Cryptography's Role in Securing the Information Society

Questions? Call 800-624-6242

About | Ordering | New

LoginRegister

| Items in cart [0]

HARDBACK
price:$44.95
add to cart

Rights & Permissions

Free PDF Access

Free Resources

Related Titles

Cryptography's Role in Securing the Information Society (1996)
Computer Science and Telecommunications Board (CSTB)

Citation Manager Export the bibliographic data for this book in your chosen format
Web Search Builder Use this book's key terms to search within this book, across our collection, or across the Web.
Skim This Chapter Skim this chapter and use this chapter's key terms to search within this book.
Reference Finder Paste in your own text to find books that relate to your topic.

Citation Manager

. "M - Federal Information Processing Standards." Cryptography's Role in Securing the Information Society. Washington, DC: The National Academies Press, 1996.

Please select a format:

Page
488


E-mail Share on facebook Facebook Share on delicious Delicious Share on stumbleupon Stumble Share on twitter Twitter More Sharing ServicesMore

The following HTML text is provided to enhance online readability. Many aspects of typography translate only awkwardly to HTML. Please use the page image as the authoritative form to ensure accuracy.

Page 488

to the extent that a FIPS is based on existing private sector standards, it codifies standards of existing practice with all of the benefits (and costs) described above. A second reason is that a FIPS is often taken as a government endorsement of the procedures, practices, and algorithms contained therein and thus sets a de facto ''best-practices" standard for the private sector. A third reason is related to procurements that are FIPS-compliant as discussed in Chapter 6.

Products such as computers and communication devices that are intended to interoperate with other equipment are of little value if they are based on a standard few others use—there is no one to communicate with. For this reason, interoperability standards often foster a sudden acceleration in market share growth—a bandwagon effect—in which users afraid of being left out rush to adopt a standard once it appears clear that most other users will adopt that standard. The flip side of this phenomenon is the potential for significant delay in development of a market prior to this takeoff point: users put off purchasing products and services that might become "orphaned" in the future. During a period in which more than one competing standard exists, the entire market's growth may be adversely affected. The failure of a consumer market for AM stereo receivers, for example, was largely due to the lack of a dominant standard.7

Competing standards developed in the private and public sectors could be slowing the spread of cryptographic products and services. The two cryptography-related FIPSs most recently produced by NIST were not consistent with existing de facto industry standards. As discussed previously, the Escrowed Encryption Standard was adopted as FIPS 185 despite the overwhelmingly negative response from private industry and users to the public notice in the Federal Register.8 The Digital Signature Standard was also adopted despite both negative public comments and the apparent emergence of a de facto industry based on RSA's public-key algorithm.9

7 For further discussion of the interactions between interoperability standards and development of markets for goods and services, see Stanley Besen and Joseph Farrell, "Choosing How to Compete: Strategies and Tactics in Standardization," Journal of Economic Perspectives, Volume 8(2), Spring 1994, pp. 1-15; and Joseph Farrell and Garth Saloner, "Competition, Compatibility and Standards," Product Standardization and Competitive Strategy, H. Landis Gabel, ed. Elsevier Science Publishers B.V., Amsterdam, 1987.

8 Susan Landau et al., Codes, Keys, and Conflicts: Issues in U.S. Crypto Policy, Association for Computing Machinery Inc., New York, 1994, p. 48.

9 Landau et al., Codes, Keys, and Conflicts, 1994, pp. 41-43.