IFF and crypto was Re: [SG2] APFCs in Stargrunt

for a limited time only, tom replies to two emails at once ...

On Wed, 16 Dec 1998, Thomas Barclay wrote:
> Thomas spake thusly upon matters weighty: 
> > all IFF units have a registry of all public keys,
> In a large organization, PKI management becomes problematic. The 
> national police here are wrestling with this nightmare now. 

true. you might get away with only distributing the keys for the local
unit - if you deploy a battalion group (typical ds2 force?), give
everyone
the keys for each IFF tag in the battalion. can't be more than 1000.

> > thus, before an IFF tag says anything, it makes sure the scanner is
> > legitimate, and not an enemy EW unit. security is provide by using
very
> > long cipher keys.
> Too slow potentially. Long keys take time to exchange. And if the key 
> exchange takes a few transactions (I've seen up to six),

my procedure only takes one signal from each party, as you're not
actually
establishing public keys each time: you already have a database.

> that 
> translates to a speed you don't want to think of on the battlefield 
> (you'll get nuked while this is processing or slow your guns down a 
> bunch to carry this out), even if you do use GHz range transmitters 

use short keys? if they cycle every day, even 64 bits (or whatever that
equates to in the future) might be enough.

> I work with 800 band comms and they still are no blistering heck. 

all true - the data rate is going to be a tough limit.

> And their may be denial attacks that work 
> against it. Cracking it is hard. Making your IFF non-functional may 
> be easier. 

very good point - even if they can't break it, they can make it useless.
oh well. i'm not saying this system is perfect (that's pretty much a
given
in engineering!) but i think it's better than shouting "who goes there!"
or feeling people's boot laces.

> > also, the
> > scanner's id should be attached to the tag's message, so that
multiple
> > simultaneous scans do not interfere.
> ...slower yet....

oh come on! this requires comparing a couple of fairly short numbers!
this
is not even remotely a tough operation. the only slow bits are the en/de
crypt and the signalling.

> and simultaneous scans suggests using multiple frequencies - 
> otherwise you'll get collisions on the channel. Or timeslicing.

digital battlefield radio will provide all these services. if it
doesn't,
it's no use for info-enabled warfare (full spectrum dominance and all
that).

> Any 
> way you look at it, RF limits your data rate.

ok, go to meson resonance! :-)

> > the message would include info on the wearer - whether he is alive
or
> > dead, for instance. the mainframe's security manager would not allow
> > access by dead users.
> 
> Great. So your health monitor breaks and you can't comm for the arty 
> support. Joy.  There'd still have to be a manual human-verified 
> backup system.

of course. this goes without saying - there must always be procedures to
handle broken gear.

> > the thing with IFF is that, unless your tag has a directional
emitter, the
> > enemy will be able to pick up the replies your tag makes to scans.
> 
> And how do you do a subcutaneous directional transmitter? 

erm... pass! how about a phased array? bury a cylinder around the arm,
just under the skin. some sort of conducting elastomer with organic
conductors.

> >  if
> > these are infrequent (eg only when a scanner notices a new potential
> > target), or if the reply is made with low-frequency frequency-agile
radio,
> > etc, then it is not too bad.
> But it still could be detected. The only 100% security is not to 
> encode anything. And the only 100% non-detection is not to use your 
> comms. 

true, but i think the edge from decent IFF outweighs the stealth edge in
most battlefield cases. SpecOps is different, though.

On Wed, 16 Dec 1998, Adrian Johnson wrote:
> >for bonus security, the challenge sequence would include a timestamp,
> Just a thought here.	If you kill all my GPS satellites, I can still
use a
> compass.  If you kill all my GPS satellites and that perhaps does away
with
> the time synchronization of my IFF, my tanks will kill me (or my
computers
> won't work, or whatever).

true, so you'd have a backup. the battlefield tactical data net would
include a master time signal. all electronics would have their own
clock,
synchronised every day (or whenever possible, ie no jamming / GPS is
up),
and some leeway would be allowed in matching timestamps. you trade
security for reliability.

yes, in general, space control is very, very handy, and knocking out
information infrastructure is getting mroe and more useful against
high-tech forces. if your main weapon is now information, the main
target
becomes the organs of information-gathering. the new bavarians have long
known this to be true.

> This system should be integral to the IFF unit and the interrogating
unit -
> not requiring "third party" input to operate properly

or rather, it should survive not having it, even if it is by having
somewhat degraded performance.

Tom