encrypted tapes (was Re: Papers about "Algorithm hiding" ?)
Jerrold Leichter
jerrold.leichter at smarts.com
Tue Jun 14 06:37:14 EDT 2005
| >They also sold a full solution for encrypted Ethernet - KDC, encrypting
| >Ethernet adapters, associated software. None of this stuff went anywhere.
| >People just weren't interested.
|
| That wasn't quite the case for the Ethernet encryption. What happened there
| was that they had a complete product ready to ship and quite a bit of interest
| when it was killed by marketing. The problem was that Ethernet at the time
| wasn't the forgone conclusion it is now, it was just one of a number of
| potential candidates for the foregone-conclusion role. By shipping an
| encrypting Ethernet adapter, marketing felt that DEC were saying that standard
| Ethernet wasn't safe. In contrast token ring didn't have an encryption
| adapter, so obviously token ring must be secure by default, whereas Ethernet
| clearly wasn't. As a result, the encryption adapter was never shipped.
I'm not sure where you heard this, but I find it hard to believe, for several
reasons:
1. DESNEC's were shown off at DECWorld - I remember the exhibit,
which was large and obvious. Every DEC customer likely
actually saw the things, redundant KDC's and all.
2. There were at least three competing LAN standards at the time
(Ethernet, IBM's token ring, and Apollo's token ring), but
the market was already quite well partitioned. IBM machines
were on token ring; Apollo's on their own stuff; everything
else on Ethernet. PC's were too low-function for anyone to
much care yet.
3. In its entire lifetime, DEC didn't have a marketing organization
that could conceive of, much less execute on, so complex and
far-reaching a strategy as you attribute to them. (Besides,
no one talked about security of the network in those days.
The Ethernet/token ring debate was framed in terms of
speed - minor differences here, though - and predictability.
The latter actually won the day for a while in industrial
control applications.)
In any case, this was a very expensive device. Even regular Ethernet adapters
were quite expensive in those days. Doing DES at 10 Mb/sec was a significant
engineering challenge. Avoiding RF leakage was a significant engineering
challenge. As I recall, the boxes were physically tamper-resistant. Put it
together and I would guess you had a significant cooling challenge. The
DESNEC was aimed primarily at DoD, and I think had some sales in the
government market, but didn't go anywhere commercially.
Interesting fact I just ran across: In the late '40's/early '50's, Ford
decided to make a move to safer cars. They introduced seat belts, and used
the safety they provided as the basis of advertising and promotion.
The public hated it. Ford's sales actually fell significantly, and they were
forced to drop the seat belts.
Fifteen years later, cars were being described as death traps, and auto makers
lambasted as putting profits over the lives of their customers. Seat belts
were required by laws that were designed to punish the auto makers for their
sins as much as to protect the public.
I suppose this is consistent with your story about DEC, so maybe I shouldn't
be telling it here :-), but it's certainly worth pondering in the greater
security space.
| "Strategy is not letting the enemy know you're out of bullets by continuing to
| fire".
|
| Peter.
-- Jerry
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list