Carl Malamud: Internet Talk Radio, flame of the Internet. 

This is Geek of the Week. We’re talk­ing to Steve Crocker. He’s Vice President at Trusted Information Systems and the new mem­ber of the Internet Architecture Board with the secu­ri­ty port­fo­lio. Welcome to Geek of the Week, Steve.

Steve Crocker: Thank you very much. I should say that the IAB does not have those spe­cif­ic slots, and John Romkey, who’s been inter­viewed here before, and Mike Saint Johns in par­tic­u­lar, have very strong secu­ri­ty inter­ests as well. So I’ll cer­tain­ly try to do my part on the IAB with respect to secu­ri­ty but I expect to have—

Malamud: But before you were kicked upstairs you were the IESG Area Director for security.

Crocker: Yes, that’s right. I was the IESG’s Area Director for security.

Malamud: I’d like to know the dif­fer­ence between the Clipper Chip, DSS, and RSA. So why don’t we start with the Clipper chip, and you can tell us what that is and what the oth­er com­po­nents of Clipper are. 

Crocker: Ah. An inter­est­ing col­lec­tion of top­ics. I need to back up just a lit­tle bit in order to put all of this into per­spec­tive. What you’ve named—Clipper, DSS, and RSA—are cryp­tog­ra­phy tech­nolo­gies. And cryp­tog­ra­phy is used for sev­er­al inter­re­lat­ed but some­what dis­tinct pur­pos­es. The most obvi­ous use of cryp­tog­ra­phy is to scram­ble infor­ma­tion so that it can’t be seen by any­body except the sender and the intend­ed receiv­er. Cryptography is also used for a sig­na­ture process so that the per­son who receives a dig­i­tal­ly signed mes­sage can be assured that it came from the per­son who sent it instead of from some­body else who’s forg­ing a message.

Malamud: So you scram­ble a mag­ic cook­ie and if you can describe it it must’ve been from you because you’re the only one who can scram­ble it.

Crocker: Precisely. And there’s yet anoth­er close­ly relat­ed but again some­what dis­tinct aspect, which is to make sure that the mes­sage that was received is an untampered-with or unmod­i­fied copy of what was sent. And again this involves some use of cryp­tog­ra­phy, prin­ci­pal­ly involv­ing a cryp­to­graph­ic check­sum so that it’s impos­si­ble to mod­i­fy a mes­sage and cre­ate the same cryp­to­graph­ic check­sum, and that if the mes­sage is mod­i­fied the receiv­er can detect it.

Now, those are three dif­fer­ent secu­ri­ty ser­vices, and then I need to add one more piece of com­plex­i­ty, what’s called sym­met­ric ver­sus asym­met­ric cryptography. 

The Clipper chip is a form of sym­met­ric cryp­tog­ra­phy. That means that the same key is shared by the sender and the receiv­er. And the sender uses the key to ini­ti­ate the scram­bling process, and the receiv­er uses the key—the same key—to descram­ble the mes­sage. And in this respect, Clipper is an alter­na­tive to the long-used Data Encryption Standard, DES, that has been around for close to twen­ty years and has been a fed­er­al infor­ma­tion pro­cess­ing standard. 

Malamud: So Clipper is, if I might over­sim­pli­fy, is a hard­ware replace­ment for the soft­ware DES, although DES could’ve been put in hardware.

