[Ground-station] How we talk about encryption can hurt us
Bruce Perens
bruce at perens.com
Tue Mar 30 02:05:32 PST 2021
That's great to hear. It's nice to be able to tell the naysayers that there
are already implementations.
Thanks
Bruce
On Mon, Mar 29, 2021 at 7:01 PM Glenn LeBrasseur <glenn.lebrasseur at gmail.com>
wrote:
> Hey Bruce and Michelle,,
>
> Thought I would comment;
> The OreSat project does just as you describe. Everything is in plaintext
> but commands must be authenticated.
>
> http://oresat.org
>
> 73,
> Glenn
>
> On Sat, Mar 13, 2021, 17:08 Bruce Perens via Ground-Station
> <ground-station at lists.openresearch.institute> wrote:
>
>> We have some serious problems with encryption in Amateur Radio. There is
>> a continuing push to allow encryption on terrestrial Amateur communications
>> to accommodate transmission of HIPAA-restricted
>> personally-identifiable-information (medical data about people who are
>> being served in an emergency). Currently we just make that data anonymous
>> and transmit it in the clear, but given the existing big-ticket HIPAA
>> lawsuits, some of our served agencies would rather encrypt.
>>
>> The problem for us is that we can't self-police the Amateur bands if
>> transmissions are encrypted. We must, in fact, give priority to any
>> encrypted transmission because we have to assume it's an emergency
>> communication. So, encryption essentially opens the floodgates to
>> unsupervised private communications on the Amateur bands, which would
>> displace the honest operators. For the good of Amateur Radio, we must
>> continue to push back against those who would expand encryption on the ham
>> bands.
>>
>> We have a Part 97 permission to encrypt satellite commands because in the
>> old days AMSAT used exclusive-OR with a constant to conceal their commands
>> to their very simple satellites which were made out of discrete logic ICs.
>> Something like digital signature was outside of their capabilities.
>>
>> We do not strictly need to encrypt satellite commands today, but we have
>> it to use where that's so important that it justifies the use. Technically,
>> we could entirely replace encryption with digital signature and messages
>> sent in the clear. We would be assured that intruders could not sign the
>> message in a way that would allow them to command the satellite, with the
>> exact same reliability as if the message was encrypted.
>>
>> We should not be talking to the public about how important it is that we
>> can encrypt commands to our satellite. We should indeed be minimizing the
>> degree that this is necessary at all. By doing otherwise, we feed those who
>> would like to expand the use of encryption in the Amateur Bands, and
>> ultimately we do damage to Amateur Radio.
>>
>> Thanks
>>
>> Bruce
>>
>> --
>> Bruce Perens - CEO at stealth startup. I'll tell you what it is
>> eventually :-)
>>
>
--
Bruce Perens - CEO at stealth startup. I'll tell you what it is eventually
:-)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openresearch.institute/pipermail/ground-station-openresearch.institute/attachments/20210329/f282c179/attachment.html>
More information about the Ground-Station
mailing list