Deputy Secretary of Defense John P. White has approved
changes in the Department of Defense's encryption policy for
computer products.
This decision aligns the FORTEZZA card, a low cost
cryptographic token for digital signature and encryption services
at the desktop, and its associated public key infrastructure with
the Clinton Administration's October 1996 policy promoting key
recovery.
As outlined in the Administration policy, key recovery
relies on trusted parties to verify digital signatures and also
hold spare keys to confidential data. Those keys could be
obtained only by persons or entities that have lost the key to
their own encrypted data, or by law enforcement officials acting
under proper authority. It is analogous to asking one's
neighbors to safeguard house keys. This policy adopts a market-
driven approach to promoting global key recovery with industry.
Originally the FORTEZZA crypto card implemented the key
escrow mechanism outlined in Federal Information Processing
Standard (FIPS)-185. Key escrow called for government agencies,
rather than private parties, to hold the key data.
The National Security Agency, the developer of the FORTEZZA
card, will no longer implement the FIPS and will implement the
transition to key recovery with the upcoming large volume
deliveries of cards for the Defense Message System. Such
deliveries are expected in April.
Pending availability of commercial products which support
the global key recovery infrastructure sought by the
Administration's new policy, the existing FORTEZZA infrastructure
will provide an interim capability for addressing key recovery.
Concurrently, the Administration is continuing to work in
cooperation with industry and foreign governments on the
development and deployment of a global key recovery standard.