Crocker: Yeah. Actually, the orig­i­nal FIPS spec­i­fi­ca­tions tend­ed to avoid soft­ware imple­men­ta­tions and insist that DES be in hard­ware or at least in ded­i­cat­ed micro­proces­sors. But DES is wide­ly imple­ment­ed in soft­ware, as you say. Clipper is intend­ed as a replace­ment for DES, and of course the thing that makes Clipper of great inter­est and con­cern is that in addi­tion to pro­vid­ing the scram­bling process it also has this sort of escrowed key idea. Which means that in the process of using it, the key that you use is encod­ed in a way that the US fed­er­al gov­ern­ment can inter­cept if they want and decode that mes­sage because the keys are car­ried with the mes­sage, or have to be for­ward­ed in advance, actu­al­ly. And in for­ward­ing them, they’re encod­ed in a way that… They’re encrypt­ed with yet anoth­er key. And the key that they’re encrypt­ed with is this escrowed key that is cre­at­ed at the time the chip is cre­at­ed and is stored away in a vault some­where. And the intend­ed oper­a­tion is that under fed­er­al court order are appro­pri­ate legal safe­guards sur­round­ing that. The key that unlocks the key that the user has cho­sen is obtain­able and usable by fed­er­al author­i­ties, or per­haps the local law enforce­ment authorities—it’s not entire­ly clear what the pro­ce­dures will be.

Malamud: So this is a sym­met­ric key sys­tem. Basically we share a secret—you know it, I know it—and because we both have it we’re able to decode the traf­fic. How do we share that secret? How does Clipper let you know the secret that we want to use for this par­tic­u­lar conversation?

Crocker: Clipper does­n’t involve… Clipper by itself does­n’t have that par­tic­u­lar mech­a­nism. You have to do some­thing else. But in the process of syn­chro­niz­ing the two, you sort of have to make clear what key you’re using. And you do it in a way that as I say, it’s encrypt­ed but only peo­ple who have access to the key that the Clipper chip was man­u­fac­tured with. And each Clipper chip has its own dis­tinct key but in the process of com­mu­ni­cat­ing that key across, the iden­ti­ty of the Clipper chip—of that par­tic­u­lar chip, its ser­i­al num­ber if you will—is dis­closed. And then by look­ing in this vault you can com­pare the ser­i­al num­ber and find the key that goes with that.

Let me move quick­ly to the oth­er ques­tions that you asked because I think it’s impor­tant to under­stand the oth­er pieces. You asked about the Digital Signature Standard and you asked about RSA. These are what are called asym­met­ric, or more com­mon­ly pub­lic key, tech­nolo­gies. And pub­lic key tech­nol­o­gy has this pecu­liar and real­ly excit­ing idea that there are a matched pair of keys. Instead of a sin­gle key being shared by both par­ties, there are two dif­fer­ent and dis­tinct keys. One is used by the sender and one is used by the receiv­er. And the math­e­mat­i­cal process that’s used to cre­ate the pair of keys makes them a mat­ed pair. And when used for encryp­tion, the sender uses the first key and the receiv­er uses the sec­ond key. The sender encrypts and the receiv­er decrypts, but the the sender can­not, and nobody else can decrypt the mes­sage because they’ve only used the encrypt­ing key. 

And so the way that’s used is if I want to send a mes­sage to you, you have a matched pair of keys and you make one half of that, you make one of those avail­able for every­body to know. And that’s what you call your pub­lic key. And you have a match­ing one that you keep pri­vate and you don’t let any­body else know. Anybody who wants to send infor­ma­tion to you so that only you can read it will use your pub­lic key. And they will encrypt the mes­sage using your pub­lic key and then send it to you. You will have the pri­vate key and you will be able to decrypt that mes­sage using your pri­vate key. 

The same idea applies in reverse with a dig­i­tal sig­na­ture. Again, using pub­lic key tech­nol­o­gy there’s a matched pair of keys. In this case the sender has a pair of keys. He uses one that he uses pri­vate­ly, and he uses that to sign the mes­sage. And he makes avail­able his pub­lic com­po­nent. Everybody who wants to know whether or not that mes­sage was signed by that per­son gets a hold of the pub­lic com­po­nent and uses it to check the sig­na­ture. So there’s two uses of pub­lic key tech­nol­o­gy. And in both cas­es you have one par­ty keep­ing one half of the infor­ma­tion pri­vate and mak­ing the oth­er half pub­licly available. 

