Path: utzoo!utgpu!water!watmath!clyde!att!osu-cis!tut.cis.ohio-state.edu!bloom-beacon!gatech!purdue!decwrl!ucbvax!ucsd!nosc!tetra!budden From: budden@tetra.NOSC.MIL (Rex A. Buddenberg) Newsgroups: comp.protocols.tcp-ip Subject: Re: Password transmission and encryption query Message-ID: <682@tetra.NOSC.MIL> Date: 13 May 88 00:46:18 GMT References: <12397546524.36.VAF@Score.Stanford.EDU> Reply-To: budden@tetra.nosc.mil.UUCP (Rex A. Buddenberg) Organization: Naval Ocean Systems Center, San Diego Lines: 31 Vince, You might be interested in the way Defense Data Network will be handling a similar problem. Classified users will employ end-to- end encryption to protect their data. This is in addition to any link (aka bulk) encryption of the links. Each classified user is blessed with a gadget called a Blacker front-end device (KOI-111). If you and Ivan want to hold a session over the net, you compare keys on connection-open to see if you can talk at the required level of classification. If you can't, your host fires off a message to the authentication host (somewhere 'out there') who validates your clearance level and need to know. Assuming you are OK to conduct this session, the authentication node sends an enabling message to the key control host (also 'out there') who then proceeds to issue keys to you and Ivan and off you go. When you are done, the keys can be made to evaporate (consider all the crypto custodian grunt labor and insecurity this gets rid of). I believe the key distribution process makes use of the RSA algorithms, but not sure. There are other complementary parts of this larger system. The trusted computer security standards for this will be top-drawer, (A1 in Orange-book-ese). Also the classified portion of DDN will be segregated from the unclas side (and all the rest of us out in net-land) probably forever. Rex Buddenberg USCG Headquarters