permissive action links nuclear weapons and the history
play

Permissive Action Links, Nuclear Weapons, and the History of - PowerPoint PPT Presentation

Nov 26, 2022 •199 likes •579 views

PAL Permissive Action Links, Nuclear Weapons, and the History of Public Key Cryptography Steven M. Bellovin smb@cs.columbia.edu http://www.cs.columbia.edu/smb +1 212-939-7149 Department of Computer Science Columbia University 1 Steven

  1. PAL Permissive Action Links, Nuclear Weapons, and the History of Public Key Cryptography Steven M. Bellovin smb@cs.columbia.edu http://www.cs.columbia.edu/˜smb +1 212-939-7149 Department of Computer Science Columbia University 1 Steven M. Bellovin October 21, 2005

  2. PAL “Bypassing a PAL should be, as one weapons designer graphically put it, about as complex as performing a tonsillectomy while entering the patient from the wrong end.” 2 Steven M. Bellovin October 21, 2005

  3. PAL What’s a PAL, and Why? • “Permissive Action Link” (originally “Prohibited Action Link”) • The cryptographic combination lock on nuclear weapons. • Prevents unauthorized use: – Enemy countries – Terrorists – Rogue (or pressured) U.S. troops – Our allies. ☞ The original motivation 3 Steven M. Bellovin October 21, 2005

  4. PAL Why Are PALs Interesting? • How do they work? What are the design principles? Supposedly, they cannot be bypassed. • Is there a lesson more mundane sorts of security mechamisms should emulate? • The history is interesting, and not fully documented. The original order to deploy PALs (NSAM-160, June 1962) is claimed to be the basis for NSA’s invention of public key cryptography in the mid-1960’s. What is the relationship? • I really hope they work as advertised. . . 4 Steven M. Bellovin October 21, 2005

  5. PAL Disclaimer • No secrets were stolen in the process of this research • The research was done without benefit of a clearance • As far as I know, nothing I’m going to say is classified (even though at one point one reporter and/or the FBI might have suspected otherwise) 5 Steven M. Bellovin October 21, 2005

  6. PAL The History of PALs • Envision the 1950s • The Cold War was in full swing; international relations were very tense • The U.S. was very afraid of a massive Soviet armored invasion of Western Europe. Maintaining a large-enough standing U.S. force in Europe was politically infeasible. • The answer was simple: NATO, nukes — and NATO members with nukes. . . 6 Steven M. Bellovin October 21, 2005

  7. PAL Many Kinds of Nukes! • Strategic weapons, on B-52s and ICBMs (but ICBMs were new and not that reliable) • Submarine-launched missiles (even newer) • IRBMs, deployed in various European countries • Designs for nuclear bomb-powered rockets (Project Orion) • Nuclear artillery shells • Nuclear land mines • Nuclear anti-aircraft missiles • Nuclear depth charges (the only weapon with a kill probability of 2, if you count the attacking ship) • Discussion of gigaton bombs, to create artifical tsunamis 7 Steven M. Bellovin October 21, 2005

  8. PAL Who Controlled the Bombs? • By US law, use of nuclear weapons could only be authorized by the President. (We now know that authority has been delegated to avoid decapitation attacks .) • Did we have adequte control over nuclear weapons stored in various European countries? • Could we really trust our allies? 8 Steven M. Bellovin October 21, 2005

  9. PAL Attitudes, Not That Long after World War II We have the missiles, peace to determine, And one of the fingers on the button will be German. MLF Lullaby —Tom Lehrer Then France got the bomb, but don’t you grieve, ’cause they’re on our side, I believe! Who’s Next? —Tom Lehrer 9 Steven M. Bellovin October 21, 2005

  10. PAL Many Risks • The Soviets were extremely afraid of the Germans • We didn’t fully trust the French • The Greeks and Turks hated each other ☞ In 1974, there was apparently a staredown over US nukes between the army and air force of one of those two countries. • Other danger spots? 10 Steven M. Bellovin October 21, 2005

