Issue No.05 - September-October (2004 vol.2)
Published by the IEEE Computer Society
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/MSP.2004.79
<p><em>Santa Barbara Health Exchange: User-Driven Security Prevails</em> <div>A pioneering healthcare data exchange project in Santa Barbara County, California, could be an early example of how secure community-wide clinical data sharing can improve both personal healthcare and community-wide public health initiatives.</div></p> <p><em>DES Is Dead: NIST Declares Standard Officially Obsolete</em> <div>The venerable Data Encryption Standard (DES), called the "most important algorithm ever made" by one of the world's foremost experts in electronic security, has been declared officially obsolete by the US government.</div></p> <p><em>News Briefs</em>, Scott L. Andresen</p>
Santa Barbara Health Exchange User-driven Security Prevails
A pioneering healthcare data exchange project in Santa Barbara County, California, could be an early example of how secure community-wide clinical data sharing can improve both personal healthcare and community-wide public health initiatives.
The Santa Barbara County Clinical Care Data Exchange (SBCCDE) is a countywide project funded by a grant from the California HealthCare Foundation, and gives the county's three hospitals—plus participating physician groups, laboratories, and the public health authority responsible for running the county's Medicaid program—instant access to patient records via a brokered peer-to-peer architecture.
Technology that gives physicians instant access to a patient's records might be critical in improving the quality of care. A 1999 Institute of Medicine report estimated anywhere between 44,000 and 98,000 people in the US die each year from medical errors, many of which could be prevented if better patient information were available to physicians at the point of care.
The technology also meets all requirements of the federal government's Health Insurance Portability and Accountability Act (HIPAA), which mandates security requirements for the electronic transmission of healthcare records. All except the smallest offices will need to be HIPAA-compliant by 20 April 2005. Some of the technical standards under HIPAA are required, and some are "addressable," meaning a system can opt for an alternative method that meets the regulation's desired goal.
In building the system, CareScience engineers worked closely with the county's physicians to craft a security architecture that met and sometimes exceeded HIPAA regulations without requiring physicians or their staff members to spend undue amounts of time logging in.
The Care Data Exchange is the broker between providers such as hospitals, payors such as insurance companies and government health and welfare divisions, and end users including physicians and patients. As a broker, the exchange contains no patient data itself. Its information-location service links to addresses for patient data behind providers' discrete firewalls, which "provides an additional level of security," says Nick Augustinos, vice president of the Care Data Exchange Group for CareScience.
The original design for the exchange included communications protected by secure HTTPS, secure FTP, the Secure Sockets Layer, and 168-bit DES encryption, as well as digital certificates for logon rights. However, physicians balked at the certificate requirement.
"Digital certificates can be fairly onerous from the management standpoint as well as the usability standpoint," Augustinos says, "and physicians did not want to jump through a lot of hoops as they tried to access this data. Digital certificates tie you in a lot of ways as an end user to a specific machine, and we have a very mobile environment."
As a result of physicians' complaints, certificates were eliminated in favor of password logons with each password subject to time limitations decided by the SBCCDE.
Other hallmarks of the exchange's security architecture include several provisions: only authorized users can access data according to rules established by the data provider; patient consent is required and logged by the data requester to view data; the data holder provider can override an authorized request and withhold data if requested by the patient; and access and consent are logged for patient review and routine auditing.
The system, which is expected to go live countywide in late 2004, also passed a "hack" test conducted by an independent security firm.
Augustinos says the project, in which 70 percent of the county's providers might participate, will enable instantaneous delivery of critical records.
"A large proportion of the county's inhabitants are migrant workers or otherwise move around in their jobs in the agricultural community," he says. "As they moved around, there was no way to move their records around other than phone, fax, or paper, which were often unavailable to the physician at the point of care."
DES IS DEAD: NIST DECLARES STANDARD OFFICIALLY OBSOLETE
The venerable Data Encryption Standard (DES), called the "most important algorithm ever made" by one of the world's foremost experts in electronic security, has been declared officially obsolete by the US government.
"It invented cryptography," says Bruce Schneier, chief technology officer of Counterpane Internet Security, and author of Applied Cryptography, a standard reference work for the industry. "It was the catalyst for modern nonmilitary cryptography."
Adopted in 1977, the 56-bit encryption standard formed the foundation of encryption for a wide array of applications ranging from financial services to data-over-cable modem (DOCSIS), but it fell victim to Moore's law, according to William Burr, manager of the security technology group at the National Institute of Standards and Technology. A NIST special publication issued in May 2004 first declared DES no longer sufficient for encrypting data transmitted by government agencies and contractors. The obsolescence, stated in the withdrawal of the Federal Information Processing Standard (FIPS) that approved DES, was disseminated in the 26 July 2004 Federal Register ( http://csrc.nist.gov/Federal-register/July26-2004-FR-DES-Notice.pdf).
"DES was first publicly cracked in 1997, in about five months—we can imagine that governments' intelligence agencies may have done it earlier—using a large network of computers," Burr says. "In 1998, the Electronic Freedom Foundation constructed a hardware 'DES cracker' at a cost of about [US]$130,000, including all the design costs. It took this machine about four and a half days to find a DES key typically. Following Moore's law, that machine, if it were designed and built today, ought to take about 12 hours to find a DES key, and would cost a few thousand dollars to build, if you built them in quantity. If you had a few million dollars to spend, you could reduce the time to a few minutes.
"Obviously, DES still provides some protection, because most attackers don't have a specialized DES cracker or a large network of computers at their disposal. But we're rapidly approaching the point, if we're not already there, where you could buy a computer off the shelf for a couple of thousand dollars that would be able to crack a DES key in a few months. An algorithm that a few thousand dollars of off-the-shelf hardware can break in a few months is not good enough for a federal encryption standard."
The May 2004 NIST specification ( http://csrc.nist.gov/publications/nistpubs/800-67/SP800-67.pdf) declares DES might be used only as a component of the Triple Data Encryption Algorithm (TDEA), which provides 112 bits of key strength. TDEA and the new Advanced Encryption Standard (AES) will coexist as federally recognized standards through 2030, although NIST recommends the earliest possible adoption of AES. NIST accepted comments on the new specification through 9 September 2004.
"Basically, the comments seem to fall into two camps," Burr says. "Those who have a lot of equipment that uses DES say, 'Please consider how much it's going to cost us to upgrade to AES or TDEA,' while the cryptographers say, 'This is past due, you should have done it long ago.'"
Even entities not involved in transmitting federal data, such as those responsible for DOCSIS, have advised their members that DES will need to be replaced sooner rather than later. In its latest specification for the Baseline Privacy+ Interface (BPI+) published in April 2004, Cable Television Labs surmised DES would be suitable for cable modem use for five years or more, but, they noted, "at some future date, DOCSIS cable modems will need to adopt a stronger traffic encryption algorithm, possibly AES."
Schneier says the obsolescence of DES should come as no surprise, and Burr says those who submitted comments against the decision are likely to be facing either great expense in replacing hardware such as DES-enabled radios, or else adverse publicity in adhering to the fading standard.
NIST will look closely at all the comments gathered, and "if we were to find a persuasive argument that we should continue with single DES, we might issue a revision, but I don't think that's very likely," Burr says. "We have to go with the world's collective cryptographic experience."