encrypted tapes (was Re: Papers about "Algorithm hiding" ?)

Jerrold Leichter jerrold.leichter at smarts.com
Tue Jun 14 06:37:14 EDT 2005


| >They also sold a full solution for encrypted Ethernet - KDC, encrypting
| >Ethernet adapters, associated software. None of this stuff went anywhere.
| >People just weren't interested.
| 
| That wasn't quite the case for the Ethernet encryption.  What happened there
| was that they had a complete product ready to ship and quite a bit of interest
| when it was killed by marketing.  The problem was that Ethernet at the time
| wasn't the forgone conclusion it is now, it was just one of a number of
| potential candidates for the foregone-conclusion role.  By shipping an
| encrypting Ethernet adapter, marketing felt that DEC were saying that standard
| Ethernet wasn't safe.  In contrast token ring didn't have an encryption
| adapter, so obviously token ring must be secure by default, whereas Ethernet
| clearly wasn't.  As a result, the encryption adapter was never shipped.
I'm not sure where you heard this, but I find it hard to believe, for several 
reasons:

	1.  DESNEC's were shown off at DECWorld - I remember the exhibit,
		which was large and obvious.  Every DEC customer likely
		actually saw the things, redundant KDC's and all.

	2.  There were at least three competing LAN standards at the time 
		(Ethernet, IBM's token ring, and Apollo's token ring), but
		the market was already quite well partitioned.  IBM machines
		were on token ring; Apollo's on their own stuff; everything
		else on Ethernet.  PC's were too low-function for anyone to
		much care yet.

	3.  In its entire lifetime, DEC didn't have a marketing organization
		that could conceive of, much less execute on, so complex and
		far-reaching a strategy as you attribute to them.  (Besides,
		no one talked about security of the network in those days.
		The Ethernet/token ring debate was framed in terms of
		speed - minor differences here, though - and predictability.
		The latter actually won the day for a while in industrial
		control applications.)

In any case, this was a very expensive device.  Even regular Ethernet adapters 
were quite expensive in those days.  Doing DES at 10 Mb/sec was a significant 
engineering challenge.  Avoiding RF leakage was a significant engineering 
challenge.  As I recall, the boxes were physically tamper-resistant.  Put it 
together and I would guess you had a significant cooling challenge.  The 
DESNEC was aimed primarily at DoD, and I think had some sales in the 
government market, but didn't go anywhere commercially.

Interesting fact I just ran across:  In the late '40's/early '50's, Ford 
decided to make a move to safer cars.  They introduced seat belts, and used 
the safety they provided as the basis of advertising and promotion.

The public hated it.  Ford's sales actually fell significantly, and they were 
forced to drop the seat belts.

Fifteen years later, cars were being described as death traps, and auto makers 
lambasted as putting profits over the lives of their customers.  Seat belts 
were required by laws that were designed to punish the auto makers for their 
sins as much as to protect the public.

I suppose this is consistent with your story about DEC, so maybe I shouldn't 
be telling it here :-), but it's certainly worth pondering in the greater 
security space.

| "Strategy is not letting the enemy know you're out of bullets by continuing to
|  fire".
| 
| Peter.
							-- Jerry


---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com



More information about the cryptography mailing list