[ih] Flow Control in IP

Karl Auerbach karl at iwl.com
Tue Apr 30 11:50:58 PDT 2024 

In our early security work at SDC (circa 1972-4) we were trying to 
interpose an end-to-end encryption into ARPAnet protocols.  One aspect 
kept getting our technical goats - RFNM - Request For Next Message.  The 
reason was that this message was generated by elements (destination 
IMPS) below our encryption but needed to be delivered to elements above 
our encryption.

(I know that RFNM was supposed to from destination IMP to source IMP, 
but for reasons that I no longer remember, it ended up crossing our 
security/cryptography barrier.)

RFNM became a pejorative, or rather, was the subject of many pejorative 
outbursts by our group (Dave Kaufman, Frank Heinrich, Marv Schaeffer, 
Jerry Cole, Carl Switzky, Jerry Simon, Josie Althous, Val Schorre, John 
Scheid, Hillary X <can never remember her last name>, Jay Egglestun, 
Dave Golber, and myself.)

We had to engineer a trusted (mathematical specifications of security, 
formal verification of code against that security spec) 
hardware/software bypass around our cryptographic layer (much of which 
was in very expensive Tempest grade hardware) to deal this this.

(As our work progressed, TCP came along and we moved our work over to 
that approach, using the evolving split of an IP-like layer from the 
bottom of TCP, as a wedge into which to insert our security protocols. 
This was a much better design for our purposes when measured by Wirth's 
definitions of modularity (minimal information flow between modules). 
Our designs got easier and less Rube Goldberg - except that along the 
way we had begun to use much more complex modes of encryption (we'd call 
it blockchain today) and key management.

Apropos Hamlet's line that “There are more things in Heaven and Earth, 
Horatio, than are dreamt of in your philosophy.” the Internet grew from 
a soil rich with pranks, strange events, and  not a little romance. 
Such as this:

As that happened our network security work got moved behind multiple 
layers of guards and locked doors (and special RF containment rooms). 
That had the effect of isolating us from company management who lacked 
the clearances to come into our area.  It was at that time what some of 
us wanted to make our offices nicer - in violation of SDCs rather strict 
organizational hierarchy.  So one evening we (Carl Switzky and myself) 
found a large spool of rather nice, essentially new, white wool carpet 
that was being discarded by a super high end shop on San Vicente and I 
had an International Harvester truck large enough to carry that spool. 
It was also at that time we discovered that while the SDC guards had 
instructions not to allow things to be carried out from the buildings 
that they had no instructions about carrying things in.  And through a 
strange coincidence of the dark forces of the universe one of our group 
was working late and also had a carpet knife attached to his belt.  So 
the next day we all had really nice white wool carpet in our offices, 
inside the high security zone (we did all the offices in order to create 
plausible deniability about our role.)

	--karl--

More information about the Internet-history mailing list