Interesting People mailing list archives
News from the cipher front
From: David Farber <farber () central cis upenn edu>
Date: Wed, 27 Oct 1993 21:23:03 -0400
From: strnlght () netcom com (David Sternlight) Subject: News from the cipher front Date: 27 Oct 93 18:36:16 GMT Organization: DSI/USCRPAC Ciphertext, the RSA newsletter (v1 n1, Fall 1993) showed up in my mailbox this week. It contains much useful and interesting information, as well as an announcement of RSA's 1994 conference on January 12-14. What follows are some digested excerpts, posted with permission. On the Clipper front there is a very useful and non-polemical summary of the technical aspects of Clipper by Paul Fahn, and an article by Martin Hellman. Hellman is a Distinguished Associate of RSA Laboratories, one of the inventors of Public Key technology, and a Professor of Electrical Engineering at Stanford. He's not happy with Clipper as presently proposed, and says why. Since the article is based on his NIST testimony, the latter can be obtained by anonymous ftp at isl.stanford.edu in /pubs/hellman/nist.clipper.text. The third annual RSA Data Security Conference is at Redwood Shores, CA. It costs $245 per person. There is no Onsite registration. Deadline is Friday 12/17/93. For details contact RSA. Registration is limited to 400 and includes the conference, tutorials, and hardcopy conference proceedings, as well as a cocktail reception, and breakfast and lunch on all three days. Apple Ships RSA Digital Signature in Long-Awaited System 7 Pro. On October 4th, Apple Computer introduced millions of new users to the RSA Digital Signature. The producs are called PowerTalk and PowerShare and are part of System 7 Pro, a new version of the Mac operating system. They include five components, integrated into the operating system--Messaging, Electronic Mail Directories, Privacy and Authentication, and Digital Signatures. They also include RSA's RC4 symmetric stream cipher for server-to-server link encryption. Powertalk is compliant with the Public Key Cryptography Standards, and users will receive a voucher for a free unaffiliated "residential digital certificate, good for use with any secure PKCS or Internet PEM-compliant application. The Apple System 7 Pro implementation is PEM-certificate compatible, and the messages are as well. (For those who want privacy, RIPEM Mac operates with the key pair generated by the Mac.) There is an API to the sign/verify functions of the MacOS so that any app developer can use the features without needing to license from RSA. Of course, the MacOS with RSA Digital Signatures is fully exportable. RSA has a free signer utility for Windows that is compatible with the Mac sigs. Internet Privacy Enhanced Mail Arrives. Several commercial and freeware versions are available right now: TechMail, written at MIT, is a complete mail reading program for Macintosh and (soon) Windows. It includes full implementation of the Internet PEM RFCs, using RSA's TIPEM toolkit as its security engine. It is a client of the Internet Post Office Protocol. Techmail for the Mac is available from net.dist.mit.edu in pub/TechMail. It runs on SLIP or non-SLIP. (Poster's note: The SLIP version incudes PEM and works fine. I haven't tested the non-slip version and am not sure if it yet includes PEM.) TIS/PEM and T-Mail are non-commercial freeware and commercial supported versions, respectively, of Trusted Information Systems implementations of Internet PEM. The former was developed under contract with ARPA and agreement with RSADSI and is available in source code for academic research or exploratory use by corportions or individuals on the Internet. For more information send e-mail to tispem-support () tis com. TIPEM 1.1 is the latest release of RSA's Toolkit for Interoperable Privacy-Enhanced Messaging. It permits creating applications that comply with the Internet PEM standards as well as the commercial Public Key Cryptography Standards (PKCS) established by vendors including Lotus, Apple, Novell, and Microsoft. The toolkit was used for Apple's Powertalk. It is available directly from RSA Data Security Inc. RIPEM is another freeware public key encryption program designed for Internet PEM. It implements a subset of PEM as described in RFC's 1421-1424 The internet host ripem.msu.edu acts as a RIPEM key server for users who choose to register their keys. It is available via anonymous ftp from rsa.com and non-anonymous ftp from ripem.msu.edu. RSA Certificate Services Center Opens for Business. This article describes the center RSA has established to get ral certificates with your name, public key, and organizational affiliation safely embedded in a cryptographically tamper-proof digital document. This provides the digital ID for Apple Powertalk, Internet Privacy-Enhanced Mail, or any X.509 certificate-based secure application. The center allows you to issue your own affiliated certificates using RSA's Certificate Issuing System; or the Certificate Services Center can issue affiliated certificates for you, or you can purchase individual unaffiliated certificates directly from the CSC. Revocation services are also provided, as are certificate verification services. Users of Apple's System 7 PRO may get their first certificate free. (Poster's note--as I understand it, subsequent individual certificates are $25.) For more information contact George Parsons, CSC Manager at 415-595-8782. RSA Licensee Update: This piece is a partial list of products using RSA Technology available now or coming soon. They include products from Novell, Apple, Microsoft, Trusted Information Systems, Motorola, AT&T, Lotus, Word Perfect, Racal, IBM, Northern Telecom, Hughes, etc. in categories of Security in the OS, Secure E-mail, Secure Telephone and Fax, Secure Workgroup, Secure Electronic Forms, Link and Node Encryption, and Secure Remote Access. Hilgraeve Licenses RSA for Best-Selling Asynch Package. Hilgraeve, Inc. is about to release the very first mass-market asynchronous communications package with RSA encryptoin capabilities built in. The current release of that software, HyperACCESS/5 is already a market leader, for DOS, OS/2, and Windows. It has received PC Magazine's Editors' Choice Award three out of the past five years for its quality, performance, and ease of use. For more information, contact Matt Gray at 313/243-0576. DataMedia's SECURExchange can "secure virtually any existing DOS, Windows, or Macintosh E-mail system. It uses RSA Digital Envelopes, RSA Digital Signatures, and RSA Digital Certificates. It has been fully tested with cc:Mail, Microsoft Mail, DaVinci Mail, Beyond Mail, Internet, Compuserve, MCI Mail, AT&T EasyLink, and other systems. For more info call 603/886-1570. Dr. Ron Rivest has a piece on the Difficulty of Factoring--a reprint of a "classic paper." The RSA Factoring Challenge is a list of very long numbers posted on rsa.com. There are cash prizes for the most successful factorers. Prizes vary from the tens to the thousands of dollars, and unrewarded prize money rolls over into a kitty from month to month. SmartDisk is a smartcard that fits in a standard 3-1/2 inch diskette slot and interfaces with the disk read heads. It's a high-performace smart card that doesn't need a reader. It has its own embedded OS firmware. the firt application available is SafeBoot, a complete PC access control package which is "virtually unhackable. The encryption algorithm and key are stored on the SmartDisk to protect them. For further info call Gene Wagner or Jon Kaplan at Fischer International, 813/643-1500. The above excerpts are only partial summaries of the material in the newsletter. RSA Data Security Inc. is at 100 Marine Parkway, Suite 500, Redwood City, CA 94065-1031. Disclaimer: The poster of this summary has no connection with any of the companies mentioned herein, except as an occasional beta tester for some, and an interested observer. David -- David Sternlight When the mouse laughs at the cat, there is a hole nearby.--Nigerian Proverb
Current thread:
- News from the cipher front David Farber (Oct 27)