarriageReturn; FTPs may differ; UNIX prompts for username, password. For information regarding delivery of RISKS by FAX, phone 310-455-9300 (or send FAX to RISKS at 310-455-2364, or EMail to risks-fax@cv.vortex.com). ALL CONTRIBUTIONS CONSIDERED AS PERSONAL COMMENTS; USUAL DISCLAIMERS APPLY. Relevant contributions may appear in the RISKS section of regular issues of ACM SIGSOFT's SOFTWARE ENGINEERING NOTES, unless you state otherwise. ---------------------------------------------------------------------- Date: Mon, 17 Aug 1992 16:30:03 EDT From: Dave Banisar Subject: CPSR Letter on Crypto Policy The following is the text of a letter Computer Professionals for Social Responsibility (CPSR) recently sent to Rep. Jack Brooks, chairman of the House Judiciary Committee. The letter raises several issues concerning computer security and cryptography policy. For additional information on CPSR's activities in this area, contact banisar@washofc.cpsr.org. For information concerning CPSR generally (including membership information), contact cpsr@csli.stanford.edu. ==================================================== August 11, 1992 Representative Jack Brooks Chairman House Judiciary Committee 2138 Rayburn House Office Bldg. Washington, DC 20515-6216 Dear Mr. Chairman: Earlier this year, you held hearings before the Subcommittee on Economic and Commercial Law on the threat of foreign economic espionage to U.S. corporations. Among the issues raised during the hearings were the future of computer security authority and the efforts of government agencies to restrict the use of new technologies, such as cryptography. As a national organization of computer professionals interested in the policies surrounding civil liberties and privacy, including computer security and cryptography, CPSR supports your efforts to encourage public dialogue of these matters. Particularly as the United States becomes more dependent on advanced network technologies, such as cellular communications, the long-term impact of proposed restrictions on privacy-enhancing techniques should be carefully explored in a public forum. When we had the opportunity to testify before the Subcommittee on Legislation and National Security in May 1989 on the enforcement of the Computer Security Act of 1987, we raised a number of these issues. We write to you now to provide new information about the role of the National Security Agency in the development of the Digital Signature Standard and the recent National Security Directive on computer security authority. The information that we have gathered suggests that further hearings are necessary to assess the activities of the National Security Agency since passage of the Computer Security Act of 1987. The National Security Agency and the Digital Signature Standard Through the Freedom of Information Act, CPSR has recently learned that the NSA was the driving force behind the selection and development of the Digital Signature Standard (DSS). We believe that the NSA's actions contravene the Computer Security Act of 1987. We have also determined that the National Institute of Standards and Technology (NIST) attempted to shield the NSA's role in the development of the DSS from public scrutiny. The Digital Signature Standard will be used for the authentication of computer messages that travel across the public computer network. Its development was closely watched in the computer science community. Questions about the factors leading to the selection of the standard were raised by a Federal Register notice, 56 Fed. Reg. 42, (Aug 30, 1991), in which NIST indicated that it had considered the impact of the proposed standard on "national security and law enforcement," though there was no apparent reason why these factors might be considered in the development of a technical standard for communications security. In August 1991, CPSR filed a FOIA request with the National Institute of Standards and Technology seeking all documentation relating to the development of the DSS. NIST denied our request in its entirety. The agency did not indicate that they had responsive documents from the National Security Agency in their files, as they were required to do under their own regulations. 15 C.F.R. Sec. 4.6(a)(4) (1992). In October 1991, we filed a similar request for documents concerning the development of the DSS with the Department of Defense. The Department replied that they were forwarding the request to the NSA, from whom we never received even an acknowledgement of our request. In April 1992, CPSR filed suit against NIST to force disclosure of the documents. CPSR v. NIST, et al., Civil Action No. 92-0972-RCL (D.D.C.). As a result of that lawsuit, NIST released 140 out of a total of 142 pages. Among those documents is a memo from Roy Saltman to Lynn McNulty which suggests that there were better algorithms available than the one NIST eventually recommended for adoption. If that is so, why did NIST recommend a standard that its own expert believed was inferior? Further, NIST was required under Section 2 of the Computer Security Act to develop standards and guidelines to "assure the cost-effective security and privacy of sensitive information in federal systems." However, the algorithm selected by NIST as the DSS was purposely designed to minimize privacy protection: its use is limited to message authentication. Other algorithms that were considered by NIST included both the ability to authenticate messages and the capability to incorporate privacy-enhancing features. Was NSA's interest in communication surveillance one of the factors that lead to the NIST decision to select an algorithm that was useful for authentication, but not for communications privacy? Most significantly, NIST also disclosed that 1,138 pages on the DSS that were created by the NSA were in their files and were being sent back to the NSA for processing. Note that only 142 pages of material were identified as originating with NIST. In addition, it appears that the patent for the DSS is filed in the name of an NSA contractor. The events surrounding the development of the Digital Signature Standard warrant further Congressional investigation. When Congress passed the Computer Security Act, it sought to return authority for technical standard-setting to the