  11. PAL Enter PALs • Strongly opposed by the military – Resentment of notion that the (U.S.) military couldn’t be trusted – Fear that PALs would compromise reliability • Congressional pressure for more effective U.S. control over European-based weapons • Eventually, President Kennedy signed National Security Action Memorandum 160, ordering their installation • The generals were won over by the increased ability to deploy tactical nukes near the front lines without risking Soviet capture — and use — of our bombs 11 Steven M. Bellovin October 21, 2005

  12. PAL Weisner’s Deployment Alternatives I (still classified) $2.9M II Non-U.S. NATO excluding U.K. 8.1M III Non-U.S. NATO including U.K. 10.2M IV U.S. and non-U.S. NATO excluding U.K. 15.2M V U.S. and non-U.S. NATO including U.K. and navy 23.4M 12 Steven M. Bellovin October 21, 2005

  13. PAL Sometimes, the Risk Was the U.S. Military. . . I used to worry about General Power. I used to worry that General Power was not stable. I used to worry about the fact that he had control over so many weapons and weapon systems and could, under certain conditions, launch the force. Back in the days before we had real positive control [i.e., PAL locks], SAC had the power to do a lot of things, and it was in his hands, and he knew it. —Gen. Lauris Norstad, deputy commander of SAC, speaking of his boss 13 Steven M. Bellovin October 21, 2005

  14. PAL Fast Forward 30 Years • At a Festcolloquium in honor of his retirement from Sandia Labs, Gus Simmons said that he learned of public key crypto the way many of us did, from Martin Gardener’s column in Scientific American • 5 minutes later, Jim Frazer – a retired chief cryptographer of NSA — said that NSAM-160 was the basis for NSA’s invention of public key cryptography, in the 1960s. • Simmons agreed with this statement • Note that this disagrees with the better-documented British claim (which hadn’t been declassified at the time) 14 Steven M. Bellovin October 21, 2005

  15. PAL The Research Project • Matt Blaze requested NSAM-160 from the Kennedy Library ☞ They initiated a declassification request for the memo and for the supporting memorandum • It arrived mostly intact — and the declassified section had nothing that even hinted at public key crypto. . . • Or did it? 15 Steven M. Bellovin October 21, 2005

  16. PAL In the Middle of a Redacted Section . . . Despite the limitations of this eqiupment, I believe it would give further (and probably decisive) protection against individual psychotics and would certainly deter unauthorized use by military forces holding the weapons during periods of high tension or military combat. . . . [emphasis added] Did this lead to the discovery of digital signatures, and hence non-repudiation? 16 Steven M. Bellovin October 21, 2005

  17. PAL More Research • Lots of library work • (My small, suburban library was able to get all sorts of unusual things via inter-library loan.) • Not all that much information online • Technical publications from Sandia Labs • Freedom of Information Act requests ☞ They arrive “redacted” • Nothing conclusive — but I learned a lot about nuclear weapons command and control • I needed to understand how bombs worked, in order to understand how they could be protected 17 Steven M. Bellovin October 21, 2005

  18. PAL How Bombs Work D/T Tamper �������� �������� �������� �������� �������� �������� Detonator Explosive Shell �������� �������� �������� �������� Fissile material Initator The deuterium/tritium pump, the initiator (the initial neutron source), and the detonators are all controlled by the sequencer. The first two require high voltage sources. Timing is critical to yield. 18 Steven M. Bellovin October 21, 2005

  19. PAL Safety Features • One-point safety – no nuclear yield from detonation of one explosive charge. • Strong link/weak link – strong link provides electrical isolation; weak link fails early under stress (heat, etc.) • Environmental sensors – detect flight trajectory. • Unique signal generator • Insulation of the detonators from electrical energy. • “Human intent” input. • Tamper-resistant skin. • Use control systems. 19 Steven M. Bellovin October 21, 2005

  20. PAL Bomb Safety Systems Human Intent Unique Signal Generator Control Control Detonation Nuclear Digital Isolation Isolation Subsystem Subsystem Signals Signal Processor Tamper−proof membrane Arming and Fuzing Environmental Sensors 20 Steven M. Bellovin October 21, 2005

