On Sat, Feb 08, 2003 at 01:36:46PM -0500, Adam Fields wrote: > On Sat, Feb 08, 2003 at 01:24:14PM -0500, Tim Dierks wrote: > > There may be more valid reasons for treating the device as secret; some > > categories that come to mind include protecting non-cryptographic > > information, such as the capabilities of the communication channel. Also, > > many systems on the shuttle are obsolete by modern standards, and it's > > possible that the communications security is similarly aged. > > Isn't it also possible that the device contains a physical key of some > kind? > > -- > - Adam
I made the same observation on cypherpunks. It is my understanding that at least some NSA satellite telemetry encoders have built in EEROM'd keys rather than keys loaded into volatile memory that would be erased on power down. This is certainly consistent with the mission - allowing power glitches or shutdowns to erase keys would likely compromise the ability to encrypt data and voice and network communications from the shuttle at a possibly critical time even if a procedure for key loading in flight by the astronauts was provided. And the only danger of physical access would after a disaster. And if my presumption is true, the crypto boxes might contain valid keys if they survived reentry - and if the keys were in a chip in EEROM or EPROM even if the box was badly damaged the key might still be there. This would certainly expose any traffic encrypted using these keys (which might or might not be sensitive in this case), but it also would represent a valid example of the keys that NSA generates for the cipher which I imagine might be of interest to those analyzing it. And there is some chance depending on the design of the TDRSS secure links that there are long term keys used for cryptographic spread spectrum sequences and the like that don't get changed from mission to mission because they are built into the satellites. These would not provide the primary data security, but rather access security to the TDRSS birds. And certainly the actual details of the ciphers used to protect TDRSS traffic (which includes spy satellite links) are not widely known - especially so as regards the exact implementations. Thus a foreign government which fished a crypto box out of the pine forest might indeed get something worth looking at. And there is little doubt that the US government would seriously like to know what exactly got exposed as knowing this would certainly be part of a post disaster change of keys and procedures (and even hardware) to prevent anyone in possession of the shuttle crypto equipment from exploiting any keys or other information that was there. -- Dave Emery N1PRE, [EMAIL PROTECTED] DIE Consulting, Weston, Mass. PGP fingerprint = 2047/4D7B08D1 DE 6E E1 CC 1F 1D 96 E2 5D 27 BD B0 24 88 C3 18 --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]