From msuinfo!uwm.edu!spool.mu.edu!sgiblab!munnari.oz.au!metro!sunb.ocs.mq.edu.au!laurel.ocs.mq.edu.au!ifarqhar Sat Nov 27 17:57:45 1993 Path: msuinfo!uwm.edu!spool.mu.edu!sgiblab!munnari.oz.au!metro!sunb.ocs.mq.edu.au!laurel.ocs.mq.edu.au!ifarqhar From: ifarqhar@laurel.ocs.mq.edu.au (Ian Farquhar) Newsgroups: sci.crypt Subject: Information about SENECA Date: 26 Nov 1993 00:43:44 GMT Organization: Macquarie University Lines: 137 Distribution: world Message-ID: <2d3jg0$d7o@sunb.ocs.mq.edu.au> NNTP-Posting-Host: laurel.ocs.mq.edu.au Summary: The Australian DES-replacement - brief information Keywords: SENECA, DES, DSD, DSTO, Australian Government This article was posted on the 1st November, but I have not received any feedback at all from it. Unfortunately, it appears that our news system was down over this period, so I am assuming that this article was a casualty of that outage. * * * * I've been chasing information about SENECA for about a week now, and due to the interest that has been expressed on sci.crypt, I am posting a summary of what I have found out about this cipher. I had initially called the DSTO and discovered, to my surprise and theirs, that it had been the DSD who had released the information about SENECA. DTSO then provided me with a contact name at the DSD. For those unfamiliar with the Australian security services, the DSD could be said to be the Australian analog of the US NSA, and "holds the responsibility for advising the Federal Government on means of securing national and privacy information". Unfortunately, the summary is that SENECA will not be publicly released, either as an algorithm, or in silicon. An excerpt of the PCWeek article has already been posted. Following is the full article, which I am reproducing here without permission in accordance with section 40 of the Australian Copyright Act 1968 ("fair dealing" for the purposes of research and study). >From PCWeek Magazine, October 20, 1993. ISSN 1030-6137. Article title "DES Killer Ensures Secure Government". "The Australian government has secretly developed its own data encryption firmware and algorithm, killing its dependence on the US DES (Data Encryption Standard) algorithm." "Called SENECA, the firmware element was developed as a joint project of the Defence Science and Technology Organisation (DSTO) in Adelaide and the Defence Signals Directorate (DSD) in Canberra. SENECA will only be available to approved users within approved government departments in Australia and New Zealand, said the DSD source close to the four-year-old project. It will not be available to the States or banks." "'SENECA will be used only for sensitive data; no Nationally Classified data applications will be given access,' the source said. Tax file numbers, social security and other high-security personal data are all classified as sensitive." "The encryption algorithm was developed in conjunction with Melbourne firm Cima. The chip has been produced by AWA Micro Electronics. The DSD has been in possession of the chip since December last year." "It is a symmetric encryption technology like DES, but can operate at very high speeds," said the source. SENECA's original specifications included a though-put of 2Mbps, but testing has achieved rates of 20Mbps." "SENECA will be available soon to a limited number of vendors with security clearance, for insertion into products for approved government use." (Byline: Chris Moriarty. Additionally: "Chris Moriarty works for the specialist networking publication, LAN Magazine." I should also point out that this month's LAN Magazine has a blatantly silly article about DES, which claims that it is a "top secret" US Government algorithm which has been given only to seven other countries.) Some further information: The cipher, as stated above, is not cleared for use in national security applications. What it is intended as is a replacement for DES in the new privacy classifications of "highly protected", "protected" and "in confidence". Formerly DES had been employed for these classifications, but was now seen as inappropriate. Unfortunately, I did not raise the question of triple DES. (See note 1 below.) The article above had been in error, as the encryption algorithm was developed as a joint project between the DSD and a DSTO group in Melbourne. Up until a couple of years ago, the DSD was based in Melbourne, but later moved to Canberra. Producers of cryptographic equipment for the Australian government would be supplied with only the number of chips to fill their orders, and access to the device will be highly controlled. Note that release to state government departments and banks is not going to happen. Note also that there is no key escrow mechanism, as the release of the device itself would be tightly controlled. I think that the most interesting comment about SENECA concerns not that cipher, but DES itself. The DSD appears unwilling to certify even DES for information given under an "in confidence" classification. One could argue that when compared to the usual security classifications, even "highly protected" is a relatively low security grouping. I find it fascinating that single-DES is now being deemed inappropriate for even these. Interestingly, SENECA's key size is 64 bits, which I questioned as inadequate, but which I was told was deemed suitable for this classification of information. (See note 2 below.) As was stated in the article, the New Zealand government have also requested a supply of SENECA chips, although they have not requested access to the algorithm as yet. (See note 3 below.) I also find it rather sad that the Australian government has not decided to release SENECA. There is a crying need to replace DES with a cipher which has been rigorously tested, and whose definition is formalised without the royalty or licencing problems of many other proven ciphers. As a matter of courtesy, I passed this article onto the person I contacted at the DSD for his comment and correction. He faxed me a page of information (mostly corrections and clarifications), which I have either incorporated into the relevant sections above, or which I will repeat in note-form below: Note 1: In my original version of this document, I had made the comment that DES was now seen as "inadequate", but it was suggested that I change this to "inappropriate". The statement was: "[my wording] does not accurately convey the situation was we [DSD] see it. DES has been one of several algorithms approved for these classifications, other proprietary algorithms have also been approved following DSD evaluation. Also, I would prefer to see the word 'inappropriate' used instead of 'inadequate' as, among other things, we see DES as having its proper place in the banking industry and not for protecting government and privacy information." Note 2: "I would state our expectation with regard to DES within the Australian Government as follows. Where DES is already in use, it will remain in use and will be supported by DSD until it becomes necessary to replace existing equipment. Purchases of equipment for new systems will be expected to be SENECA based when that option exists. It is our hope that over time, SENECA will be the dominant algorithm protecting government communications and that DES will gradually be phased out." Note 3: "The New Zealand government, when informed of this initiative, asked whether SENECA based products, or the chips, would be made available to them, and this has been agreed by DSD. To date there have been no products to offer the NZ government, and only a small number of prototype chips have been produced, these being held by DSD." -- Ian Farquhar Phone : + 61 2 805-9400 Office of Computing Services Fax : + 61 2 805-7433 Macquarie University NSW 2109 Also : + 61 2 805-7420 Australia EMail : ifarqhar@laurel.ocs.mq.edu.au.