Rex A. Buddenberg (email@example.com)
13 May 88 00:46:18 GMT
You might be interested in the way Defense Data Network will be
handling a similar problem. Classified users will employ end-to-
end encryption to protect their data. This is in addition to any
link (aka bulk) encryption of the links. Each classified user is blessed
with a gadget called a Blacker front-end device (KOI-111).
If you and Ivan want to hold a session over the net, you compare
keys on connection-open to see if you can talk at the required
level of classification. If you can't, your host fires off a message
to the authentication host (somewhere 'out there') who validates
your clearance level and need to know. Assuming you are OK to
conduct this session, the authentication node sends an enabling
message to the key control host (also 'out there') who then
proceeds to issue keys to you and Ivan and off you go.
When you are done, the keys can be made to evaporate (consider all the
crypto custodian grunt labor and insecurity this gets rid of).
I believe the key distribution process makes use of the RSA
algorithms, but not sure.
There are other complementary parts of this larger system. The
trusted computer security standards for this will be top-drawer,
(A1 in Orange-book-ese). Also the classified portion of DDN
will be segregated from the unclas side (and all the rest of us
out in net-land) probably forever.
This archive was generated by hypermail 2.0b3 on Thu Mar 09 2000 - 14:42:14 GMT