Revised IGC-approvals for some types of legacy recorder

In article ,
"tango4" wrote:

After going to all of the time designing the hardware security along came
the idea of public key cryptography so the IGC spec was 'upgraded' to
incorporate this additional security layer. The Cambridges and others got
caught between the two specs.

Public key cryptography was well known in 1994 when the Cambridge 10's
were used at the NZ pre-worlds, and in fact I *told* them at the time
that they should be using something like RSA instead of something
home-grown.

Oh well.

-- Bruce

Yes, but doesn't the CAI system work? It is my impression that it is
perfectly secure and has never been compromised. So why suddenly call it
"insecure".

What is the plan to get the approval back in place? What must CAI do to
make it meet your new requirements?

Paul Remde

"Bruce Hoult" wrote in message
...
In article ,
"tango4" wrote:

After going to all of the time designing the hardware security along
came
the idea of public key cryptography so the IGC spec was 'upgraded' to
incorporate this additional security layer. The Cambridges and others
got
caught between the two specs.

Public key cryptography was well known in 1994 when the Cambridge 10's
were used at the NZ pre-worlds, and in fact I *told* them at the time
that they should be using something like RSA instead of something
home-grown.

Oh well.

-- Bruce

Paul Remde wrote:

Yes, but doesn't the CAI system work? It is my impression that it is
perfectly secure and has never been compromised. So why suddenly call it
"insecure".

As of January 1st, the CAI Model 10/20/25 won't be considered
"insecure", they just won't be considered "secure enough" for world
records. You can still use it for badges, 1000K+ diplomas, contests,
etc., just not world records.

What is the plan to get the approval back in place? What must CAI do to
make it meet your new requirements?

Minimally, a firmware upgrade would be required, but it is not clear
that the microcontroller is fast enough to support the needed changes.
The manufacturer(s?) is the only one that can provide an answer...

Marc

I just find this absurd. I'm very angry about the sudden change.

If I remember correctly, Steve Fossett is using a GPS-NAV (and a 302 I
believe) and currently setting world records in the southern hemisphere.

I'm still waiting for a good answer to the question why. Why is the GPS-NAV
suddenly not secure for world records?

This is not acceptable behavior by the IGC.

Paul Remde

"Marc Ramsey" wrote in message
om...
Paul Remde wrote:

Yes, but doesn't the CAI system work? It is my impression that it is
perfectly secure and has never been compromised. So why suddenly call
it
"insecure".

As of January 1st, the CAI Model 10/20/25 won't be considered
"insecure", they just won't be considered "secure enough" for world
records. You can still use it for badges, 1000K+ diplomas, contests,
etc., just not world records.

What is the plan to get the approval back in place? What must CAI do to
make it meet your new requirements?

Minimally, a firmware upgrade would be required, but it is not clear
that the microcontroller is fast enough to support the needed changes.
The manufacturer(s?) is the only one that can provide an answer...

Marc

Paul Remde wrote:
I just find this absurd. I'm very angry about the sudden change.

If I remember correctly, Steve Fossett is using a GPS-NAV (and a 302 I
believe) and currently setting world records in the southern hemisphere.

The 302 will continue to be approved for world records for the
forseeable future. Steve Fossett also owns at least two Volksloggers,
which will also continue to be approved for world records.

I'm still waiting for a good answer to the question why. Why is the GPS-NAV
suddenly not secure for world records?

According to the current flight recorder specifications, a new design
similar to the GPS-NAV could not be approved for world records. There
are other older flight recorder models for which there are known
security concerns. The only (more or less) fair way remove world
record approval from some models was to remove such approval from all
similar designs approved under the older specifications.

This is not acceptable behavior by the IGC.

I can't think of any way this could have been done that everyone would
find acceptable...

Marc

"Paul Remde" wrote in message news:rQgub.32000$Dw6.156983@attbi_s02...
I just find this absurd. I'm very angry about the sudden change.
As Ian mentioned this decision was taken by the IGC Plenum at their
meeting
in March 2003 and was mentioned in the minutes of this meeting so no
question about sudden change.

