By ROGER SNODGRASS
Monitor Assistant Editor
December 23, 2006
One of the world's oldest preoccupations, right up there with the
question of how we got here, has to do with whether anybody has been
messing with somebody's stuff.
A Los Alamos scientist who is a leading authority on the subject of
tamper detection imagines hunters returning to their cave after an
expedition and checking the ground for bear tracks. Some of these
inventive humans may have swept the ground outside their dwelling to
make it easier to spot traces of an intruder.
Later, as civilization developed, priests and magicians may have needed
ways to make sure their ritual materials or instruments had not been
contaminated by unworthy handlers.
"It was less important to stop them than it was to find out if they had
been messing around," speculated Roger Johnston, who leads a team called
Advanced Diagnostics and Instrumentation in the lab's chemistry
Johnston is not only a practitioner of seals and other devices for
ascertaining the security of nuclear materials, among the world's most
dangerous stuff to tamper with, he is also a scholar of the 7,000 years
of history behind the notion of tamper-proofing objects.
In an article in the current edition of American Scientist, Johnston has
traced the technology back to ancient Middle Eastern property contracts
written in cuneiform on clay tablets and enclosed in clay envelopes that
were stamped with the personal seals of witnesses - 3700 years ago.
"Tamper detection is a very old field, but it doesn't get a lot of
recognition or attention," he said recently. "I wanted people to
appreciate it as an interesting area that goes way back."
It is also a technology that is so common it is almost beneath notice.
Johnston estimated that on average more than 40 million seals are either
set or checked on each day in the United States. Counting tamper evident
packaging (TEP) used for drugs and other ingestible items, he wrote, the
daily number goes up to more than 200 million.
The packaging security that is now required for all over-the-counter
medicines sold in the U.S. was an outgrowth of an unsolved crime in
1982, when the death of eight people was traced to a stock of
Johnston said that TEP is surprisingly immature and easily spoofed or
defeated, considering the consequences and especially given the added
risks theoretically posed by terrorists.
A smart undergraduate student working with Johnston's team, with no
special skills and using mostly her own ideas, was recently able to fool
72 experts in the field who were unable to say which products had been
Johnston said he wasn't surprised that she was able to do that.
"What really disturbed me is how little research has been given to the
subject," he said, "especially considering that people in the
pharmaceutical industry are sitting on billions of dollars in
liabilities, if somebody tampers with them."
Johnston was honored with a LANL Fellows Prize in 2004 for his
"ingenuity" and "path-breaking work."
His team of about 10 people includes two industrial psychologists and
has recently added Jon Warner, a new technical staff member versed in
electronics and microprocessor techniques. They do work for the
International Atomic Energy Agency, the Department of State and Defense
and the intelligence community.
Johnston is also the editor of the on-line Journal of Personal Security.
He prefaced an introduction to the first edition with a mind-bending
quote from Yogi Berra that seemed to sum up the kind of thinking that is
required in the field of tamper-thwarting.
"In theory, there is no difference between theory and practice," Yogi
said. "In practice there is."
Johnston explained that physical security seems so simple, like taking
out the garbage, that if it fails, it's because somebody screwed up. In
fact, what is lacking is rigorous theory and scientific study that can
help separate the theory from how things work.
Subscribe to InfoSec News