Re: Still Looking for that One, BRAVE, NASA and/or NAA Employee Re: Apollo One
From: Derek Lyons (fairwater_at_gmail.com)
Date: 12/23/04
- Next message: Brett Buck: "Re: Delta IVH - this can't make Seattle happy . . ."
- Previous message: Pat Flannery: "Re: B-58 "Hustler" launched Minuteman: APR Extra"
- In reply to: Herb Schaltegger: "Re: Still Looking for that One, BRAVE, NASA and/or NAA Employee Re: Apollo One"
- Next in thread: Herb Schaltegger: "Re: Still Looking for that One, BRAVE, NASA and/or NAA Employee Re: Apollo One"
- Reply: Herb Schaltegger: "Re: Still Looking for that One, BRAVE, NASA and/or NAA Employee Re: Apollo One"
- Messages sorted by: [ date ] [ thread ]
Date: Thu, 23 Dec 2004 06:12:52 GMT
Herb Schaltegger <herb.schaltegger@gmail.com.invalid> wrote:
>I disagree with the "(wrongly)" portion of this statement and with
>Christopher's apparent argument that analysis methods can be
>profitably protected via security. It's just applied mathematics,
>after all, and the NSA has found during the preceding 20 years (much
>to its chagrin) that it does not have a monopoly on highly educated,
>talented and skilled mathematicians, crypytologists, cryptographers
>and coders. Expecting analytical methods discovered by eggheads in
>the Puzzle Palace to remain secret is not a very good practice.
No one expects them to remain secret Herb. But that doesn't mean one
should not hide what one knows in order to deny an early advantage to
the other side.
Real world case in point: Rickover thought nuclear engineering was
pretty straightforward stuff that any reasonably advanced nation could
accomplish. It was only *after* he visited Russia and toured the
icebreaker Lenin that he realized how wrong he was. It was then that
naval nuclear propulsion was locked down.
>> Just because it doesn't require secrecy does not mean that secrecy
>> should not be part of the overall communications system plan.
>> Schneier misses that because he is a mathematician, not a security
>> expert.
>
>Umm, he's both. And contrariwise, he does agree that secrecy (or
>rather, real security, not what the current administration calls
>"security") has it's place, specifically with regard to things such as
>physical security of key storage, prevention of code tampering, etc.
>(Which, in fairness, you noted below). He argues (persuasively in my
>opinion as both a mathematically-educated engineer - 12 hours short of
>a minor in math - and as a student of political process and history)
Neither engineering, not mathematics, not political processes, nor
history have much to do with the issue. I've studied communications
security, and find his arguments unpersuasive when applied to the real
world.
>that keeping algorithms, methods and codes themselves secret does
>nothing to add to true security in any sense.
Real World Example: In (1942 IIRC) a U-boat operator screwed up and
transmitted a message using the (classified by the Germans and unknown
to exist by the Allies prior to that) 'thin' rotor on the U-boat
Enigma, said rotor being rotated out of the 'neutral' position it was
supposed to be in. That was our first clue as to it's existence, and
thank $DIETY it wasn't scheduled to be used for four more months...
Because it took most of that time for the Allies to figure out how to
break it.
Security was lost because something became 'declassified'.
>> >Because if the cryptosystem requires security, all it takes is one breach
>> >to render it entirely untrustworthy.
>>
>> Incorrect. *All* cryptosystems require some form of security, on the
>> keys if nothing else. This keeps valuable information out of the
>> hands of the black hats.
>
>Again, however, if the keys themselves are encrypted with a high-order
>algorithm, even physical possession of the keys shouldn't result in
>penetration of the system. And even if the keys are lost, you simply
>generate new ones. The keys themselves are secured unless the
>passphrase used to hash THEM is also compromised.
Out in the real world, it's not that easy. Out here keys have to be
prepared in advance, and transmitted to the user. You can't simply
'generate new ones' and send them out on a whim.
Another option is to have a seperate high discipline -and classified-
system used only to distribute small amounts of keying material. If
the black hats don't know the system, this increases their
difficulties in getting a handle on breaking it. Using it rarely also
denies them the large amounts of material that that cryptography works
best on. (Oops. Another real world example of where keeping
algorithms etc secret works towards the white hats advantage.)
We are talking real world, not academia.
>Which brings us back to physical security -
Certainly important. (And another place where obscurity works; Black
Hats can't dodge a camera, or easily defeat a lock, etc... that they
don't know exists.) Equally important is discipline, taking measures
to defeat traffic analysis, etc...
>> And keeping even the smallest scrap of information out of the hands of
>> the black hats is the very cornerstone of communications security.
>
>Out of habit from more primitive days, not out of mathematical
>necessity.
Out of proven need and bitter experience. (See the real world
examples above.)
D.
-- Touch-twice life. Eat. Drink. Laugh. -Resolved: To be more temperate in my postings. Oct 5th, 2004 JDL
- Next message: Brett Buck: "Re: Delta IVH - this can't make Seattle happy . . ."
- Previous message: Pat Flannery: "Re: B-58 "Hustler" launched Minuteman: APR Extra"
- In reply to: Herb Schaltegger: "Re: Still Looking for that One, BRAVE, NASA and/or NAA Employee Re: Apollo One"
- Next in thread: Herb Schaltegger: "Re: Still Looking for that One, BRAVE, NASA and/or NAA Employee Re: Apollo One"
- Reply: Herb Schaltegger: "Re: Still Looking for that One, BRAVE, NASA and/or NAA Employee Re: Apollo One"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
