How is the control link key distribution problem the 'exact same' problem? The control link key is secured in the aircraft and at military bases. There's no additional need for ad-hoc distribution, you never have to send a key to someone in a trench somewhere who's too busy shooting to put pants on. The entire point of the article is that the design decision not to encrypt the video was likely influenced by the problems of ad-hoc key distribution. To this reasoned analysis your response is 'hey just do key distribution!'. Doesn't seem very well thought out at all.
'What's the password of the day' is one of the oldest and most basic security measures in military history. Is it a tough technical challenge in a global theater? For sure. But I'll warrant that the bulk of military communications do not take place in clear anyway, so it's a manageable problem.
The point from the article is that the NSA doesn't permit 'password of the day' style encryption - it's all or nothing.
For the operational requirements of the predator, nothing was better than all. They'd prefer an intermediate option, but it isn't available until procedures change.
I get that. It just seems kind of perverse to transmit in clear because scheduled encryption has risks of its own. Last time this was posted I mentioned that while interception of drone video by the Taliban or whoever is probably not that big of an operational threat, bigger strategic competitors like Russia and China have probably accrued a good lot of intelligence by amassing such data in quantity. Perhaps the NSA's thinking is that this is less critical than exposure of dynamic encryption models to the wild.
Lose a point for poor reading comprehension. (EDIT: Probably not comprehending muy actual proposal and knocking down your misread straw man.)
Encrypt the uplink/downlink to protect it against satellite eavesdropping, worry about the distribution to users separately. Uplink/downlink video keys need to be distributed to the same folks who need the control link keys.
Sorry, unless you mean something else, you are just wrong. Encrypting a video link drone->sat->base and leaving out the allies is the exact same key management problem that they are solving with the control link encryption. Basically, leave out drone->sat->allies and solve that another way.
The video data is redistributed to a wide list of folks, people on the battlefield, people in command posts both locally and remote. The control link is not redistributed, it is a closed link between the pilot and the UAV, the data is not needed elsewhere nor is it sent elsewhere.
Read the proposal. Establish a secure link parallel to the control link. Use a different mechanism to redistribute. In that case, there is no difference in the key management of the first stage.
Yes, but the point I'm making is that there is no difference in key management. Your assertion is that there is a latency problem. That may be true. But the key management for the 1st half would be the same.
So you're going to continue insisting that there is no difference in key management between the scenarios -
- communication between two parties, one of which is physically secure with plenty of time in advance to agree on keys.
- delivering keys to arbitrary receivers on arbitrary points of the world, potentially under combat or other severely adverse conditions with very limited advance warning.
Are you sure you have the right definition of what 'key management' is? Isn't it easier to just admit Bruce Schneier actually _had_ thought out his post and you, not so much?
My point is that there is no difference in key management for the 1st part (drone->sat->base). The rest is a different key management problem, one which the military already faces with communications to forces in the field and with allied forces. But by taking the 1st part out of the picture with the same key management used for the control link, you don't have plaintext perched on a satellite visible to the whole globe.
You still have to solve the rest, but that is at least an improvement.
Your passive-agressive link to Wikipedia -- what is your point in this? What exactly in the article did I miss?
You seem to be of the mis-conception that the video goes back to base and then is redistributed. AFAIK this is not the case :) Also, importantly, these signals are being intercepted as they are transmitted to the troops on the ground :)
You seem to be of the mis-conception that the video goes back to base and then is redistributed. AFAIK this is not the case :)
Thanks for starkly admitting your reading comprehension problem. My proposal is for the video to be encrypted all the way back to the base then redistributed.
Now please go back and edit your responses to me to correct this incomprehension of my position.
Arrrgh, don't they cover reading comprehension in schools anymore?
Thank you.
EDIT: Anyone would find this frustrating:
Me: "They are already doing X. That would be the same as Y. I propose they do Y."
cl: "No it doesn't"
Me: "X = Y (paraphrase)"
cl: "No it doesn't"
Me: "X = Y (2nd paraphrase)"
cl1: "Okay it does, but that doesn't solve the problem."
cl2: "Oh, I thought you said they were already doing Y."
I'm not going to take the time to try to work out who is right and who is wrong in this case, but I believe from my limited time here on HN that the attitude you're displaying in this comment is not entirely appropriate. You can certainly make your point without the personal attacks, even if others don't.
Please, stick to the facts, and if people mis-understand you then restate your point more clearly and addressing the misunderstanding. If you're right, most times they'll apologise and everything is great. If you're wrong then you don't look like a complete asshole.
As I say, I'm not addressing the technical points - I probably don't have the background, and it's Christmas, so I certainly don't have the time. I'm not down-voting you because I can't judge the technical merits, but I'd ask you to be more considerate in your tone. It's one of the things that makes HN so much more pleasant than most other fora.
Ive replied to all your points clearly. What you propose is best case scenario. But as I said the delay and the key maanagement on the battleield is far too complicated against the benefits.
You finally admitted the misconception that I thought the video went back to base to be redistributed. Then you changed your position to say, okay, it's the same key management problem, but that doesn't solve anything. Now you're glossing over my 2nd proposal that builds on top of my first one, which avoids key management on the battlefield.
Congrats. Brilliant troll, and you made me look like the bad guy.
Congratulations, you just admitted my point: taking the first leg and just encrypting it is equivalent to the control-link key management problem -- a point you dismissed again and again earlier in the thread.
Now, do you make valid points about the difficulty of key management for the 2nd problem? Yes. But mainly I have been expounding on the equivalence of the 1st part. I am correct about that. Have been this whole thread. You just admitted it. Thanks.
Now on to the rest. The military already faces a key management for other communications. They just need to do it with enough bandwidth to support video feeds to take care of the 2nd part. Certainly, they already do such key management for other communications. Will it be trivial to implement? No. But is just putting things up on a satellite in view of the whole globe? I think not.
Do you still not get it? It doesn't matter if you are "right" on your points. Your points don't address the subject sufficiently. You've created for yourself a tiny bubble of logic disengaged from the main discussion where you are, in the abstract, "right". It doesn't matter if you're "right" because you're not having the same discussion as everyone else.
