Army signals security & "Clansmen" series radios

[Owen Lewis]

----- Original Message -----
From: "Brian Gladman" <brg@gladman.plus.com>
To: <ukcrypto@maillist.ox.ac.uk>
Sent: 07 September 2000 11:29
Subject: Re: Army signals security & "Clansmen" series radios


> Government cryptographic R&D organisations have learnt over the past 50
> years that fielding truly secure cryptographic systems is very, very hard.
> It is relatively easy to build an encryption system that is secure if it
is
> working as intended and is used correctly but is is still very hard to
build
> a system that does not compromise its security in situations in which it
is
> either misused or one or more of its sub-components fails (or is
> 'encouraged' to misbehave).  IMHO this is now the only area where the
closed
> world is still a long way ahead of the open world and the many failures we
> see in commercial cryptographic systems provide some evidence for this.
>
> When a radical new cryptographic approach is invented we can expect that
it
> will take about 10 years of intensive research to understand its strengths
> and weaknesses at a pure algorithm level. It will then take around 10 more
> years to understand how to implement it in a way that can meet the extreme
> systems assurance requirements applied to government cryptographic
systems.

Absolutely.

>
> I would hence expect to see public key approaches invented in the 70s to
> start entering service in the 90s (in areas where their attributes match
> security requirements).   And this is exactly what has happened - systems
> using public key approaches (in hybrid form) were first deployed in the
90s.

True too. The question is whether PK  is suitable for mass use in military
secure communications. I cannot see that it is. If it is not (and we are now
in the 00's and not the 90's and there is yet no Gadarene rush towards it
AFAIK), consideration of  reasons why not might draw out some lessons of
value in evaluating other applications.

Owen