Ian Grigg wrote:
It's like the GSM story, whereby 8 years down the track, Lucky Green cracked the crypto by probing the SIMs to extract the secret algorithm over a period of many months (which algorithm then fell to Ian Goldberg and Dave Wagner in a few hours).
In that case, some GSM guy said that, it was good because it worked for 8 years, that shows the design was good, doesn't it?
And Lucky said, now you've got to replace hundreds of millions of SIMs, that's got to be a bad design, no?
Well the point here is that the data encryption in GSM is not relevant to the people running the network. The authentication is secure, so there is no fraud, so they still get the money from network usage. Privacy was never really there since the traffic is not encrypted once it hit the base station, so the relevant government agencies can be kept happy. The encryption was only relevant to protect the consumers from each other. eric (hopefully remembering things correctly) ----- End forwarded message -----