[Ground-station] How we talk about encryption can hurt us

Tue Mar 30 02:01:24 PST 2021

Hey Bruce and Michelle,,

Thought I would comment;
The OreSat project does just as you describe. Everything is in plaintext
but commands must be authenticated.

http://oresat.org

73,
Glenn

On Sat, Mar 13, 2021, 17:08 Bruce Perens via Ground-Station
<ground-station at lists.openresearch.institute> wrote:

> We have some serious problems with encryption in Amateur Radio. There is a
> continuing push to allow encryption on terrestrial Amateur communications
> to accommodate transmission of HIPAA-restricted
> personally-identifiable-information (medical data about people who are
> being served in an emergency). Currently we just make that data anonymous
> and transmit it in the clear, but given the existing big-ticket HIPAA
> lawsuits, some of our served agencies would rather encrypt.
>
> The problem for us is that we can't self-police the Amateur bands if
> transmissions are encrypted. We must, in fact, give priority to any
> encrypted transmission because we have to assume it's an emergency
> communication. So, encryption essentially opens the floodgates to
> unsupervised private communications on the Amateur bands, which would
> displace the honest operators. For the good of Amateur Radio, we must
> continue to push back against those who would expand encryption on the ham
> bands.
>
> We have a Part 97 permission to encrypt satellite commands because in the
> old days AMSAT used exclusive-OR with a constant to conceal their commands
> to their very simple satellites which were made out of discrete logic ICs.
> Something like digital signature was outside of their capabilities.
>
> We do not strictly need to encrypt satellite commands today, but we have
> it to use where that's so important that it justifies the use. Technically,
> we could entirely replace encryption with digital signature and messages
> sent in the clear. We would be assured that intruders could not sign the
> message in a way that would allow them to command the satellite, with the
> exact same reliability as if the message was encrypted.
>
> We should not be talking to the public about how important it is that we
> can encrypt commands to our satellite. We should indeed be minimizing the
> degree that this is necessary at all. By doing otherwise, we feed those who
> would like to expand the use of encryption in the Amateur Bands, and
> ultimately we do damage to Amateur Radio.
>
>     Thanks
>
>     Bruce
>
> --
> Bruce Perens - CEO at stealth startup. I'll tell you what it is eventually
> :-)
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openresearch.institute/pipermail/ground-station-openresearch.institute/attachments/20210329/09ec94b7/attachment.html>