Posts

Was Quantum Entanglement Experiment Behind “Classified Cryptographic Equipment” Confusion After Antares Crash?

Yesterday evening, an Antares rocket built and operated by Orbital Sciences Corporation exploded shortly after liftoff. The rocket was intended to ferry supplies and equipment to the International Space Station. Orbital and Spacex have taken over some of the duties supplying the space station since the termination of NASA’s shuttle program.

In the early aftermath of the explosion, word came out that the crash site had to be secured because sensitive cryptographic equipment was on board:

The Cygnus mission was non-military, but the company’s Antares program manager, Mike Pinkston, said the craft included “some classified cryptographic equipment, so we do need to maintain the area around the debris in a secure manner”.

That initially struck me as odd. The International Space Station has a large number of cooperating countries, including Russia. It’s hard to imagine that the US would put sensitive equipment into the hands of cosmonauts right now, given the cool state of US-Russian relations. Of course, it would make sense for ISS communications to be encrypted in order to prevent meddling by hackers, but movement all the way to classified (and presumably military or NSA-level) encryption seems to be excessive.

This morning, we are seeing walk-back on the presence of classified equipment:

Shortly after the explosion, CNN quoted a launch director as saying that the spacecraft contained classified “crypto” equipment, but early Wednesday a NASA spokesman said by email that “We didn’t have any classified items on board.”

In trying to make sense of what could have been behind these strange statements, I ran across this interesting announcement of a new cryptographic technology that European scientists have proposed evaluating in an experiment on the space staion:

A team of European researchers have proposed a series of experiments that, if successful, could turn the International Space Station into a key relay for a quantum communications network.

The key basis of physics underlying quantum communications is entanglement. Entangled particles are connected in a way that pretty much defies common sense. If you change the spin of one of the particles, the spin of its entangled counterpart will change – even if they’re miles apart. And that change happens nearly instantaneously – at least four orders of magnitude faster than the speed of light, according to a recent experiment.

Another remarkable aspect of this technology that sounds almost too good to be true is its potential security. After noting that quantum networks are quite fragile, the Forbes article continues:

But why bother with these networks at all if they’re so fragile? The answer is pretty simple – because they’re almost perfectly secure. Here’s how it works. Let’s say that I want to send a message to New York City. My message is going to travel through normal channels, but it will be encrypted with a key. That key is transmitted via the entangled photons – so the changes I make to entangled particles on my end almost instantly show up in the particles in New York. We then compare the measurements of what I changed in my photons to those states in New York City.

Those measurements then comprise an encryption key for our communications. So even if our communications are bugged, nobody can read them without knowing that encryption key. And here’s the important thing: if somebody were to try to eavesdrop on the quantum entanglement, they would alter the spin of the photons. So the measurements I make and the measurements made in New York would be out of sync – thus letting us know that we have an eavesdropper. It also prevents us from creating an encryption key, so we don’t send any communications. Theoretically, a quantum encrypted network is almost perfectly secure. (That said, they’re not perfect, and there are some exploits.)

The announcement from the European group that they wished to carry out the experiment based on what Einstein called “spooky action over a distance” came last April. Then, in June, it was announced that China had carried out a key demonstration of concept experiment back in 2010 but waited four years to publish the result.

With China announcing progress on the technology, one would think that the West would want to accelerate its work in the area, so it would not be at all surprising if equipment for the European experiment was among the items lost when the rocket exploded. Further, one would expect that Orbital would have been told that security for that equipment would be of the very highest level. In discussing the issue of sensitive equipment among the Antares wreckage, PCWorld this morning mentioned the incident of China perhaps examining the wreckage of the US stealth helicopter that was left behind after the mission to kill Osama bin Laden. It could well be that for this crash site, keeping the debris away from prying eyes from China is behind the call for security. Note also that the experiment quite likely would have been coordinated by the European Space Agency on behalf of the European scientists, so NASA’s claim that “We didn’t have any classified items on board” could be parsed as not applying to any classified items that ESA might have had on the rocket.

You Were Warned: Cybersecurity Expert Edition — Now with Space Stations

Over the last handful of days breathless reports may have crossed your media streams about Stuxnet infecting the International Space Station.

The reports were conflations or misinterpretations of cybersecurity expert Eugene Kaspersky’s recent comments before the Australian Press Club in Canberra. Here’s an excerpt from his remarks, which you can enjoy in full in the video embedded above:

[26:03] “…[government] departments which are responsible for the national security for national defense, they’re scared to death. They don’t know what to do. They do understand the scenarios. They do understand it is possible to shut down power plants, power grids, space stations. They don’t know what to do. Uh, departments which are responsible for offense, they see it as an opportunity. They don’t understand that in cyberspace, everything you do is [a] boomerang. It will get back to you.

[26:39] Stuxnet, which was, I don’t know, if you believe American media, it was written, it was developed by American and Israel secret services, Stuxnet, against Iran to damage Iranian nuclear program. How many computers, how many enterprises were hit by Stuxnet in the United States, do you know? I don’t know, but many.

Last year for example, Chevron, they agreed that they were badly infected by Stuxnet. A friend of mine, work in Russian nuclear power plant, once during this Stuxnet time, sent a message that their nuclear plant network, which is disconnected from the internet, in Russia there’s all that this [cutting gestures, garbled], so the man sent the message that their internal network is badly infected with Stuxnet.

[27:50] Unfortunately these people who are responsible for offensive technologies, they recognize cyber weapons as an opportunity. And a third category of the politicians of the government, they don’t care. So there are three types of people: scared to death, opportunity, don’t care.”

He didn’t actually say the ISS was infected with Stuxnet; he only suggested it’s possible Stuxnet could infect devices on board. Malware infection has happened before when a Russian astronaut brought an infected device used on WinXP machines with her to the station.

But the Chevron example is accurate, and we’ll have to take the anecdote about a Russian nuclear power plant as fact. We don’t know how many facilities here in the U.S. or abroad have been infected and negatively impacted as only Chevron to date has openly admitted exposure. It’s not a stretch to assume Stuxnet could exist in every manner of facility using SCADA equipment combined with Windows PCs; even the air-gapped Russian nuclear plant, cut off from the internet as Kaspersky indicates, was infected.

The only thing that may have kept Stuxnet from inflicting damage upon infection is the specificity of the encrypted payload contained in the versions released in order to take out Iran’s Natanz nuclear facility. Were the payload(s) injected with modified code to adapt to their host environs, there surely would have been more obvious enterprise disruptions.

In other words, Stuxnet remains a ticking time bomb threatening energy and manufacturing production at a minimum, and other systems like those of the ISS at worst case. Read more