Re: [STDS-P1619] IEEE 1619 XTS submission to NIST for consideration as an Approved Mode of Operation, and Call for Sponsors
Matt,
This looks good. Could you make sure NIST gets (the most up-to-date version
of) this list together with the XTS specs? Without the list the chance of a
NIST approval looks slimmer.
Laszlo
Matt Ball
<matt.ball@IEEE.O
RG> To
No Phone Info STDS-P1619@LISTSERV.IEEE.ORG
Available cc
Subject
02/27/2008 03:27 Re: [STDS-P1619] IEEE 1619 XTS
PM submission to NIST for
consideration as an Approved Mode
of Operation, and Call for Sponsors
Please respond to
Matt Ball
<matt.ball@IEEE.O
RG>
Hi Laszlo,
I've compiled a list of companies claiming IEEE 1619 and 1619.1 compliance
at this article. There are three open-source hard disk encryption
utilities that use 1619 XTS mode, plus several hardware core vendors.
P1619.1 is supported by all major tape drive vendors.
Cheers,
-Matt
On Mon, Feb 25, 2008 at 8:17 PM, Laszlo Hars <Laszlo.Hars@seagate.com>
wrote:
I basically agree with Jim about the extortion. However, when I asked the
NIST guys two years ago about the possible standardization of the current
P1619 encryption mode, they told me that if there would be a large number
of implementations and the algorithm proved to be sound, they would
consider recommending it.
Nobody replied to the request for a list of known implementations. Trade
secrets could be a reason, but it does not look like "a large number of
implementations" so far. Disk manufacturers certainly will not implement
XTS (several hundred million encryption devices produced a year), because
it was tailored for external (transparent) encryption modules. SW
encryption will also be better served with other encryption modes. I fear
that even if pay, NIST would reject the proposal based on the small
number
of implementations.
James Hughes <>
No Phone Info
Available To
STDS-P1619@LISTSERV.IEEE.ORG
cc
02/25/2008 10:02
PM Subject
Re: [STDS-P1619] IEEE 1619 XTS
submission to NIST for
Please respond to consideration as an Approved Mode
James Hughes of Operation, and Call for Sponsors
If you are talking about asking companies for money to give IEEE to open
the document for everyone, I would support this. Baring that, IEEE will
get
their money by selling individuals getting copies.
If you are talking about giving IEEE the money to allow NIST to write
their
own document, then I disagree with your logic.
We (the members) are being asked by you to give up thousands each for
just
one government that wants to standardize this algorithm. What are we
going
to do when the UK, Canada, China, France, and the 230 other countries
that
are part of the UN?
The CCM case, in addition to the fact that the 802.11 are open (for some
reason) there were clear scholarly papers on that subject out there.
Your argument about IEEE being cheap is not correct at all. This is an
IEEE
group, not because it is cheap, because it is open standards committee.
T10, T11, T13 are ANSI organizations and participation does not require
membership in INCITS which is part of the SCSI Trade Association. The
others, TCG, SNIA, OASIS, as well as INCITS and the SCSI Trade
Association
are neither open nor standards committees, they are trade group, industry
association or consortium. IEEE 1619 is not a trade group, industry
association or consortium and this group benefits greatly because of that
fact, and this fact has nothing to do with the cost of IEEE.
I would think that IEEE's goals would be better met by IEEE releasing the
document for the creation of any national standard provided the standard
is
not modified, and the IEEE and the document information is clearly stated
in the national standard. This advertising would be valuable to IEEE. If
they do this they will make far more money than if we write our own
scholarly paper and bypass IEEE (which we can).
I am unswayed by your argument. You may suggest as you wish, but I again
strongly recommend that take my objections to IEEE.
If IEEE does not allow NIST to standardize P1619 without extorting
thousands of dollars from the members then I strongly suggest that we
write
a scholarly paper that contains the algorithm and all it's tweaks using
our
original stuff and submit it for publication somewhere and then give this
document to NIST.
I would expect that Jack and Curtis will be interested in this also since
this sets the precedence that any nation interested in standardizing any
of their standards will require this payment to IEEE.
Frankly, I hope I have this wrong.
Jim
On Feb 25, 2008, at 5:36 AM, Matt Ball wrote:
Jim and Doug,
These are very good points, and I agree that it seems silly to
donate
our time for free, and then pay IEEE to get access to the document
that we spent 5 hard years writing.
But it is equally important to see the IEEE point-of-view. IEEE has
spent thousands of dollars over the last 5 years supporting P1619,
through paid administrative assistants, staff liaisons, editors, and
hasn't seen any significant return yet, nor can absolutely expect
one
(most IEEE standards are largely unused). In this light, it seems
very reasonable for IEEE-SA to ask for a little money to recoup its
expenses on P1619.
