[2313] in cryptography@c2.net mail archive
Re: Rivest's Wheat & Chaff - A crypto alternative
daemon@ATHENA.MIT.EDU (Rick Smith)
Mon Mar 23 13:44:06 1998
In-Reply-To: <v04003a00b13a7239d6b0@[198.115.179.81]>
Date: Mon, 23 Mar 1998 11:06:40 -0600
To: Vin McLellan <vin@shore.net>, cryptography@c2.net
From: Rick Smith <rsmith@securecomputing.com>
This reminds me of a hack people used to suggest for protecting MLS traffic
from covert channels -- you add noise to the signal so that the attacker's
signal is lost in the noise. The old Multinet Gateway even had a feature
where users could "tune" it to eliminate covert channels by adding noise.
Of course, the countermeasure worked in inverse proportion to the device
bandwidth, so you had a tunable choice between performance and secrecy.
Users with "real" applications almost always tuned for performance,
eliminating all covert channel protection. They chose performance over
secrecy.
In short, previous experience would suggest that Rivest's idea will never
fly. Most people will gladly give up secrecy in exchange for bandwidth,
except in a few situations. That's why SSL is so popular -- you pay the
performance penalty for encryption only when you really need to. Even
better, the penalty only affects computing resources and doesn't take up
communications bandwidth. I doubt SSL would be as popular if it used lots
more communications bandwidth.
Also, this is probably pointless from a political standpoint. If the
government successfully defends its "right" to access encrypted data, then
I think it's naive to believe that they won't demand access to
authentication secrets if they're essential for snooping. Currently, good
authentication products fall under export control simply because encryption
is an essential ingredient of good authentication. Such products are
generally approved for export as long as the crypto is only used for
authentication and not for confidentiality.
Rick.
smith@securecomputing.com
