M.A.D. Internet roots, cont'd

[pynchonoid]

<http://www.rand.org/publications/RM/RM3765/RM3765.sum.html>

Summary
One key difference between a civilian and a military
communications system is the provision made in the
latter for the preservation of secrecy and for
immunity from destructive tampering. These
considerations are most effectively integrated into a
network as an integral part of the switching
mechanism, rather than in the form of "black boxes"
tacked on as an afterthought. This Memorandum is an
examination of the proposed Distributed Adaptive
Message Block Network's use of this integrated design
approach to the problem of providing cryptographic
security.

It is acknowledged that the approach represents a
departure from conventional practices, which have
traditionally maintained a separation between the
design of the communications network itself (which is
most often a slight modification of a system
originally designed for civilian use) and the design
and implication of cryptographic safeguards. The
rationale is stated that recent major advances in
digital computer technology now make it technically
feasible and economically desirable to consider a
system designed primarily with military applications
in mind, and which from the outset of design is
cognizant of cryptographic requirements.
As a prelude to the proposal, however, the view is
expressed that if one cannot safely describe a
proposed system in the unclassified literature, then,
by definition, it is not sufficiently secure to be
used with confidence. A totally secure system design
requires a full understanding of the problem by
everyone involved with every part of the system--even
those who would not normally hold any security
clearance.

As applied to the proposed distributed network system,
the specified integrated design would include various
combinations of: 

1.	End-to-end cryptography;
2.	Link-by-link cryptography;
3.	Use of automatic error-detection and repeat
transmission (allowing use of more powerful
cryptographic transformations);
4.	Transmission of successive Message Blocks by ever
changing paths;
5.	Use of a cryptographic scheme which requires
complete and correct reception of all previous traffic
in a conversation in order to decrypt subsequent
Message Blocks, and which suppresses silence periods
in voice and data transmission;

6.	An initial system design which assumes potential
infiltration by enemy agents having access to portions
of the system and the cryptographic key bases:
a.	Use of key bases split into separate parts and
delivered by two or more individuals;
b.	Non-acceptance of a Message Block for processing
(and non-advancement of the crypto synchronization
count) until preliminary filtering tests for validity
of source and timing have been accomplished;
c.	Use of an essentially new key for each separate
conversation (permitting intermingling of classified
and unclassified traffic without fear of security
compromises);
d.	Encouraging heavy use of the system for
unclassified traffic, and the processing of all
traffic as if it were of the highest secrecy level
(perhaps even to the extent of intentionally adding
fraudulent traffic between fictitious subscribers).
[...] 



=====
<http://www.pynchonoid.org/>

__________________________________
Do you Yahoo!?
SBC Yahoo! DSL - Now only $29.95 per month!
http://sbc.yahoo.com