[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Apple, privacy, and AOCE



Recent discussion about Apple's commitment (or lack thereof) to
providing anything like real privacy calls to mind some stuff
from MacWeek of several weeks ago; the 7/12/93 issue of MacWeek
includes a "special report" on AOCE (Apple Open Collaborative
Environment, a "groupware" (anyone have any better explanation?)
setup which facilitates sharing data between colleagues.
The "special report" includes two sidebars about encryption and security
in the AOCE environment, which I reproduce below.

I called and asked about permission to reprint the entire article
to the list but was unable to get past marketroids who wanted me
to pay $50 + copying costs (payable to them) for my 4-color
glossy reprints showcasing my product. (don't have one, dammit.)
Some folks still don't "get" the net. Sigh.
                                           
I found the idea that RSADSI will be generating folks' key pairs
particularly chilling. The article accompanying these sidebars
suggests that folks' private keys will be stored on the server; the
article made the security of the thing sound *so* poorly designed that
I figure it must be the result of miscommunication between the
Apple folks and the article's author (Mitch Radcliffe). If anyone
really cares I can see about posting some more of the article.

---

"Apple could have the toughest code on the block"

The Cold War mind-set in Washington, D.C., thawed a bit when Apple
gained permission from the U.S. government to ship AOCE outside the
United States while retaining the software's advanced encryption
features.

Encryption technology is considered munitions by the national defense
apparatus. For many years, the Department of Commerce, in collaboration
with the National Security Agency, has limited encryption technology
exports. But the strict limits on cryptography seem to be eroding after
the fall of the Soviet Union.

According to sources, the RC-4 encryption in AOCE was approved under a
special agreement between Apple and the NSA that will allow slightly
more-powerful scrambling capabilities than are typically given export
clearance. The NSA recently signed an agreement with the Software
Publishers Association that will provide expedited approval of RC-4
encryption based on 40-bit keys. AOCE uses 64-bit keys, and larger keys
mean better security.

"Protection can be at many levels," Gursharan Sidhu, Apple technical
director of collaboration systems development, told attendees at the
Apple Worldwide Developers Conference in May. He said it's very easy to
protect against casual intrusion and even determined hackers. But a
resource-rich intruder with access to supercomputers can defeat many
encryption technologies. "You've got to look at these various dimensions
of how far you want to go in providing security," Sidhu said.

Apple's security is among the best available, he said. The company
fought for several years to win approval for AOCE's privacy and security
technologies.

"In the world of commercial security, it's a matter of saying it is
secure within the parameters of commercial reality," Sidhu said.

Sources said it would take a supercomputer-equipped intruder from two
hours to six days to crack a 64-bit RC-4 key using a brute-force attack
that analyzed the encrypted data for hints about the key. Even if such
an intruder cracked the key for one network session, each successive
session would have to be recracked because it would have a different
key.

Apple will be constrained from selling AOCE in countries on the State
Department's list of terrorist nations. And the company will sell a
version of AOCE without encryption functions in France, because the
French government requires access to all imported encryption
technology.

In the United States, the barriers against encryption export seem to be
falling. In May, the Computer System Security and Privacy Advisory Board
of the National Institute of Standards and Technology, the Department of
Commerce agency that monitors civilian encryption technologies, issued
resolutions that recommend the United States revise its export laws to
facilitate the spread of encryption technologies.

"I think the NIST resolutions are a good indication that the Department
of Commerce is trying to make it clear to the White House that these
policies are backward," said Marc Rotenberg, director of the Washington,
D.C., office of Computer Professionals for Social Responsibility. "If
they don't change, they'll still be making policy for the 1950's."

- by Mitch Ratcliffe

---------

"Behind it all, digital signatures"

If the messaging engine is the workhorse of AOCE, the digital signature
capability is the electronic Paul Revere that carries the important
information.

A digital signature is an electronic analogy to the written signature,
and no two are alike. The result of complex cryptographic processes, a
digital signature can prove that a particular user "signed" a particular
document. Users sign a document by clicking a check box in the AOCE
mailer.

The legal force of such signatures has not been determined, but Apple
believes they are sufficiently reliable for building audit trails
through a company or even between companies.

Users will have to apply for and recieve their digital signatures from
RSA Data Security Inc. of Redwood City, Calif., which developed the
technology. The signature arrives in two parts, a private key that the
user must keep secure and a public key that can be distributed freely.
Any document signed using the private key can be compared with the
user's public key to see if the document is authentic and unchanged.

Public keys can be handed out by a user or stored in a key database,
where users can go to get keys that have been verified by a third party.
For example, a bank might keep the list of public keys that can be used
by a customer's company for signing purchase orders.

Developers, such as Snow Development Corp. of Clearwater, Fla., and
Shana Corp. of Edmonton, Alberta, plan to use AOCE digital signatures in
report-routing and forms software. The applications will let a user
create a flowchart of colleagues who need to sign off on a document,
send the document to that list serially or in parallel, and collect all
the digital signatures for auditing purposes in the final document.

-- by Mitch Ratcliffe




--
Greg Broiles                            [email protected]
Golden Bear Computer Consulting         +1 503 342 7982
Box 12005 Eugene OR 97440               BBS: +1 503 687 7764