[lbo-talk] Internet accounts

Jordan Hayes jmhayes at j-o-r-d-a-n.com
Fri Mar 23 09:37:28 PDT 2012


Carrol writes:


>> the more secure anything is, the more unusable"
>
> This is the contradiction built into cryptanalysis.

And yet you must, from your background, be familiar with Emergency Action Messages: perhaps the highest-value (they control the US nuclear arsenal) secrets in the world, and yet transmitted "in the clear" to anyone who wants to listen, 24x7. There is no evidence to support there having ever been a compromise of that system in 50+ years of continuous use.

http://en.wikipedia.org/wiki/Emergency_Action_Message

This is the great counter-example to Wojtek's desk: if you cannot get messages to submerged submarines (whose location is also a secret!), the value of the secret is nil.

Note that EAMs are two factor: they rely on something you know; and something you have. They are also bi-directionally authenticated: they not only allow only those authorized to understand the messages, but by understanding the message you can prove that only those authorized to send them have done so.

Compare that to people who put their ATM cards into "fake" ATMs and have their accounts drained. Have you ever wondered: why should I believe that this machine is really an authorized agent of Citibank?

You might argue that the third factor is in place: on a submarine, only the Captain is authorized to act on an authenticated EAM, so it would take a mutiny to override that factor -- the thing he "is" involves the concurrence of the entire crew. This has, counter to the plot line of The Hunt for Red October and Crimson Tide, never been tested.

/jordan



More information about the lbo-talk mailing list