Path: utzoo!attcan!uunet!mcsun!sunic!uupsi!nyser!rpi!zaphod.mps.ohio-state.edu!tut.cis.ohio-state.edu!att!cbnews!military From: grue@lance.hss.bu.oz (Frobozz) Newsgroups: sci.military Subject: Re: "Identify-Friend-or-Foe" questions Message-ID: <13093@cbnews.ATT.COM> Date: 12 Jan 90 04:47:30 GMT References: <12566@cbnews.ATT.COM> <12598@cbnews.ATT.COM> <12758@cbnews.ATT.COM> <12822@cbnews.ATT.COM> Sender: military@cbnews.ATT.COM Organization: Language Centre, Bond University, Australia. Lines: 57 Approved: military@att.att.com From: grue@lance.hss.bu.oz (Frobozz) In article <12822@cbnews.ATT.COM> denbeste@spdcc.com (Steven Den Beste) writes: >>This is to say that in a crisis situation the military is going to switch >>from the present system outlined above to a system where queries and responses >>have some kind of cryptographic authentication. At least that is how I read >>it and how I'd do it. >> > >The problem with this is that it wouldn't work for long. Whatever the >query is could be taped (since queries will be getting broadcast >constantly) and fed to the missile. Encryption of the query >is meaningless unless it uses some sort of running-time algorithm (so >that a legal query changes from minute to minute, or something like >that). Then your logistics problems get really messy: What happens if >everyone's clocks aren't synchronized? > >There is a level of complexity of the system above which it becomes >useless because of reliability and maintenance problems - and a level >of complexity below which the system isn't secure. Unfortunately, >these appear to overlap so that the middle ground has it both >unreliable and insecure. I don't know how the real system works but I can suggest one that might be workable you base the system on a query reply sequence but the query contains a randomly generated piece of information and the reply must contain a function of the information. If the reply isn't correct (i.e. the wrong function was used), then whatever was queried is unfriendly. If the reply is correct then assume it is friendly. Taping a query won't have any effect. Just because I sent a query to something doesn't mean the that thing assumes I am a friend. It must query me to find that out. Taping a reply won't be of any use either since the reply is only valid for the specific query that created it. Maintaining a table of query/reply pairs will also be of no use since the random piece of information may be as large as desired (50 bits -> 1,000,000,000,000,000 lines in the table) and no table could be that large. This system does require that the mapping function be unknown and hard to deduce. If multiple query/counter-query/response sequences are allowed then a system such as the above can be made reasonably secure. I suspect that a long exchange of messages would be impossible in reality. Paul Dale seeya SNIF Language Centre internet : grue@lance.hss.bu.oz{.au} Bond University JANET : grue%lance.hss.bu.oz@uk.ac.ukc Gold Coast, Qld 4229 ARPA, bitnet: grue%lance.hss.bu.oz.au@uunet.uu.net Australia UUCP : ..!uunet!munnari!lance.hss.bu.oz!grue