  21. PAL Unique Signal Generator • Part of the strong link • Prevent any detonation without clear, unambiguous showing of “human intent” • A safety system, not a security system • Looks for 24-bit signal that is extremely unlikely to happen during any conceivable accident. (Format of input bits not safety-critical) ☞ Accidents can generate random or non-random data streams ☞ Desired signal pattern is unclassified! • Unique signal discriminator locks up on a single erroneous bit • At least partially mechanical • Sample conclusion: keyboards not suitable input device 21 Steven M. Bellovin October 21, 2005

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Permissive Action Links, Nuclear Weapons, and the Prehistory of Public Key Cryptography Steven

Permissive Action Links, Nuclear Weapons, and the Prehistory of Public Key Cryptography Steven

PAL Permissive Action Links, Nuclear Weapons, and the Prehistory of Public Key Cryptography Steven M. Bellovin smb@cs.columbia.edu http://www.cs.columbia.edu/ smb +1 212-939-7149 Department of Computer Science Columbia University 1

1.03k views • 37 slides
Nuclear Weapons Nuclear Weapons They produce incredible temperatures They produce incredible

Nuclear Weapons Nuclear Weapons They produce incredible temperatures They produce incredible

Nuclear Weapons 2 Observations about Nuclear Weapons 1 Observations about Nuclear Weapons Nuclear Weapons They release enormous amounts of energy They release enormous amounts of energy Nuclear Weapons Nuclear Weapons They produce

393 views • 3 slides
Nuclear Weapons 101 Nuclear Smuggling p. Nuclear Weapons 101 Fissile materials ( 235 U , 233

Nuclear Weapons 101 Nuclear Smuggling p. Nuclear Weapons 101 Fissile materials ( 235 U , 233

Nuclear Weapons 101 Nuclear Smuggling p. Nuclear Weapons 101 Fissile materials ( 235 U , 233 U , 239 Pu ) are used to make weapons of devastating power. Nuclear Smuggling p. Nuclear Weapons 101 Fissile materials ( 235 U , 233 U , 239 Pu

398 views • 29 slides
Looking beyond the nuclear weapons wall: Achieving peace and security without nuclear deterrence.

Looking beyond the nuclear weapons wall: Achieving peace and security without nuclear deterrence.

Looking beyond the nuclear weapons wall: Achieving peace and security without nuclear deterrence. Presentation to Peace Beyond Walls Seoul Peace Conference Alyn Ware, New Zealand Why still worried about nuclear weapons ? 14,000 nuclear

596 views • 21 slides
Nuclear Weapons General Information Moral Issues Survivors Stories Brought to you by

Nuclear Weapons General Information Moral Issues Survivors Stories Brought to you by

Nuclear Weapons General Information Moral Issues Survivors Stories Brought to you by Testimonies filmed by Soka Gakkai International WHAT ARE NUCLEAR WEAPONS? Bombs that use nuclear energy to cause an explosion. Nuclear energy is created

593 views • 32 slides
Game Theory and Nuclear Weapons Game Theory and Nuclear Weapons Game Theory and Nuclear Warfare

Game Theory and Nuclear Weapons Game Theory and Nuclear Weapons Game Theory and Nuclear Warfare

Game Theory and Nuclear Weapons Game Theory and Nuclear Weapons Game Theory and Nuclear Warfare Cuban Missile Crisis Theory of Mutually Assured Destruction (MAD) Does this theory explain what happened during the Cuban Missile

531 views • 25 slides
Verifying the Removal of Nuclear Weapons: Past and Future Practical Aspects of Nuclear

Verifying the Removal of Nuclear Weapons: Past and Future Practical Aspects of Nuclear

Verifying the Removal of Nuclear Weapons: Past and Future Practical Aspects of Nuclear Disarmament Verification 27 April 2018 Wilfred Wan, Researcher Outline How has verification of removal or elimination of nuclear weapons been done in

211 views • 10 slides
Nuclear Weapons Nuclear Weapons Yes Yes Y Y A. A. No No B. B. Nuclear Weapons 3

