Slashdot Mirror

← Back to Stories (view on slashdot.org)

China Frustrated In Encryption Talks

Posted by ryuzaki0 on from the can't-always-get-what-we-want dept.

mikesd81 writes "According to an AP article, the Chinese are pushing for the encryption standard called WAPI. It's not going so well, as the majority of countries are taking the IEEE standard 802.11i. From the article: 'An international dispute over a wireless computing standard took a bitter turn this past week with the Chinese delegation walking out of a global meeting to discuss the technology. The delegation's walkout from Wednesday's opening of a two-day meeting in the Czech Republic escalated an already rancorous struggle by China to gain international acceptance for its homegrown encryption technology known as WAPI. It follows Chinese accusations that a U.S.-based standards body used underhanded tactics to prevent global approval of WAPI.'"

15 of 252 comments (clear)

  1. Re:openssl? by zootm · · Score: 3, Informative

    I'm not any sort of expert, but I believe that OpenSSL is an implementation of an existing standard, whereas the things up for debate here are the next-generation standards to use. Furthermore, these standards are for wireless connections, which isn't something that OpenSSL has anything to do with.

    So basically, it's not relevant, I'm afraid.

  2. Re:If China Does Not Like It. . . by backwardMechanic · · Score: 2, Informative

    Selling stuff. Why restrict yourself to your home market when you can sell to the whole world? You've gotta think big.

  3. Re:It boils down to... by klmth · · Score: 4, Informative

    The algorithm selected for AES was originally called Rijndael, and was developed by two Belgian cryptographers.

  4. Re:Maybe I'm too paranoid, but... by mrchaotica · · Score: 3, Informative

    They have to legitimately pay for licenses on anything they manufacture and import into the US. The grandparent poster's theory is that they want to give their router manufacturers a competitive advantage, because otherwise they have to pay the same license fee as everyone else and can't undercut the competition as much.

    --

    "[Regarding the 'cloud,'] ownership was what made America different than Russia." -- Woz

  5. Re:I trust neither by dpilot · · Score: 4, Informative

    I seem to remember some old stories about the NSA and the DES standard.

    The NSA pushed for a few changes in the standard, without divulging the reasons. Some thought it was to insert a backdoor or vulnerability. Years later, after the outside world developed more crypto expertise, the found that the NSA had actually closed a vulnerability that nobody else even knew about. If the NSA had a backdoor into DES, it was with hardware that could brute-force it.

    --
    The living have better things to do than to continue hating the dead.
  6. Re:It boils down to... by hengist · · Score: 4, Informative
    The I in IEEE stands for International.

    It stands for Institute.

  7. Re:Maybe I'm too paranoid, but... by Anonymous Coward · · Score: 4, Informative

    It's got nothing to do with the US being better than China - the Chinese delegation is trying to portray it as a national issue, but actually it's about open standards. 802.11i is a published, peer-reviewed standard based on published, peer-reviewed encryption algorithms. In fact the driving force behind 802.11i is the flaws that were found in 802.11b by people outside the IEEE. If 802.11b had been a closed-book standard like WAPI, those flaws would still have existed but they might never have been made public.

  8. Re:Hypocracy by mrchaotica · · Score: 2, Informative

    No, the reason why printer drivers (in particular) are so big is that they have to recognize and refuse to print money, and put in tracable watermarks and stuff.

    --

    "[Regarding the 'cloud,'] ownership was what made America different than Russia." -- Woz

  9. Re:Not so fast Sherlock... by quarkscat · · Score: 4, Informative

    Let's see what the real issues are:

    IEEE / ISO standard == open standard
    Chinese WAPI == closed standard

    The Chinese government requires that any implimentor pay
    licensing costs to China. If you want to embed their WAPI,
    you must incorporate in China with a Chinese entity as the
    majority shareholder. The questions become: "Does Intel
    really want to make the Chinese government their "senior"
    partner in chipset fabs, just to get WAPI embedded?"
    "And considering the potential for Chinese government trojans
    and/or backdoors in their WAPI code, would Intel risk losing
    any /all of their Western government hardware sales by
    adopting WAPI?"

    Leveno quality control, as well as the increased potential for
    trojans / backdoors in their software drivers, has already
    made a negative impact on sales of IBM's former hardware
    company.

  10. Re:I trust neither by Kadin2048 · · Score: 2, Informative
    Such a standard would be openly published, for anybody to inspect. It would, in fact, be an open standard. That's why we have standards.
    So ... basically ... like 802.11i, the proposed standard by the IEEE, and AES, which is at its core? And not like the Chinese standard?

    You can download the IEEE spec here: http://standards.ieee.org/getieee802/download/802. 11i-2004.pdf. You're not allowed to modify or distribute it, and the IEEE retains copyright, but you can download, read, inspect, and archive it. That's a lot more than I can say about the Chinese version.

    Information on AES can be had directly from the NIST (http://csrc.nist.gov/CryptoToolkit/aes/rijndael/R ijndael-ammended.pdf).
    --
    "Ladies and gentlemen, my killbot features Lotus Notes and a machine gun. It is the finest available."
  11. An informative article... by wkcole · · Score: 4, Informative

    EETimes did a fact-rich article in March. The first paragraph of the second page is most illuminating. It seems the "startup" that owns the secret encryption mechanism lacks any visible means of support, and it is a "spinoff" of a government body.

    IMHO there is far too much polite gentility and benefit of the doubt shown in the media, and ISO, and WTO and even /. to the thugs who run China. There's no moral or technical equivalency involved here. The Chinese government presented WAPI late accompanied by protectionist threats and has been whining disingenuously about the world mistreating it in the process ever since. WAPI has received over 2 years of special treatment because the rest of the world relies on Chinese de facto slave labor to build its electronic goods. If the ISO process was being run honestly with a legitimate goal of defining a trustworthy secure standard that can be widely implemented in interoperable and competitive ways, WAPI would have been dismissed when first proposed.

  12. Re:I trust neither by Surt · · Score: 2, Informative

    http://www.schneier.com/blog/archives/2004/10/the_ legacy_of_d.html

    Of course, this assumes that Bruce Schneier is not an NSA stooge.

    --
    "Who is the Journal of Quantum Physics going to believe?" --Stephen Hawking
  13. Re:No current implementation? by execute85 · · Score: 2, Informative

    AES is symmetric too (as was DES before it). Although asymmetric is "stronger", it is very slow. So usually you use asymmetric encryption to negotiate a symmetric key for the communication session. This is what SSL does and it's considered secure (in 128 bit symmetric mode).

  14. Re:Maybe I'm too paranoid, but... by WhiteWolf666 · · Score: 3, Informative

    Actually, the I stands for "Institute", as in Institute of Electrical and Electronics Engineers, Inc.

    --
    WhiteWolf666 an exBush supporter. All you new-school,compassionate,save the children Republicans can rot in hell
  15. Re:Maybe I'm too paranoid, but... by 1u3hr · · Score: 2, Informative
    As for thinking how other countries should be run - well, not so much. We suggest capitalist democracy

    You've got a century of installing and propping up dictators to live down. Recall Pinochet? Diem? Marcos? The Shah? Against that you've got Japan and Germany, but it's a mixed bag.