'Re: CSP's in Development'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       ms-cryptoapi
Subject:    Re: CSP's in Development
From:       David Carman <dwcarman () TIS ! COM>
Date:       1996-11-21 16:31:57
[Download RAW message or body]


Ryan,

On Fri, 15 Nov 1996, Ryan Bolz wrote:

> Dear Cryptographic Service Provider Developer:

[SNIP]

> In the past months many of you have discussed the development of your
> CSP with me via phone and e-mail and this is great news. In order for
> the CryptoAPI team to better understand your objectives and support you
> more effectively I encourage you to send me an e-mail or, if you prefer,
> post to the listserv briefly explaining what type of CSP you are
> developing, what stage of development you are in, target release date of
> your CSP and so forth.
>
> Also, we are keeping a list of CSP developers who are willing to be
> cited or mentioned as developing CSPs. If you are interested in being
> added to this list please indicate that in your e-mail and we will add
> your company name and CSP project accordingly. [SNIP]

As we've previously discussed, Trusted Information Systems, Inc. (TIS) is
interested in being included on a the list of CSP developers cited or
mentioned as developing CSPs.  TIS is currently building two CSPs based
on our patented RecoverKey (TM) technology--a technology which allows
emergency secret-key (or symmetric key) recovery.  The RecoverKey CSP
will only be available in the US and Canada, while the
RecoverKey-International CSP will be exportable from the US.

RecoverKey/RecoverKey-International CSP COMMON FEATURES:

Provider type:            PROV_RSA_FULL

Key Exchange Algorithm:   PKCS#1-compliant RSA Key Exchange w/ modulus sizes
                          up to 1024 bits

Signature Algorithm:      PKCS#1-compliant RSA Signature/Verification w/
                          modulus sizes up to 1024 bits

Symmetric Algorithms:     - RC2 (up to 128 bit keys)
                          - RC4 (up to 128 bit keys)
                          - Data Encryption Standard (FIPS 46-2 DES)
                          - Triple DES

Hashing Algorithms:       - MD5
                          - SHA-1

Cryptographic engine:     RSA's BSAFE

Additional capabilities:  Generation of optional key recovery fields for
                          user key recovery

Status:                   Under development

Availability:             Q1-CY97

DIFFERENCES:

The major difference between the RecoverKey and RecoverKey-International
CSPs is that the RecoverKey-International CSP always generates and
verifies that the appropriate key recovery field(s) is/are attached to
the key exchange simple key blob.  This key recovery field allows an
authorized third party (e.g. corporate officer, law enforcement) access to
the original session (symmetric) key being transported in the key
exchange (key blob in CryptoAPI terms).  Since only the
RecoverKey-International CSP always generates and verifies the
key recovery mechanism, only it is available to be exported from the US.

INTEROPERABILITY:

RecoverKey CSPs may choose to communicate (exchange key blobs) with
RecoverKey-International CSPs only if they also generate and verify the
appropriate key recovery fields.  That is, a RecoverKey CSP may choose to
interoperate with a RecoverKey-International CSP only if it "acts" like a
RecoverKey-International CSP.

The RecoverKey and RecoverKey-International CSPs may also reduce their
generated RSA modulus sizes and RC2/RC4 symmetric key sizes to
interoperate with the MS RSA Base Provider.

RELATED PRODUCTS:

- Gauntlet Internet Firewall Global Virtual Private Network - first
product containing RecoverKey technology and is currently shipping to
overseas customers.

- Key Recovery Center - the "safe hiding place" for the private keys used
to unlock key recovery fields for emergency recovery.  For more info, see
our web page: http://www.tis.com/docs/products/cke/rk2.html

- RecoverKey Toolkit - allows application developers to embed RecoverKey
technology into their software or hardware products, including their own
CSPs.  The toolkit also provides modules for user registration and
recovery.  For more info, see our web page:
http://www.tis.com/docs/products/cke/rk1.html

CONTACT INFORMATION:

TIS's RecoverKey Web Page:  http://www.tis.com/docs/products/cke/index.html

Business Development/Purchase:   Bill Thompson
                                 Vice President, Business Development
                                 E-mail: thompson@tis.com
                                 Tel: (415)962-8885

Technical:                       Dave Carman
                                 RecoverKey Development Manager
                                 E-mail: dwcarman@tis.com
                                 Tel: (301)854-5374

COPYRIGHT/DISCLAIMER:

RecoverKey and RecoverKey-International are trademarks of Trusted
Information Systems, Inc.  BSAFE is a trademark of RSA Data Security
Incorporated.

All information provided is deemed reliable and is believed to be
accurate, but is not guaranteed. All information that has been provided
should be independently verified.

PLEA TO THIS MAILING LIST'S PARTICIPANTS:

There are some who find the concept of using "key recovery" to achieve
exportability controversial.  I would encourage these individuals who
wish to express their opinions on this topic to do so, but in forums
better suited to this discussion such as the USENET newsgroup
"talk.politics.crypto"--and not this mailing list.  I hope my posting
here does not ignite a flame war, and I apologize in advance to
Microsoft and the readers of this list if this posting distracts from
the list's goal.

Enjoy,

Dave Carman
RecoverKey Development Manager
Trusted Information Systems
dwcarman@tis.com
(301)854-5374

[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic