Path: utzoo!utgpu!jarvis.csri.toronto.edu!cs.utexas.edu!rutgers!att!cbnews!military
From: denbeste@spdcc.com (Steven Den Beste)
Newsgroups: sci.military
Subject: Re: "Identify-Friend-or-Foe" questions
Message-ID: <12822@cbnews.ATT.COM>
Date: 5 Jan 90 04:08:46 GMT
References: <12566@cbnews.ATT.COM> <12598@cbnews.ATT.COM> <12758@cbnews.ATT.COM>
Sender: military@cbnews.ATT.COM
Organization: S.P. Dyer Computer Consulting, Cambridge MA
Lines: 33
Approved: military@att.att.com



From: denbeste@spdcc.com (Steven Den Beste)

In article <12758@cbnews.ATT.COM> s32822l@kaira.hut.fi (Ari J. Joki (OH6DJ)) writes:
>
>
Various people have said, starting with yours truly:
>>>        A missile could be equipped with a query-broadcaster and then
>>>        home in on the answer.
>>
>>The subject is classified.
>>
>
>This is to say that in a crisis situation the military is going to switch 
>from the present system outlined above to a system where queries and responses
>have some kind of cryptographic authentication. At least that is how I read
>it and how I'd do it.
>

The problem with this is that it wouldn't work for long. Whatever the
query is could be taped (since queries will be getting broadcast
constantly) and fed to the missile. Encryption of the query
is meaningless unless it uses some sort of running-time algorithm (so
that a legal query changes from minute to minute, or something like
that). Then your logistics problems get really messy: What happens if
everyone's clocks aren't synchronized?

There is a level of complexity of the system above which it becomes
useless because of reliability and maintenance problems - and a level
of complexity below which the system isn't secure.  Unfortunately,
these appear to overlap so that the middle ground has it both
unreliable and insecure.