June 18th 2007
I wrote the following message as part of a discussion on the old Firewalls mailing list in 1996. The message was part of a discussion on the use of MLS technology to protect Internet servers from attack. The basic concepts still apply in some ways, though the threats have evolved in many other ways. Continue Reading »
June 18th 2007
November 1, 2005
Several years ago I was at a workshop sponsored by the Air Force to develop some new directions for information systems improvements. The workshop included both “end user” representatives from the Air Force and “R&D” representatives from laboratories and government contractors.
Discussions on MLS capabilities became rather heated. One vendor representative from the security working group declared the following in a plenary session:
“Don’t ask for MLS. We’ve tried to give you MLS, but in fact you’ve never really wanted it or used it. But please, tell us what you do want!”
A voice in the back shouted, “MLS!” Continue Reading »
June 9th 2007
The one-time pad is the only encryption technique that has been mathematically proven to be uncrackable. While hard to use, it has often been the choice for highly sensitive traffic. Soviet spies used one-time pads in the 1940s and -50s. The Washington-Moscow “hot line” also uses one-time pads. However, the technique is hard to use correctly.
June 9th 2007
The exclusive or operation - a logical function applied to binary bits, like AND, OR, and NOT - is a fundamental encryption technique. It is often used in stream ciphers, which are widely used in web browsers when connecting to secure web servers. Continue Reading »