Columbia crypto box

Lucky Green shamrock at
Sun Feb 9 01:22:20 EST 2003

Matt wrote quoting John:
> Do you really, honestly believe that none of the people 
> designing a secure communication system for the shuttle were 
> even remotely acquainted with the basic principles of the 
> subject?
> > Apparently some folks skipped class the day Kerchhoffs' 
> Principle was 
> > covered.
> > 
> > One wonders what other shuttle systems were designed
> > with comparable disregard of basic principles.

Based on my experience, I would not be unreasonable to believe that such
a disregard to basic security principles indeed took place. Case in

In July of 1997, only days after the Mars Pathfinder mission and its
Sojourner Rover successfully landed on Mars, I innocently inquired on
the Cypherpunks mailing list if any subscribers happened to know if and
how NASA authenticates the command uplink to what at the time was
arguably the coolest RC toy in the solar system.

A few days after my initial post, which yielded no substantial replies
on the mailing list, I receive a call by a well-known security expert
who at that time functioned as an advisor to the office of the President
of the United States.

Apparently, my original inquiry had been copied and forwarded several
times. By the time my inquiry had reached the office of the President,
just as in a children's' game of telephone, my question of "are they
using any decent crypto" had turned in to "hackers ready to take over
Mars Rover".

With Sojourner being the U.S. Government's PR darling of the day, the
office of the President decided to dispatch the FBI to interdict me from
engaging in such a nefarious deed. It was only through chance that the
aforementioned advisor got wind of this releasing of the hounds and
convinced the decision makers that I was just a harmless researcher who
asked an innocent question rather than a threat to national PR

Word has it that the folks in DC were buzzing with fear of what would
happen to NASA's image if hackers were to take the Mars Rover for a
spin. Needless to say and regardless of anyone's intent, such concern
would be entirely unfounded if the uplink were securely authenticated.

Which I believes represents an answer to my initial question as to
whether the uplink is securely authenticated. Presumably NASA did a
better job with the shuttle, but I would not be surprised in the least
if all shuttles shared the same key.

[Remind me to some time recount the tale of my discussing key management
with the chief-cryptographer for a battlefield communication system
considerably younger than the shuttle fleet. Appalling does not being to
describe it].

--Lucky Green

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at

More information about the cryptography mailing list