[2741] in cryptography@c2.net mail archive
Re: DRUDGE-REPORT-EXCLUSIVE 5/20/98 (fwd)
daemon@ATHENA.MIT.EDU (Declan McCullagh)
Thu May 21 22:16:36 1998
In-Reply-To: <3.0.1.32.19980521173208.006d3dd4@idt.net>
Date: Thu, 21 May 1998 18:13:58 -0500
To: Jay Holovacs <holovacs@idt.net>
From: Declan McCullagh <declan@well.com>
Cc: William Knowles <erehwon@dis.org>, cryptography@c2.net
At 17:32 -0400 5/21/98, Jay Holovacs wrote:
>The whole article is built on one anonymous statement and a reporter's
>comments. Notice complete lack of any authenticatable sources:
[snip]
>Unidentified source, single sentence quote (upon what this whole article is
>based). It gets better:
Quite right. Now, unnamed sources are not always bad. I hate using them,
but sometimes realistically you gotta. (Our Microsoft article in this
week's Time has quotes from unnamed sources I spoke with Saturday night
about the breakdown in negotiations.) But when you're talking about
Drudge's ramblings, it's a whole different story... Read on...
-Declan
********
Date: Thu, 21 May 1998 14:39:54 -0700 (PDT)
From: Declan McCullagh <declan@well.com>
To: politech@vorlon.mit.edu
---------- Forwarded message ----------
Date: Thu, 21 May 1998 14:35:59 -0800
From: whitfield.diffie@Eng.Sun.COM
To: declan@well.com
Subject: Threat of crypto capture
Thu, 21 May1998 at 14h35
> One major issue that made Defense and State Department types nervous ...
I'm not very worried. I don't know how that piece of equipment
(presumably the KI-23 of Mycotronx fame) works, but:
(1) The cryptosystem in question is probably not really very
secret. Typical operational US cryptosystems are classifed
Secret/Noforn (although in fact many are NATO standards).
There is not even any guarantee that the system in question
has not been shared with the Chinese.
(2) The design of the cryptosystem is probably protected by
embedding in a tamper resistant chip. I can't say precisely
how good these are (see: Ellen Raber and Michael O. Riley.
``Protective Coatings for Secure Integrated Circuits,'' Energy
and Technology Review, May--June 1989, pp. 13--20.) but the
Agency guys seem to have a lot of faith in their ability to
protect things from opponents who only get one crack.
(3) The key is presumably not at risk at all. If the satellite
crashed, the rebuilt one would undoubtedly be keyed differently.
It is furthermore straightforward to build the system so that its
key can be updated (by Diffie-Hellman techniques of course) so that
an opponent who knew the key at some point could capture the
satellite outright (thereby denying the original owners access) but
could not maintain covert capacity to take it over at some future
date.
--------------------------------------------------------------------------
POLITECH -- the moderated mailing list of politics and technology
To subscribe: send a message to majordomo@vorlon.mit.edu with this text:
subscribe politech
More information is at http://www.well.com/~declan/politech/
--------------------------------------------------------------------------