civilian sector. It explicitly rejected the proposition that NSA should have authority for developing technical guidelines: Since work on technical standards represents virtually all of the research effort being done today, NSA would take over virtually the entire computer standards job from the [National Institute of Standards and Technology]. By putting the NSA in charge of developing technical security guidelines (software, hardware, communications), [NIST] would be left with the responsibility for only administrative and physical security measures -- which have generally been done years ago. [NIST], in effect, would on the surface be given the responsibility for the computer standards program with little to say about the most important part of the program -- the technical guidelines developed by NSA. Government Operation Committee Report at 25-26, reprinted in 1988 U.S. Code Cong. and Admin. News at 3177-78. See also Science Committee Report at 27, reprinted in 1988 U.S.C.A.N. 3142. Despite the clear mandate of the Computer Security Act, NSA does, indeed, appear to have assumed the lead role in the development of the DSS. In a letter to MacWeek magazine last fall, NSA's Chief of Information Policy acknowledged that the Agency "evaluated and provided candidate algorithms including the one ultimately selected by NIST." Letter from Michael S. Conn to Mitch Ratcliffe, Oct. 31, 1991. By its own admission, NSA not only urged the adoption of the DSS -- it actually "provided" the standard to NIST. The development of the DSS is the first real test of the effectiveness of the Computer Security Act. If, as appears to be the case, NSA was able to develop the standard without regard to recommendations of NIST, then the intent of the Act has clearly been undermined. Congress' intent that the standard-setting process be open to public scrutiny has also been frustrated. Given the role of NSA in developing the DSS, and NIST's refusal to open the process to meaningful public scrutiny, the public's ability to monitor the effectiveness of the Computer Security Act has been called into question. On a related point, we should note that the National Security Agency also exercised its influence in the development of an important standard for the digital cellular standards committee. NSA's influence was clear in two areas. First, the NSA ensured that the privacy features of the proposed standard would be kept secret. This effectively prevents public review of the standard and is contrary to principles of scientific research. The NSA was also responsible for promoting the development of a standard that is less robust than other standards that might have been selected. This is particularly problematic as our country becomes increasingly dependent on cellular telephone services for routine business and personal communication. Considering the recent experience with the DSS and the digital cellular standard, we can anticipate that future NSA involvement in the technical standards field will produce two results: (1) diminished privacy protection for users of new communications technologies, and (2) restrictions on public access to information about the selection of technical standards. The first result will have severe consequences for the security of our advanced communications infrastructure. The second result will restrict our ability to recognize this problem. However, these problems were anticipated when Congress first considered the possible impact of President Reagan's National Security Decision Directive on computer security authority, and chose to develop legislation to promote privacy and security and to reverse efforts to limit public accountability. National Security Directive 42 Congressional enactment of the Computer Security Act was a response to President Reagan's issuance of National Security Decision Directive ("NSDD") 145 in September 1984. It was intended to reverse an executive policy that enlarged classification authority and permitted the intelligence community broad say over the development of technical security standards for unclassified government and non-government computer systems and networks. As noted in the committee report, the original NSDD 145 gave the intelligence community new authority to set technical standards in the private sector: [u]nder this directive, the Department of Defense (DOD) was given broad new powers to issue policies and standards for the safeguarding of not only classified information, but also other information in the civilian agencies and private sector which DOD believed should be protected. The National Security Agency (NSA), whose primary mission is one of monitoring foreign communications, was given the responsibility of managing this program on a day-to-day basis. H. Rep. No. 153 (Part 2), 100th Cong., 1st Sess. 6 (1987). The legislation was specifically intended to override the Presidential directive and to "greatly restrict these types of activities by the military intelligence agencies ... while at the same time providing a statutory mandate for a strong security program headed up by [NIST], a civilian agency." Id. at 7. President Bush issued National Security Directive ("NSD") 42 on July 5, 1990. On July 10, 1990, Assistant Secretary of Defense Duane P. Andrews testified before the House Subcommittee on Transportation, Aviation, and Materials on the contents of the revised NSD. The Assistant Secretary stated that the "the new policy is fully compliant with the Computer Security Act of 1987 (and the Warner Amendment) and clearly delineates the responsibilities within the Federal Government for national security systems." On August 27, 1990, CPSR wrote to the Directorate for Freedom of Information of the Department of Defense and requested a copy of the revised NSD, which had been described by an administration official at the July hearing but had not actually been disclosed to the public. CPSR subsequently sent a request to the National Security Council seeking the same document. When both agencies failed to reply in a timely fashion, CPSR filed suit seeking disclosure of the Directive. CPSR v. NSC, et al., Civil Action No. 91-0013-TPJ (D.D.C.). The Directive, which purports to rescind NSDD 145, was recently disclosed as a result of this litigation CPSR