If I remember correctly, Steve Fossett is using a GPS-NAV (and a 302 I
believe) and currently setting world records in the southern hemisphere.
I think Mr. Fossett is well capable to afford a flight recorder which
is suitable for World Records.

I'm still waiting for a good answer to the question why. Why is the GPS-NAV
suddenly not secure for world records?
Your anger must have blinded you, just read the points mentioned in
Ians mailing which is in perfect English.

This is not acceptable behavior by the IGC.
What exactly do you not find acceptable? Progress? Computing power has
changed considerably since these initial specifications were
introduced. I think pilots going for world records will be happy in
the knowledge that their traces come from FR's with the highest
security available and nobody will be able to manufacture a record by
breaking the security of these older FR's.

Regards
Bruno
IGC-GNSS Committee

Paul Remde

"Marc Ramsey" wrote in message
om...
Paul Remde wrote:

Yes, but doesn't the CAI system work? It is my impression that it is
perfectly secure and has never been compromised. So why suddenly call
it
"insecure".

As of January 1st, the CAI Model 10/20/25 won't be considered
"insecure", they just won't be considered "secure enough" for world
records. You can still use it for badges, 1000K+ diplomas, contests,
etc., just not world records.

What is the plan to get the approval back in place? What must CAI do to
make it meet your new requirements?

Minimally, a firmware upgrade would be required, but it is not clear
that the microcontroller is fast enough to support the needed changes.
The manufacturer(s?) is the only one that can provide an answer...

Marc

(Bruno Ramseyer) writes:

What exactly do you not find acceptable? Progress? Computing power
has changed considerably since these initial specifications were
introduced. I think pilots going for world records will be happy in
the knowledge that their traces come from FR's with the highest
security available and nobody will be able to manufacture a record
by breaking the security of these older FR's.

If anyone is going to fabricate records, then just feed the whole
system from a pseudolite set. No need to get inside the systems at
all.

--
Paul Repacholi 1 Crescent Rd.,
+61 (08) 9257-1001 Kalamunda.
West Australia 6076
comp.os.vms,- The Older, Grumpier Slashdot
Raw, Cooked or Well-done, it's all half baked.
EPIC, The Architecture of the future, always has been, always will be.

Paul Repacholi wrote:
If anyone is going to fabricate records, then just feed the whole
system from a pseudolite set. No need to get inside the systems at
all.

You'd need to properly synchonize the GPS and pressure altitude changes
to pull it off. Maybe it's easy for you, but not for me 8^)

Marc

Paul Repacholi wrote:
...
If anyone is going to fabricate records, then just feed the whole
system from a pseudolite set. No need to get inside the systems at
all.
...

This is just what the cryptograhic RSA signature makes impossible,
not to fake such records, but to put them in an IGC file that the
validation program accepts as a genuine file coming from the logger.

In article gJfub.230766$Fm2.231960@attbi_s04,
"Paul Remde" wrote:
"Bruce Hoult" wrote in message
...
Public key cryptography was well known in 1994 when the Cambridge 10's
were used at the NZ pre-worlds, and in fact I *told* them at the time
that they should be using something like RSA instead of something
home-grown.

Yes, but doesn't the CAI system work?

Unfortunately we have no way of knowing, because the method used isn't
published. But essentially I believe it is a typical private key system
which relies on only trusted parties knowing the secret key. These
trusted parties include anyone writing software to upload flights (which
I suspect is the reason they would never give me the specs for writing
mac software), and authorized repair agents.


It is my impression that it is perfectly secure and has never been
compromised. So why suddenly call it "insecure".

Secure doesn't mean "hasn't (to our knowledge) been compromised". It
means "*can't* be compromised". If we didn't know how to do the latter
that would be a different matter, but we do.


And I'll ammend my earlier remarks. In 1994 when I was recommending RSA
to them I never imagined that they'd get to nearly 2004 before it became
an issue. So they may have made the correct commercial decision.

-- Bruce