Matt wrote quoting John: > Do you really, honestly believe that none of the people > designing a secure communication system for the shuttle were > even remotely acquainted with the basic principles of the > subject? [...] > > Apparently some folks skipped class the day Kerchhoffs' > Principle was > > covered. > > > > One wonders what other shuttle systems were designed > > with comparable disregard of basic principles.
Matt, Based on my experience, I would not be unreasonable to believe that such a disregard to basic security principles indeed took place. Case in point: In July of 1997, only days after the Mars Pathfinder mission and its Sojourner Rover successfully landed on Mars, I innocently inquired on the Cypherpunks mailing list if any subscribers happened to know if and how NASA authenticates the command uplink to what at the time was arguably the coolest RC toy in the solar system. A few days after my initial post, which yielded no substantial replies on the mailing list, I receive a call by a well-known security expert who at that time functioned as an advisor to the office of the President of the United States. Apparently, my original inquiry had been copied and forwarded several times. By the time my inquiry had reached the office of the President, just as in a children's' game of telephone, my question of "are they using any decent crypto" had turned in to "hackers ready to take over Mars Rover". With Sojourner being the U.S. Government's PR darling of the day, the office of the President decided to dispatch the FBI to interdict me from engaging in such a nefarious deed. It was only through chance that the aforementioned advisor got wind of this releasing of the hounds and convinced the decision makers that I was just a harmless researcher who asked an innocent question rather than a threat to national PR objectives. Word has it that the folks in DC were buzzing with fear of what would happen to NASA's image if hackers were to take the Mars Rover for a spin. Needless to say and regardless of anyone's intent, such concern would be entirely unfounded if the uplink were securely authenticated. Which I believes represents an answer to my initial question as to whether the uplink is securely authenticated. Presumably NASA did a better job with the shuttle, but I would not be surprised in the least if all shuttles shared the same key. [Remind me to some time recount the tale of my discussing key management with the chief-cryptographer for a battlefield communication system considerably younger than the shuttle fleet. Appalling does not being to describe it]. --Lucky Green --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