Nuclear Weapons Nuclear Weapons Yes Yes Y Y A. A. No No B. B. Nuclear Weapons 3

Nuclear Weapons 1 Nuclear Weapons 2 Introductory Question Introductory Question Is it possible to have 100 tons of plutonium Is it possible to have 100 tons of plutonium and not have it explode? and not have it explode? Nuclear Weapons

529 views • 4 slides
Banning Nuclear Weapons: Labors R ole Presentation by International Campaign to Abolish

Banning Nuclear Weapons: Labors R ole Presentation by International Campaign to Abolish

Banning Nuclear Weapons: Labors R ole Presentation by International Campaign to Abolish Nuclear Weapons (ICAN) NSW Labor Annual State Conference Fringe Program Sunday 14 February 2016 Sydney Town Hall This presentation addresses a crucial

477 views • 3 slides
VINTAGE VERIFICATION FOR TRUSTED RADIATION MEASUREMENTS AND A WORLD FREE OF NUCLEAR WEAPONS

VINTAGE VERIFICATION FOR TRUSTED RADIATION MEASUREMENTS AND A WORLD FREE OF NUCLEAR WEAPONS

defenseimagery.mil paulshambroomart.com VINTAGE VERIFICATION FOR TRUSTED RADIATION MEASUREMENTS AND A WORLD FREE OF NUCLEAR WEAPONS Moritz Ktt and Alex Glaser 34c3, Leipzig, December 2017 Revision 4 BACKGROUND : NUCLEAR WEAPONS WHERE WE

838 views • 60 slides
Tools and Procedures for Verifying the Absence of Nuclear Weapons Practical Aspects of Nuclear

Tools and Procedures for Verifying the Absence of Nuclear Weapons Practical Aspects of Nuclear

Tools and Procedures for Verifying the Absence of Nuclear Weapons Practical Aspects of Nuclear Disarmament Verification 27 April 2018 Ryan Snyder, Researcher Setting the context Cooperative process with reasonable access to bases or

311 views • 8 slides
NUCLEAR SKEPTICISM BY PAUL KIM RESEARCH QUESTION Questioning the Effect of Nuclear Weapons on

NUCLEAR SKEPTICISM BY PAUL KIM RESEARCH QUESTION Questioning the Effect of Nuclear Weapons on

NUCLEAR SKEPTICISM BY PAUL KIM RESEARCH QUESTION Questioning the Effect of Nuclear Weapons on Conflict (Mark S. Bell and Nicholas L. Miller) Q:What effect do nuclear weapons have on interstate conflict behavior? A:The conflict behavior

252 views • 11 slides
Assessing the Harm from Nuclear Weapons Testing and Production Prepared for the Vienna Conference

Assessing the Harm from Nuclear Weapons Testing and Production Prepared for the Vienna Conference

Assessing the Harm from Nuclear Weapons Testing and Production Prepared for the Vienna Conference on the Humanitarian Impact of Nuclear Weapons Arjun Makhijani, Ph.D. Institute for Energy and Environmental Research Arjun M December 8-9, 2014

169 views • 16 slides
Nuclear Weapons ~~We destroy them or they destroy us?~~ Fumihiko Yoshida Ph.D. The Carnegie

Nuclear Weapons ~~We destroy them or they destroy us?~~ Fumihiko Yoshida Ph.D. The Carnegie

Nuclear Weapons ~~We destroy them or they destroy us?~~ Fumihiko Yoshida Ph.D. The Carnegie Endowment for International Peace May 3, 2016 arms-control-fy@mbr.nfty.com 1 Before and After (Hiroshima) 2 Casualties (1) On August 6, 1945, a US

272 views • 14 slides
GENDER, DEVELOPMENT AND NUCLEAR WEAPONS Shared goals, shared concerns Dr. John Borrie (UNIDIR)

GENDER, DEVELOPMENT AND NUCLEAR WEAPONS Shared goals, shared concerns Dr. John Borrie (UNIDIR)

