Army signals security & "Clansmen" series radios

Dave Bird ukcrypto at maillist.ox.ac.uk
Thu, 7 Sep 2000 18:38:37 +0100 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

In article <200009070939.KAA20919@clw.cs.man.ac.uk>, Charles Lindsey
<chl@clw.cs.man.ac.uk> writes
>       On Wed, 6 Sep 2000 18:57:30 +0100
>       Dave Bird <dave@xemu.demon.co.uk> said...
>
>>  That is almost a despair situation for security: there are so many
>>  message terminals that someone is bound to get careless through 
>>  sheer numbers.
>> 
>>  Where the medium allows it, it is best to send individual variant
>>  messages to each local key.
>
>Yes, but if there are 10,000 recipients it will take forever to generate
>the encryptions, and the size of each message will be huge (yes, I know
>you only have to encrypt the session key, but 10,000 encrypted session
>keys is still a lot of data to have to transmit).

 I agree; it is more suitable for in the order of a hundred or two.


In article <00e901c018ca$307c8060$c71121c2@sharpuk.co.uk>, 
David Howe <DHowe@Hawkswing.demon.co.uk> writes:
>> Yes, but if there are 10,000 recipients it will take forever to generate
>> the encryptions, and the size of each message will be huge (yes, I know
>> you only have to encrypt the session key, but 10,000 encrypted session
>> keys is still a lot of data to have to transmit).
>
>  Worse than that - in order for the message to be a true variant (for
>reverse-tracking) there must be a unique difference betwen each one (in the
>plaintext, not the structure), or at best a small subset of different
>messages (say ten) which are allocated diffferently with each group
>transmission so as to "home in" on the guilty party (which still allows a
>source with access to two or more leaks to discover and remove/alter the
>pattern).
>  However, this approach is often discounted in practice as both ends of the
>game know it is possible, so rephrase and rearrange the message as much as
>possible before passing it beyond the leak's handler.

 Yes, the eavesdropper has to "launder" away all traces of the source 
 in order to make the info  usable.  If the watermark information still
 gets through, the source will be detected.  If the attitude is "we 
 don't believe the inner message unless intact with the digital 
 signature still on" then the watermark cannot be removed.




- -- 
   ^-^-^-@@-^-;-^   http://www.xemu.demon.co.uk/
        (..)__u     news:alt.smoking.mooses

       happy as a clam at high tide -. <_" .-._.-.


-----BEGIN PGP SIGNATURE-----
Version: PGPsdk version 1.7.1

iQA/AwUBObfSnX8v/Y5zkfRPEQIhTwCgz/smYbZ2f6GnmS/3TIC5Kfkxh1gAoO5k
00fY6KsMToUyQIQveJGDJyO9
=k5Za
-----END PGP SIGNATURE-----