TCP/IP Might Have Been Secure From the Start If Not For the NSA 149
chicksdaddy writes: "The pervasiveness of the NSA's spying operation has turned it into a kind of bugaboo — the monster lurking behind every locked networking closet and the invisible hand behind every flawed crypto implementation. Those inclined to don the tinfoil cap won't be reassured by Vint Cerf's offhand observation in a Google Hangout on Wednesday that, back in the mid 1970s, the world's favorite intelligence agency may have also stood in the way of stronger network layer security being a part of the original specification for TCP/IP. (Video with time code.) Researchers at the time were working on just such a lightweight cryptosystem. On Stanford's campus, Cerf noted that Whit Diffie and Martin Hellman had researched and published a paper that described the functioning of a public key cryptography system. But they didn't yet have the algorithms to make it practical. (Ron Rivest, Adi Shamir and Leonard Adleman published the RSA algorithm in 1977). As it turns out, however, Cerf did have access to some really bleeding edge cryptographic technology back then that might have been used to implement strong, protocol-level security into the earliest specifications of TCP/IP. Why weren't they used? The crypto tools were part of a classified NSA project he was working on at Stanford in the mid 1970s to build a secure, classified Internet. 'At the time I couldn't share that with my friends,' Cerf said."
Re:It would have been insecure anyway (Score:4, Interesting)
The only way to hide traffic path is through partial-information relaying - the Tor approach. Nasty overhead. But even the most pathetic payload encryption would really make a huge difference - it would mean tapping all traffic at a trunk would require dynamically following hundreds of thousands of conversations betweeen tens of thousands of nodes. The NSA could do it, a lot of smaller governments couldn't.
Also, even a DH key exchange without any public key authentication at all is still somewhat effective: Yes, it can be MITMed with ease, but such an attack is also very detectable if you have a side channel, which means any untargetted mass-monitoring operations would be swiftly noticed.
Re:In a way its a good thing it didn't happen (Score:2, Interesting)
a chip that would be 3-4 months faster, at the expense of being binary incompatible with all existing software, and be effectively the same design as current would be a bone-headed move.
Which apple did 8 years ago when they moved away from PowerPC. I worked on maintaining separate architecture builds of software for unsupported version machines nearly 3 years ago. Also a friend who is locked out of ever getting past Mac OS 10.4.11 precisely due to binaries. One the good side, the OS busted the 32-bit 4GB-ram barrier natively long before Windows Vista was out. Arch dumping can be done, but sweeping changes working for a 1% isn't the same as scaling up to 90%+
It was a bold move, but most slashdotters never blinked at the awfully drastic paradigm shift. People here were not yet deeply invested on Mac hardware until iPhone app targeting became chik.