A New Key to Locking Out Hackers

Say you’ve got a nuclear warhead sitting on top of an intercontinental ballistic missile and, for reasons we don’t even want to think about, the order comes down to fire the thing.

But there’s a problem. The software that controls the trajectory of the missile is on the fritz, and you don’t know it. So you push the red button and guess what? Nothing happens. The system has shut itself down because the software sent the wrong code to an automatic locking device.

That type of system is on nuclear weapons for two purposes: It guards against unauthorized deployment, and it ensures that all the critical components are working correctly before it can be launched.

And that set Larry Dalton to thinking. If it works for nuclear weapons, why can’t it work for all sorts of things ranging from medical equipment to computers?

Dalton, manager of the high- integrity software systems engineering department at Sandia National Laboratories in Albuquerque, turned to people at the lab who developed sophisticated locking devices for the military and asked for help.

Peter J. Frank, a mechanical engineer, threw himself into the project and came up with what the lab is calling the world’s smallest combination lock. The entire device is about the size of a button on a dress shirt, and only one out of 1 million codes will unlock it.

“In fact, one in a trillion is very doable,” Frank said.

The first locks were fabricated at the New Mexico lab in July, and a patent is pending. Lab officials hope to contract with manufacturers in about two years for mass production of the locks.

“It will be extremely cheap to manufacture,” Frank said, because it will be fabricated with the same techniques used to build integrated circuits.

The tiny lock consists of a series of six code wheels powered by electrostatic comb drives that turn electrical impulses into mechanical motion. The lock “owner,” Frank said, sets the combination to any value from one to 1 million. If the wrong value is entered, the lock shuts down the system.

Dalton sees it as a mechanical firewall that even the best computer hackers can’t get past.

“The functions of setting and controlling this little lock are electronically and physically isolated from the complex system it resides in,” Dalton said, so unless the hacker knows the code, there’s no way to break in.

He expects it to be an option on personal computers and laptops in the future. A stolen laptop with corporate secrets would be useless to anyone who does not know the code, and the lock could secure a drive on a PC for such things as medical and financial records.

“The outside world could hack on you all they want and I can guarantee that they can’t get through,” Dalton said.

Although that might be useful in computer systems where security is paramount, it probably won’t help much with the most pressing problem today: security on the Internet. Any system that is open to the public is vulnerable to hackers who can cause all sorts of mischief.

“A firewall can block things from getting through, but with a Web site you want people to get through,” said Fred B. Schneider, professor of computer science at Cornell University, who chairs a committee for the National Research Council that has been looking into computer security.

“You have to be very sophisticated about the blocking rules,” Schneider said. “You have to block by looking inside the message and figuring out if this is the sort of thing you want to get through.”

He compares it to providing physical security for a building.

“You could have a simplistic view and ask each person to produce an ID card, but after awhile you might decide you will admit only those with good character. So you have to develop some scheme to probe into this before you let the person pass.”

Instead of a mechanical lock, what is needed for Web security is firewall protection that can let people have access to the site but block harmful programs that could take over the system. And, he said, we are nowhere near there today.

But computer security is only one of many possible applications for Sandia’s miniature lock.

In the late 1980s, Dalton said, six cancer patients died in this country because radiation therapy machines delivered the wrong dose.

“The software in the machine got confused,” Dalton said. The machine “thought” it was in a calibration mode and instead of delivering 2,000 rads it bombarded the patients with 10 times that dosage. “These people died because of a malfunctioning machine,” Dalton said.

The tiny lock could do the same thing for the X-ray machine that it does for a nuclear weapon.

“It would force a complex system to demonstrate to you a verification value that shows it is not confused,” he said. “This is what we call a ‘faithful execution number.’ This lock will not even allow the X-ray generator to be turned on unless the system can generate this complex number which says the system is behaving normally.”

That type of use for the lock, Schneider said, is “more compelling” than for computer security.

But Dalton and his colleagues are convinced they will have no trouble finding markets for their lock. “We expect to find applications we haven’t even dreamed of,” Dalton said. “This has a very bright future.”

*

Lee Dye can be reached via e-mail at leedye@compuserve.com.