tapping undersea fibers?

Lenny Foner foner at media.mit.edu
Mon Jun 4 12:55:49 EDT 2001 

So we now have at least two people who've confirmed my expectation,
namely that one can feasibly encrypt the entire cable.  (After all,
I know what's involved in making fast, special-purpose chips to do
varous sorts of digital operations, and this isn't any different.)

So it's quite clear that one can make very fast crypto hardware, and
given that I, like Honig, was thinking of multiplexing streams so you
don't have to handle the entire cable in one box, I was trying to
figure out if I had somehow missed something crucial.  Apparently not.
(Note also that you don't need the -fastest- crypto box(es) if 2 boxes
that run at half the speed cost you 1/10 as much, which is generally
the case.  What you need is a fast mux, but hey, you needed one of
those anyway to get the traffic onto the cable in the first place.
The mux doesn't know the bits are encrypted...)

Indeed, in the AfricaONE example, Denker has proposed that doing so
would have been vastly cheaper than laying a marine cable (although
I suspect that the political realities of the situation may actually
change that analysis---politics, corruption, and delays being what
they are, the marine cable may actually have been cheaper in terms of
its predictability in a changing world, despite the arguments about
rings and meshes---which may -still- be useful for landlocked areas).

So given this, why are we even having this conversation?  Why should
we not expect that companies running such cables would not routinely
encrypt?  After all, the crypto hardware is an absolutely negligible
part of the capital cost of laying the cable and the recurring
cost of running it.  I can see the obvious reasons:
o Political pressure from intelligence agencies not to
o Lack of customer demand for any improvement in security
o Fear that a key-management screwup could bring down stream(s)
  and make it look like an outage
o The assumption that someone will be stealing keys (or legally
  demanding them) and thus the crypto will be worthless anyway

It's a pity that someone with real operational experience is probably
under pressure from employers, and perhaps intelligences agencies, not
to tell us why.  All this talk of tapping the cables at all thus seems
insane, except for one apparent issue:  It's no skin off any cable
operator's nose if someone taps their customers' data.  If cable
operators' customers held the operator liable for data exposure,
they'd slap crypto on the links so fast your head would spin.  Once
again, it's a tragedy of the commons---entities that really care about
security do it end-to-end, and everyone else who hasn't thought about
it as hard, has a slightly different threat model, or cannot afford to
reenginer the world's infrastructure (e.g., encrypting telephones) is
forced to run wide open.



---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com

More information about the cryptography mailing list