Columbia crypto box

Dave Emery die at die.com
Sat Feb 8 14:00:13 EST 2003 

On Sat, Feb 08, 2003 at 01:36:46PM -0500, Adam Fields wrote:
> On Sat, Feb 08, 2003 at 01:24:14PM -0500, Tim Dierks wrote:
> > There may be more valid reasons for treating the device as secret; some 
> > categories that come to mind include protecting non-cryptographic 
> > information, such as the capabilities of the communication channel. Also, 
> > many systems on the shuttle are obsolete by modern standards, and it's 
> > possible that the communications security is similarly aged.
> 
> Isn't it also possible that the device contains a physical key of some
> kind?
> 
> -- 
> 				- Adam

	I made the same observation on cypherpunks.   It is my
understanding that at least some NSA satellite telemetry encoders have
built in EEROM'd keys rather than keys loaded into volatile memory that
would be erased on power down.   This is certainly  consistent with the
mission - allowing power glitches or shutdowns to erase keys would
likely compromise the ability to encrypt  data and voice and network
communications from the shuttle at a possibly critical time even if a
procedure for key loading in flight by the astronauts was provided.

	And the only danger of physical access would after a disaster.

	And if my presumption is true, the crypto boxes might contain
valid keys if they survived reentry - and if the keys were in a chip in
EEROM or EPROM even if the box was badly damaged the key might still be
there.

	This would certainly expose any traffic encrypted using these
keys (which might or might not be sensitive in this case), but it also
would represent a valid example of the keys that NSA generates for the
cipher which I imagine might be of interest to those analyzing it.

	And there is some chance depending on the design of the TDRSS
secure links that there are long term keys used for cryptographic spread
spectrum sequences and the like that don't get changed from mission to
mission because they are built into the satellites.  These would not
provide the primary data security, but rather access security to the
TDRSS birds.

	And certainly the actual details of the ciphers used to protect
TDRSS traffic (which includes spy satellite links) are not widely known
- especially so as regards the exact implementations.  Thus a foreign
government which fished a crypto box out of the pine forest might
indeed get something worth looking at.

	And there is little doubt that the US government would seriously
like to know what exactly got exposed as knowing this would certainly be
part of a post disaster change of keys and procedures (and even
hardware) to prevent anyone in possession of the shuttle crypto
equipment from exploiting any keys or other information that was there.

-- 
	Dave Emery N1PRE,  die at die.com  DIE Consulting, Weston, Mass. 
PGP fingerprint = 2047/4D7B08D1 DE 6E E1 CC 1F 1D 96 E2  5D 27 BD B0 24 88 C3 18


---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com

More information about the cryptography mailing list