GENDER, DEVELOPMENT AND NUCLEAR WEAPONS Shared goals, shared concerns Dr. John Borrie (UNIDIR) on behalf of the authors United Nations, New York, 19 October 2016 What this talk is about ILPI and UNIDIR are interested in nuclear

480 views • 19 slides
Panel 2 Mine action on the ground: placing the people in the centre The history of arms control

Panel 2 Mine action on the ground: placing the people in the centre The history of arms control

Panel 2 Mine action on the ground: placing the people in the centre The history of arms control and disarmament is marked by a succession of various treaties focusing on the weapons, trying to reduce the number of assets or the damages directly

354 views • 7 slides
Pragmatic Approaches to Remedial Investigation, Technology Selection, and Remediation Success Tom

Pragmatic Approaches to Remedial Investigation, Technology Selection, and Remediation Success Tom

Pragmatic Approaches to Remedial Investigation, Technology Selection, and Remediation Success Tom Kady, USEPA Environmental Response Team Office of Superfund Remediation and Technology Innovation Technology Innovation and Field Services Division

695 views • 37 slides
Simulating biomolecular function from motions across multiple scales (I) Peter J. Bond (BII)

Simulating biomolecular function from motions across multiple scales (I) Peter J. Bond (BII)

Simulating biomolecular function from motions across multiple scales (I) Peter J. Bond (BII) peterjb@bii.a-star.edu.sg Structural Biology: Why the Need for Simulation? 2017 Explosion in number of structures deposited to PDB over past

648 views • 35 slides
Universit catholique de Louvain, Brussels Unit de pharmacologie cellulaire et mollculaire

Universit catholique de Louvain, Brussels Unit de pharmacologie cellulaire et mollculaire

Universit catholique de Louvain, Brussels Unit de pharmacologie cellulaire et mollculaire Biochemical and Biophysical and Biophysical Studies of Studies of the Interactions the Interactions Biochemical between Aminoglycoside

850 views • 46 slides
Membrane Biophysics & Soft Matter Physics Huey W. Huang Rice University, Physics &

Membrane Biophysics & Soft Matter Physics Huey W. Huang Rice University, Physics &

Taida: March 3, 2015 Membrane Biophysics & Soft Matter Physics Huey W. Huang Rice University, Physics & Astronomy http://hwhuang.rice.edu The talk is about Proteins interacting with membranes. Physical process rather than

649 views • 43 slides
Pink Noise and Sensory Adaptation Nick Jones Oxford Centre for Integrative Systems Biology

Pink Noise and Sensory Adaptation Nick Jones Oxford Centre for Integrative Systems Biology

Pink Noise and Sensory Adaptation Nick Jones Oxford Centre for Integrative Systems Biology Physics and Biochemistry What is Pink Noise? Pink Noise: a widespread kind of temporal fluctuation shown by systems named after its power spectral

454 views • 29 slides
Slide 1 / 91 Slide 2 / 91 1 How does a phospholipid membrane create an 2 Draw and label a

Slide 1 / 91 Slide 2 / 91 1 How does a phospholipid membrane create an 2 Draw and label a

Slide 1 / 91 Slide 2 / 91 1 How does a phospholipid membrane create an 2 Draw and label a phospholipid. isolated internal environment? Slide 3 / 91 Slide 4 / 91 3 In what way do the screen on a window and a cell 4 What essential role

309 views • 16 slides
BS400 Molecular Biophysics BT808 Principles of Biomolecular Interaction and Recognition Course

BS400 Molecular Biophysics BT808 Principles of Biomolecular Interaction and Recognition Course

BS400 Molecular Biophysics BT808 Principles of Biomolecular Interaction and Recognition Course material will be made available on moodle moodle.iitb.ac.in

782 views • 43 slides
Func%onal understanding of nutrient requirements for microbial growth

Func%onal understanding of nutrient requirements for microbial growth

Func%onal understanding of nutrient requirements for microbial growth Sef Heijnen, Department of Biotechnology, Faculty of Applied Sciences Growth by Division

185 views • 14 slides

More recommend