Open-source PAL
Steven M. Bellovin
smb at cs.columbia.edu
Sun Dec 2 20:24:32 EST 2007
On Thu, 29 Nov 2007 16:05:00 -0500
"Tim Dierks" <tim at dierks.org> wrote:
> A random thought that's been kicking around in my head: if someone
> were looking for a project, an open-source permissive action link (
> http://www.cs.columbia.edu/~smb/nsam-160/pal.html is a good link,
> thank you Mr. Bellovin) seems like it might be a great public
> resource: I suspect it's something that some nuclear states could use
> some education on, but even if the US is willing to share technology,
> the recipient may not really trust the source.
>
> As such, an open-source PAL technology might substantially improve
> global safety.
>
I don't think it would be fruitful. Have a look at page 2 of
http://www.nytimes.com/2007/11/18/washington/18nuke.html -- it notdes
that "The system hinges on what is essentially a switch in the firing
circuit that requires the would-be user to enter a numeric code that
starts a timer for the weapon?s arming and detonation." I don't think
that that's quite correct -- it permits arming; PALs are not in the
firing circuit, I believe -- but this section is more interesting:
"Delicate design details involve how to bury the link deep inside a
weapon to keep terrorists or enemies from disabling the safeguard."
In other words, it's easy to have a circuit that keeps the bomb from
arming; the hard part is doing so with high assurance against attacks,
and that's very design-dependent.
--Steve Bellovin, http://www.cs.columbia.edu/~smb
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list