At 4:39 AM -0800 1/16/97, Adam Back wrote:
- PIN for phone's RSA signature keys
It is not clear you need signatures in the secure phone case. Eric Blossom's 3DES uses straight DH for key exchange with verbal verification that both ends are using the same key. As long as the man in the middle can't imitate a familiar voice, this procedure is reasonably secure. I agree that signatures of some kind are needed to identify the phone to the cell company to prevent an all too familiar technique of stealing phone service. But this protection would not be a 3rd party cell phone upgrade. ------------------------------------------------------------------------- Bill Frantz | Client in California, POP3 | Periwinkle -- Consulting (408)356-8506 | in Pittsburgh, Packets in | 16345 Englewood Ave. frantz@netcom.com | Pakistan. - me | Los Gatos, CA 95032, USA