home bbs files messages ]

Forums before death by AOL, social media and spammers... "We can't have nice things"

   comp.protocols.tcp-ip      TCP and IP network protocols.      14,669 messages   

[   << oldest   |   < older   |   list   |   newer >   |   newest >>   ]

   Message 13,296 of 14,669   
   Eric Jacobsen to Joel Koltner   
   Re: OT: The Truth About Predator Drones   
   18 Dec 09 16:10:54   
   
   XPost: comp.dsp, sci.crypt, sci.electronics.design   
   From: eric.jacobsen@ieee.org   
      
   On 12/18/2009 3:41 PM, Joel Koltner wrote:   
   > "Eric Jacobsen"  wrote in message   
   > news:%wSWm.5633$eH1.2611@newsfe16.iad...   
   >> I was addressing the link, not the cryptography. Most security people   
   >> I've worked with recognize that layering barries is usually a good   
   >> thing, so why use a standardized link that anybody can buy a receiver   
   >> for when it's not hard at all to obscure the link protocol?   
   >   
   > I think the usual argument is the "chain is only as strong as its   
   > weakest link" and "time is money" approach -- if you've selected, e.g.,   
   > AES-256 as the encryption algorithm, if there's someone who can manage   
   > to crack it in real-time, you kinda have to assume they'll find decoding   
   > your proprietary link protocol to be utterly trivial as well. Hence, it   
   > may not be worth the extra time and expense to cook up your own new   
   > protocol -- especially when you're paying for it with the taxpayer's   
   > money. :-)   
   >   
   > The other problem of is that there are plenty of cases where someone   
   > coming up with a proprietary protocol unintentionally weakens the   
   > overall system security by embedded something in plaintext that   
   > correlates with something in the encrypted portion of the data packet.   
   > If you stick with well-known public standards, there's usually a long   
   > track record of their vulnerabilities to consider.   
   >   
   > If you have really good crypto guys and plenty of money, I'd agree that   
   > layering provides extra security. With the U.S. military, it seems to me   
   > that the later is still usually not a problem, whereas the former   
   > sometimes is.   
   >   
   > ---Joel   
      
   Yet again, I'm not addressing the encryption, but the link (i.e., air   
   interface) protocol.  Even in DVB-S and DVB-S2, the air interfaces are   
   completely independent from the transport layer and the encryption.  If   
   you make the air interface just a bit pipe, it CAN'T expose the   
   encryption any more than any using a standardized air interface.   
      
   Making it difficult to even demodulate the signal, however, provides an   
   additional barrier to a would-be eavesdropper in that they must,   
   somehow, figure out how to demodulate the signal.   This includes   
   figuring out the modulation type, the polynomial of the entropy   
   scrambler (NOT the same as encryption), the FEC, including any   
   polynomials, interleavers, or code matrices, any framing, etc., etc.,   
   etc.   It's a monumental task if you don't also have a modulator with   
   which to perform detailed experiments, and even if you do the investment   
   and expertise required make it a pretty high hurdle.   
      
   Instead, they used DVB-S or DVB-S2, for which receivers are commonly   
   available.   
      
   Which is easier for eavesdropping?   
      
   --   
   Eric Jacobsen   
   Minister of Algorithms   
   Abineau Communications   
   http://www.abineau.com   
      
   --- SoupGate-Win32 v1.05   
    * Origin: you cannot sedate... all the things you hate (1:229/2)   

[   << oldest   |   < older   |   list   |   newer >   |   newest >>   ]


(c) 1994,  bbs@darkrealms.ca