Doug, you mentioned that there was no charge for 802.11i when NIST
wanted to make this a standard. This perception is the result of
some slight-of-hand by the 802 LAN/MAN standards committee. What
actually happens is that the 802 charges for face-to-face meetings
and uses this money to fund free publication. You can get 802.11i
and most every other 802 standard for free as a result. (See <
http://standards.ieee.org/getieee802/802.11.html>). NIST's getting
a
free copy of CCM during the public review process was just a result
of this policy.
The reality is that IEEE-SA makes a significant amount of money off
of 802 standards. The 802 LAN/MAN committee can leverage some good
rates with IEEE-SA, but they still pay.
Asking for a thousand or so each would be a very reasonable rate for
the service that IEEE provides. There is no other standards group
that I know of that could have let us develop P1619 as cheaply as
we've done. Most of the big groups ask for over $10k a year (TCG,
SNIA, OASIS). Even INCITS (T10, T11, T13) costs over a thousand a
year now. P1619 is still free for participation.
Next month in Piscataway, I will show IEEE a compelling
value-proposition for the free publication of XTS during the NIST
public comment period (increased public-awareness of IEEE P1619,
advertising for P1619.1, .2, .3, etc), but the chance of making this
sale for free is low.
Hope this clears things up!
Cheers,
-Matt
On Sun, Feb 24, 2008 at 1:53 PM, Doug Whiting wrote:
I agree with Jim. I believe that NIST will just take the IEEE doc
for information and then write their own "compatible" doc in their
own format. So it's not really a copyright issue, as I see it. I'm
quite sure that, when we designed and wrote up the CCM algorithm
for 802.11i (WiFi), there was no charge when NIST wanted to make
that a standard. Seems like there must be a way for NIST to do
this
for free.
I spent a bunch of my time working on this effort to help out, and
I allowed IEEE to use my example source code for free in the doc.
Otherwise I'm not inclined to spend any more time participating in
future IEEE standards.
From: James Hughes
Sent: Sunday, February 24, 2008 3:04 AMSubject: Re: [STDS-P1619]
IEEE 1619 XTS submission to NIST for consideration as an Approved
Mode of Operation, and Call for Sponsors
I personally find this extortion abhorent. The use of a standard
as
a standard is what the IEEE standards orgnization is about. NIST
is
NOT going to profit from this. The only profit will be IEEE who's
stature as a relevant standards creation organization will be
heightened. I feel that this is being charged because the companes
involved can afford it, not became it is right. I personally feel
ashamed. Please, when you present your case state my opinion as an
Sr IEEE member, conference organizer and TC Chair.
On Feb 22, 2008, at 3:50 PM, Matt Ball wrote:
Hi All,
Here's the latest update on submitting XTS-AES to NIST:
Right now Jack Cole and I are working with IEEE-SA to ask
for
a copyright release on the portion of IEEE 1619 (approved
last December) that describes the XTS-AES cryptographic mode
of operation. We would like to submit XTS to NIST for
consideration as an Approved Mode of Operation for FIPS
140-2
certification. Serge Plotkin has offered to write up such a
proposal.
Sun Microsystems is sponsoring me to fly out to Piscataway,
NJ during the IEEE standards board meeting (March 26-27) to
discuss terms for releasing the copyright during NIST'
public
review period for XTS.
IEEE is unlikely to do this for free. I don't know what the
final price will be, but it will likely be in the range of
$10k - $40k. For this reason, I ask that all of you who
benefit from the approval of IEEE 1619 XTS to please
consider
donating a few thousand dollars to help IEEE 1619 gain
acceptance by NIST for FIPS 140-2. Such acceptance would be
highly strategic for many encryption products.
Please let me know if your company is able to contribute to
the copyright release of XTS. I'll need to know before
March
26th, which gives you a month or so to check budgets.
Contributions would be collect in April, so this will likely
come from next quarter's budget. :)
Please let me know if you have any questions, and I thank
you
for your support!
--
Thanks!
Matt Ball, IEEE P1619.x SISWG Chair
M.V. Ball Technical Consulting, Inc.
Phone: 303-469-2469, Cell: 303-717-2717
http://www.mvballtech.com
http://www.linkedin.com/in/matthewvball
This email message is for the sole use of the intended
recipient(s)
and may contain confidential and privileged information which is
protected from disclosure. Any unauthorized review, use,
disclosure
or distribution by any means is prohibited. If you are not the
intended recipient, please contact the sender by reply email or at
(408) 399-3500 and destroy all copies of the original message.
--
Thanks!
Matt Ball, IEEE P1619.x SISWG Chair
M.V. Ball Technical Consulting, Inc.
Phone: 303-469-2469, Cell: 303-717-2717
http://www.mvballtech.com
http://www.linkedin.com/in/matthewvball
--
Thanks!
Matt Ball, IEEE P1619.x SISWG Chair
M.V. Ball Technical Consulting, Inc.
Phone: 303-469-2469, Cell: 303-717-2717
http://www.mvballtech.com
http://www.linkedin.com/in/matthewvball