Monday, January 11, 2010

For better encryption key distribution, look to Leisure Suit Larry. [a response to Bruce Schneier]

A few months ago, there was an uproar over our Predator drones in Afghanistan broadcasting video unencrypted. Techies coast-to-coast were a-twitter with glee that the military-industrial complex can't do anything right. Bruce Schneier put them in their place by pointing out that this data comes with an expiration date. We only need it stay encrypted for a few hours/days. He suggested a whole new key exchange system for this sort of data.

Here's my proposal: go back to the classics. I'm referring, of course, to the 1987 softcore software magnum opus Leisure Suit Larry in the Land of the Lounge Lizards. An adventure game in the vein of other Sierra On-Line franchises of the day (Kings Quest, Space Quest, Police Quest), it added one very important aspect: boobies. And to avoid the label of smut-peddlers, it added a CAPTCHA-esque ingenuity I think we'd do well to remember.

When you wanted to play the game, you entered your age. And then, it tested you on it. So if you said you were 25, it would ask you questions about the popular music of 10 years earlier. You could claim you were 18, but if you had the pop-cultural IQ of a 10 year-old, you were still locked out.

Predators should send out an encrypted video signal and a hint for the key. This could rest on cultural knowledge of American pop culture, or more specifically it could rely on the specific units the video was made for. You can search Wikipedia for Britney Spears's hit 1999 signal, but can you for, say, the nickname of the commanding general of the 10th Mountain Division?

This isn't industrial grade crypto. But it's a way to give out keys for data whose security has a lifetime of hours, not decades.

[ This is also related to the concept of a Shibboleth. I also vaguely remember, but couldn't find a story from WWII: Germans who'd learned American accent-free would be dressed up in looted American uniforms. They would have been made familiar with American military protocol. So US soldiers started asking them questions like "who won the National League Pennant in 1938." ]