Malamud: Steve Crocker, we’ve been talk­ing about pub­lic key, and there are sev­er­al vari­ants of pub­lic key sig­na­ture stan­dards. There’s RSA and there’s DSS. Maybe you can explain what the dif­fer­ences between the Digital Signature Standard and RSA.

Crocker: Right. As I’ve described, there’s two uses of pub­lic key tech­nol­o­gy. One is an encryption-oriented, and the oth­er is sig­na­ture. Now we come to a most pecu­liar and most inter­est­ing phenomenon. 

There are mul­ti­ple algo­rithms avail­able for pub­lic key tech­nol­o­gy. The one that is most wide­ly used and most pop­u­lar, and far and away preva­lent in the mar­ket­place and has very nice tech­ni­cal prop­er­ties is the RSA algo­rithm. RSA stands for the three inven­tors, Rivest, Shamir, and Adleman. And because it’s also the name of the algo­rithm and then there’s a com­pa­ny, RSA Data Security, the term RSA seems to be used for both the algo­rithm and the com­pa­ny, and some­times even to refer to the inventors.

Malamud: And this is a set of patents as well.

Crocker: That’s right. This pub­lic key tech­nol­o­gy is patent­ed. There are mul­ti­ple patents gov­ern­ing dif­fer­ent parts of pub­lic key tech­nol­o­gy and in par­tic­u­lar there’s one for the RSA algorithm. 

The inter­est­ing phe­nom­e­non relat­ed to the RSA algo­rithm and is not shared with some of the oth­er algo­rithms is it is use­ful for both encryp­tion and for dig­i­tal sig­na­ture. That is they are two dis­tinct uses and this sin­gle algo­rithm is use­ful for both of those. And there’s an amaz­ing and some­what inter­est­ing sto­ry that then devel­ops from that. But I’m get­ting ahead of myself a lit­tle bit.

The Digital Signature Standard, or the Digital Signature Algorithm, which the US gov­ern­ment is seek­ing to turn into a fed­er­al stan­dard, is anoth­er pub­lic key algo­rithm. And it is use­ful only for sig­na­tures and is not use­ful for encryption.

Malamud: Why is that?

Crocker: Well, I don’t want to dig down too far into the tech­ni­cal details of this, but the broad overview is that the process of check­ing the sig­na­ture yields a result that says, Yes, I know that that was signed by some­body,” but it does­n’t trans­fer any infor­ma­tion. The com­pu­ta­tion results in a yes or no process and it does­n’t trans­fer any information. 

The RSA algo­rithm, in con­trast, trans­fers a cer­tain amount of infor­ma­tion and that infor­ma­tion can be used either to ini­ti­ate an encryp­tion process. And it can also be used in a sig­na­ture mode because you check whether or not the infor­ma­tion that got trans­ferred that way is equiv­a­lent to anoth­er piece of infor­ma­tion which is inher­ent in the mes­sage. But the the Digital Signature Algorithm has this oth­er prop­er­ty where no new infor­ma­tion oth­er than a sin­gle yes or no com­pu­ta­tion is transferred

Now, it turns out that encryp­tion tech­nol­o­gy is viewed as a very sen­si­tive sub­ject by gov­ern­ments in gen­er­al, by the US gov­ern­ment in par­tic­u­lar. It’s viewed as a crit­i­cal mil­i­tary tech­nol­o­gy. And it is treat­ed for export pur­pos­es the same as machine guns, and nuclear weapons, and sub­ma­rine tur­bines and oth­er high tech­nol­o­gy, militarily-relevant issues. It’s list­ed on the International Traffic in Arms Regulations list of con­trolled muni­tions. And the—

Malamud: All cryp­tog­ra­phy or cer­tain algo­rithms? Are they specif­i­cal­ly list­ed or can you just…is there a blanket…?

Crocker: Cryptography as a sub­ject is list­ed. The spe­cif­ic algo­rithms are then sub­ject to reg­u­la­tion by state depart­ments, by the defense depart­ment, and by the com­merce depart­ment in sort of an inter­lock­ing set of reg­u­la­tions. But the crit­i­cal fac­tor is that cryp­tog­ra­phy as a sub­ject is first and fore­most treat­ed as a mil­i­tary tech­nol­o­gy, and then if the algo­rithms are suf­fi­cient­ly benign, then they are passed over to com­merce for reg­u­la­tion as gen­er­al trade issues the same as every­thing else is regulated—apparel and fruits and every kind of oth­er thing. But the first test before you can export some­thing is are we giv­ing away tech­nol­o­gy which would help for­eign gov­ern­ments or for­eign nation­als of any sort—terrorists or oth­ers,” and cryp­tog­ra­phy is treat­ed as a very sen­si­tive subject. 

And with­in the gen­er­al realm of cryp­tog­ra­phy, encryp­tion is con­sid­ered to be far more sen­si­tive and far more impor­tant to con­trol than oth­er uses of cryp­tog­ra­phy such as authen­ti­ca­tion and pro­tec­tion of integri­ty. So if you want to export some soft­ware or hard­ware that con­tains cryp­tog­ra­phy, and if it only con­tains authen­ti­ca­tion and integri­ty con­trols, then it’s far eas­i­er and the reg­u­la­tions are make it much eas­i­er to export that, to sell that, almost with­out limitation. 

On the oth­er hand if it con­tains encryp­tion tech­nol­o­gy, so that it scram­bles data and pre­vents some­body from see­ing the infor­ma­tion, that’s very tight­ly con­trolled. And the short descrip­tion of the rules, and with the usu­al caveats that I’m not a lawyer work­ing in this area—I’m not a lawyer at all and I’m not work­ing in this area that way. But the basic com­mon sense of this is that if the cryp­tog­ra­phy is strong enough, and DES for exam­ple is strong enough, then you can­not get a gen­er­al pur­pose license to ship it any­where out­side the United States and Canada. And you can get a spe­cial pur­pose license to ship it to sub­sidiaries of US multi­na­tion­als and to finan­cial insti­tu­tions. But gen­er­al com­mer­cial use of high-grade cryp­tog­ra­phy is pro­hib­it­ed out­side the US and Canada. Inside the US and Canada, things are wide and open and any­body can make any­thing they want and sell it any­where they want.

Now, that brings us back to the RSA sto­ry. RSA is a very ele­gant, and sim­ple, and clean, and effec­tive, and broadly-used algo­rithm. But because it’s use­ful for both encryp­tion as well as for sig­na­tures, this has trig­gered a con­sid­er­able amount of inter­est inside the US gov­ern­ment and they are con­tin­u­ing to go to con­sid­er­able effort to slow down the spread of encryp­tion tech­nol­o­gy. And their strat­e­gy has been to invent and bring out a new sig­na­ture algo­rithm with the intent of divid­ing the mar­ket and attempt­ing to lim­it the use of RSA technology. 

Malamud: So that’s DSS.

Crocker: That’s right. 

Malamud: And DSS is a…does that some­how tread on the patents from RSA? Is there an inter­lock­ing patents issue here?

Crocker: Well, that’s anoth­er excel­lent ques­tion. DSS, because it’s a pub­lic key tech­nol­o­gy, does indeed require access to the exist­ing patents. And in addi­tion, not only does it require access to the basic pub­lic key tech­nol­o­gy patents, but the par­tic­u­lar algo­rithm that they invent­ed turns out to make use of the same ideas that a German inven­tor, Schnorr, also patent­ed him­self. And the Schnorr patent has now been acquired by Public Key Partners, which con­trols the oth­er pub­lic key tech­nol­o­gy patents. 

And so the US gov­ern­ment is in this extreme­ly awk­ward posi­tion of hav­ing invent­ed an algo­rithm, and I think they’ve obtained a patent on it them­selves. But they’ve only obtained a patent on the por­tion that’s new. Meanwhile it rests on patent­ed tech­nol­o­gy by Schnorr and by the oth­er pub­lic key tech­nolo­gies. And so they now have to find a way to license it. And there’s been quite an outcry. 

So the the US gov­ern­men­t’s caught in mul­ti­ple ways on this. First of all they’re try­ing to invent a algo­rithm that serves no tech­ni­cal pur­pose except to under­mine and divide the mar­ket­place that has already got a solu­tion to this in the form of the RSA algo­rithm. And sec­ond of all, they’re try­ing to make avail­able as a pub­lic stan­dard a tech­nol­o­gy that they don’t have clean and unham­pered rights to. 

Malamud: Let’s talk about secu­ri­ty in the Internet, and how do you secure a general-purpose infra­struc­ture? You’ve been involved in this area of study for a long time. Do we have an idea on how to secure the Internet now?

Crocker: Yes, not only do we have an idea, we have lots of ideas. And I should say first of all that the idea of secur­ing the Internet is not a sin­gle, uni­form, one-shot process. There’s not a sin­gle thing that you could do that [crosstalk] would bring you a high degree of—

Malamud: No just turn the key and say we’re done.

Crocker: No, there’s no turn­ing the key. There are many aspects of secur­ing the Internet. You know, so we’ve described there’s dif­fer­ent aspects of secu­ri­ty relat­ed to pro­tect­ing the pri­va­cy or con­fi­den­tial­i­ty of infor­ma­tion while it’s being trans­mit­ted. And entire­ly dif­fer­ent issue of of pro­tect­ing the integri­ty to assure that some­thing has­n’t been tam­pered with or if it has that you can detect it. 

Malamud: So secu­ri­ty is many lay­ers and many dif­fer­ent protocols.

Crocker: Multi-faceted, mul­ti­ple aspects of what’s meant by secu­ri­ty. And of course one of our biggest con­cerns is mak­ing sure that com­put­ers don’t get bro­ken into on the network.

At the same time, the Internet con­sists of a lot of dif­fer­ent parts. One might try to pro­tect the trans­mis­sion of infor­ma­tion going across the net­work. And at the same time, one would like to make sure that the infrastructure—the routers and the trans­mis­sion lines and so forth—can’t be tam­pered with, there­by bring­ing down the net­work. I mean, one of the most ter­ri­ble things we could imag­ine is that some­body might pen­e­trate enough of the net­work to inter­rupt the flow of infor­ma­tion and bring the whole net­work down, irre­spec­tive of whether or not they got into any of the end sys­tems on the network. 

Malamud: Does that mean authen­ti­cat­ing router exchanges so that one router knows that it’s real­ly the oth­er router it’s talk­ing to?

Crocker: Certainly one of the most sen­si­tive aspects is the rout­ing infor­ma­tion that the routers use to know how to direct one pack­et to move across the net­work to get to where it’s going. And pro­tect­ing rout­ing infor­ma­tion is absolute­ly essen­tial to that. We’ve been for­tu­nate so far in that there have not been any inten­tion­al dis­rup­tions of rout­ing mech­a­nisms. There have been a num­ber of acci­den­tal events over the past twen­ty years that have brought down par­tic­u­lar net­works for short peri­ods of time. 

Most of the secu­ri­ty issues where we’ve seen any kind of inten­tion­al activ­i­ty has been direct­ed at the end systems—people break­ing into spe­cif­ic com­put­ers around the net­work. And the most recent vis­i­ble flur­ry of events has been har­vest­ing of pass­words using Ethernet-sniffing pro­grams. And that’s caused a great deal of concern.

Malamud: Well, let’s look at that issue right there. The prob­lem there was a net­work device that you would use on occa­sion to put your Ethernet con­troller into promis­cu­ous mode so you can look at your Ethernet and see what’s going on. It’s a clas­sic debug­ging tool. And what hap­pened is peo­ple would come in from the out­side, steal an account, sit there and use tools this tool as a way of har­vest­ing pass­words. Do we have solu­tions avail­able to stop that kind of an attack?

Crocker: Yes. I think your descrip­tion is right. And the oth­er ques­tion is well, what can we do to stop this. And I think there are two things that have to be done to stop this. First of all, we’d like com­put­ers to be pro­tect­ed enough so that peo­ple are not break­ing in and tak­ing them over and run­ning the snif­fer pro­gram and cap­tur­ing all the infor­ma­tion that’s going by. 

One of the things that’s made this par­tic­u­lar flur­ry of inci­dents more impor­tant than in the past— And it’s prob­a­bly impor­tant to empha­size that this kind of attack is not brand new, but this is sort of a worse case than we’ve seen in the past. The rea­son it’s been some­what worse is that the attacks have tak­en place not only on local area net­works with­in a sin­gle orga­ni­za­tion, but cer­tain crit­i­cal com­put­ers that were sit­ting on Ethernets in the mid­dle of cross-country or inter­na­tion­al traf­fic points were bro­ken into. And so the traf­fic that was acces­si­ble was orig­i­nat­ed at quite some dis­tance away and was head­ed at some fur­ther remote point, and so pass­words were har­vest­ed not only for locally-available machines but for machines all over the world. 

Certainly strength­en­ing the oper­a­tion of those class of machines, the ones that are oper­at­ed by region­al net­works and that are sit­ting in crit­i­cal points in the oper­a­tions, those can be strength­ened very eas­i­ly. That’s main­ly a mat­ter of atten­tion and dis­ci­pline and height­ened awareness. 

Now, that’s one aspect and I think that’s rel­a­tive­ly straight­for­ward. But that’s only a first step. A much more impor­tant step is a real­iza­tion that send­ing pass­words in the clear over the Internet is a dead idea. That’s just an idea whose time has passed.

Crocker: A one-time pass­word is some­thing that you use once and then you don’t use it again. And then the nat­ur­al ques­tion is well, what do I do the next time that I have to log into a remote machine? And the answer is you have anoth­er one-time pass­words. So you have a list of them, and each time you use one you cross it off.

Malamud: So you take this list and you print it out onto a piece of paper and you tack it up on the wall next your computer?

Crocker: Well, in fact that is one of the ways to do it, and that’s a lit­tle clum­sy and seems a lit­tle odd but it’s a work­able sys­tem. I’ll come back to that in a sec­ond. Let me shift over to a anoth­er class of things that’re called challenge-response sys­tems. It’s now mod­er­ate­ly com­mon to be able to use a lit­tle cal­cu­la­tor device, and things work this way: I want to log into a remote com­put­er. I have an account on that com­put­er. I iden­ti­fy myself—I say crock­er,” and back comes not a request for my pass­word, but a num­ber is typed out at me. And that num­ber is a ran­dom num­ber that is dif­fer­ent every sin­gle time that I try to con­nect. So that’s where part of the secu­ri­ty comes from, is the fact that this num­ber changes every sin­gle time. If some­body were watch­ing this they would not learn any­thing from watch­ing one exchange.

Malamud: Okay, so that’s the chal­lenge. The chal­lenge is some unique ran­dom number.

Crocker: Right. I take that ran­dom num­ber, and I key it into this lit­tle cal­cu­la­tor device. And in the win­dow of this cal­cu­la­tor device is the answer. Now, what’s hap­pened is inside this cal­cu­la­tor device is a secret num­ber, [crosstalk] like a password.

Malamud: Like my RSA pri­vate key, maybe. 

Crocker: No, it’s not— It does­n’t have to be as com­pli­cat­ed as that. It’s more typ­i­cal­ly a DES key, and it just trans­forms the chal­lenge into the response. And of course at the oth­er end, the com­put­er that I’m try­ing to log into—the host—it has the same secret num­ber. And it’s done the same trans­for­ma­tion. So then I respond with this trans­formed num­ber, this response, and it checks to see if it’s what it’s expecting. 

Because the chal­lenges are dif­fer­ent every sin­gle time, sim­ply record­ing the chal­lenge and response if some eaves­drop­per were doing that, would­n’t teach him any­thing. And fur­ther­more, there isn’t any way to dis­cov­er what the secret was by look­ing at the chal­lenge and response pair. This is very impor­tant. One could record the chal­lenge, one could record the response; if the trans­for­ma­tion process were suf­fi­cient­ly sim­ple, one could look at that pair and derive what the secret is but it’s a part of the cryp­tog­ra­phy that you can’t fig­ure out what the secret is just from look­ing at an input and out­put pair. 

Malamud: It sounds like we have tools. We have pub­lic key, we have challenge-response sys­tems. How long before the Internet becomes a safe place to live and work? Or is it a safe place to live and work now?

Crocker: Well it’s not as dan­ger­ous as one might gath­er from press reports, but it’s def­i­nite­ly not as safe as it could be. How long” is the kind of ques­tion that is a very very tough to answer. It depends—

Malamud: Are we going to see short-term dra­mat­ic improve­ments in Internet secu­ri­ty, or is this some­thing we’re going to be wait­ing for years and years?

Crocker: I think your point is right, that the basic tech­nol­o­gy is in hand. It has not been as usable as it could be. It has not been fold­ed into the prod­ucts, and I must admit it has not been fold­ed into the pro­to­cols as quick­ly as it should have been. In the pro­to­col process we’ve con­cen­trat­ed per­haps too much on high-end pro­to­cols and more much more com­plex things. I would like to see auto­mat­ic one-time pass­word mech­a­nisms or challenge-response mech­a­nisms built into tel­net pro­to­cols and FTP pro­to­cols. Many of us trav­el with lap­tops; there’s no rea­son why those com­pu­ta­tions could­n’t be done in the lap­top, trans­par­ent to the user. 

User-friendliness, usabil­i­ty, are key issues with respect to secu­ri­ty and it’s a very typ­i­cal kind of trade-off that where secu­ri­ty gets in the way of usabil­i­ty, secu­ri­ty is usu­al­ly jet­ti­soned. That helps sales in the short run but it does­n’t improve secu­ri­ty for the total net­work environment.

Malamud: But you think we have the tools that we can begin doing this.

Crocker: Yeah. I would hope that over the next twelve to eigh­teen months, and here it is, the tail end of March of 94 that I’m talk­ing so let me go on the record. Let’s see, first of April is the begin­ning of a new quar­ter. So if we roll for­ward eigh­teen months then we’re talk­ing about first of October, 1995. It might be inter­est­ing to ask what is the state of secu­ri­ty with respect to the kind of pass­word attacks and relat­ed things that we’ve seen? And maybe we’ll all be sleep­ing bet­ter or maybe the sit­u­a­tion won’t be any bet­ter and I will be prop­er­ly cha­grined about how hard this prob­lem has been to tackle.

Malamud: Well there you have it. We’ve been talk­ing to Steve Crocker. This has been Geek of the Week. 

Malamud: This is Internet Talk Radio, flame of the Internet. You’ve been lis­ten­ing to Geek of the Week. You may copy this pro­gram to any medi­um and change the encod­ing, but may not alter the data or sell the con­tents. To pur­chase an audio cas­sette of this pro­gram, send mail to radio@​ora.​com. Support for Geek of the Week comes from Sun Microsystems. Sun, the net­work is the computer. 

Support for Geek of the Week also comes from O’Reilly & Associates, pub­lish­ers of The Global Network Navigator, your online hyper­text mag­a­zine. For more infor­ma­tion, send mail to info@​gnn.​com. Network con­nec­tiv­i­ty for the Internet Multicasting Service is pro­vid­ed by MFS Datanet and by UUNET Technologies.

Executive Producer for Geek of the Week is Martin Lucas. Production Manager is James Roland. Rick Dunbar and Curtis Generous are the sysad­mins. This is Carl Malamud for the Internet Multicasting Service, town crier to the glob­al village.