initiated against the National Security Council. The text of the Directive raises several questions concerning the Administration's compliance with the Computer Security Act: 1. The new NSD 42 grants NSA broad authority over "national security systems." This phrase is not defined in the Computer Security Act and raises questions given the expansive interpretation of "national security" historically employed by the military and intelligence agencies and the broad scope that such a term might have when applied to computer systems within the federal government. If national security now includes international economic activity, as several witnesses at your hearings suggested, does NSD 42 now grant NSA computer security authority in the economic realm? Such a result would clearly contravene congressional intent and eviscerate the distinction between civilian and "national security" computer systems. More critically, the term "national security systems" is used throughout the document to provide the Director of the National Security Agency with broad new authority to set technical standards. Section 7 of NSD 42 states that the Director of the NSA, as "National Manager for National Security Telecommunications and Information Systems Security," shall * * * c. Conduct, *approve*, or endorse research and development of techniques and equipment to secure national security systems. d. Review and *approve* all standards, techniques, systems, and equipment, related to the security of national security systems. * * * h. Operate a central technical center to evaluate and *certify* the security of national security telecommunications and information systems. (Emphasis added) Given the recent concern about the role of the National Security Agency in the development of the Digital Signature Standard, it is our belief that any standard-setting authority created by NSD 42 should require the most careful public review. 2. NSD 42 appears to grant the NSA new authority for information security. This is a new area for the agency; NSA's role has historically been limited to communications security. Section 4 of the directive provides as follows: The National Security Council/Policy Coordinating Committee (PCC) for National Security Telecommuni- cations, chaired by the Department of Defense, under the authority of National Security Directives 1 and 10, assumed the responsibility for the National Security Telecommunications NSDD 97 Steering Group. By authority of this directive, the PCC for National Security Telecommunications is renamed the PCC for National Security Telecommunications and Information Systems, and shall expand its authority to include the responsibilities to protect the government's national security telecommunications and information systems. (Emphasis added). Thus, by its own terms, NSD 42 "expands" DOD's authority to include "information systems." What is the significance of this new authority? Will it result in military control of systems previously deemed to be civilian? 3. NSD 42 appears to consolidate NSTISSC (The National Security Telecommunications and Information Systems Security Committee) authority for both computer security policy and computer security budget determinations. According to section 7 of the revised directive, the National Manager for NSTISSC shall: j. Review and assess annually the national security telecommunications systems security programs and budgets of Executive department and agencies of the U.S. Government, and recommend alternatives, where appropriate, for the Executive Agent. NTISSC has never been given budget review authority for federal agencies. This is a power, in the executive branch, that properly resides in the Office of Management and Budget. There is an additional concern that Congress's ability to monitor the activities of federal agencies may be significantly curtailed if this NTISSC, an entity created by presidential directive, is permitted to review agency budgets in the name of national security. 4. NSD 42 appears to weaken the oversight mechanism established by the Computer Security Act. Under the Act, a Computer Systems Security and Privacy Advisory Board was established to identify emerging issues, to inform the Secretary of Commerce, and to report findings to the Congressional Oversight Committees. Sec. 3, 15 U.S.C. Sec. 278g-4(b). However, according to NSD 42, NSTISSC is established "to consider technical matters and develop operating policies, procedures, guidelines, instructions, and standards as necessary to implement provisions of this Directive." What is the impact of NSTISSC authority under NSD 42 on the review authority of the Computer Systems Security and Privacy Advisory Board created by the Computer Security Act? Conclusion Five years after passage of the Computer Security Act, questions remain about the extent of military involvement in civilian and private sector computer security. The acknowledged role of the National Security Agency in the development of the proposed Digital Signature Standard appears to violate the congressional intent that NIST, and not NSA, be responsible for developing security standards for civilian agencies. The DSS experience suggests that one of the costs of permitting technical standard setting by the Department of Defense is a reduction in communications privacy for the public. The recently released NSD 42 appears to expands DOD's security authority in direct contravention of the intent of the Computer Security Act, again raising questions as to the role of the military in the nation's communications network. There are also questions that should be pursued regarding the National Security Agency's compliance with the Freedom of Information Act. Given the NSA's increasing presence in the civilian computing world, it is simply unacceptable that it should continue to hide its activities behind a veil of secrecy. As an agency of the federal government, the NSA remains accountable to the public for its activities. We commend you for opening a public discussion of these important issues and look forward to additional hearings that might address the questions we have raised. Sincerely, Marc Rotenberg, Director CPSR Washington Office ------------------------------ End of RISKS-FORUM Digest 13.75 ************************