Re: Top Secret DOD Data over the Public Internet? Thoughts?

["Paul D. Robertson" <paul () compuwar net>]

On Fri, 20 Aug 2004, Marcus J. Ranum wrote:

> Transitive trust attacks could be gigantic, especially if you
> figure that it's all being tunnelled over an encrypted black
> core point-to-point network. How do you detect attacks and

The royal "we" have transited classified data over unclassified networks
for *decades*.  The PTN is still an untrusted, unclassified network- as
are most public/commercial satcom nets.  The major trust point is the
encryption boundary.  As long as you have a strong encryption boundary,
then only a breach of the crypto implementation (especially the keys,) or
a back-end breach on either end is a risk, same as it's been for decades.
Red/black networking hasn't changed, and isn't likely to change, the real
risk is in compromising the encryption boundary- such as having an
endpoint that isn't multi-level secure do DNS queries, or having endpoints
on the trusted net with Internet access.

People who don't understand encryption and doomed to implement it poorly.

> track them if they are being done over Type-1 crypto?

At the endpoints, just as it's always been done.

Paul
-----------------------------------------------------------------------------
Paul D. Robertson      "My statements in this message are personal opinions
paul () compuwar net       which may have no basis whatsoever in fact."
probertson () trusecure com Director of Risk Assessment TruSecure Corporation
_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards