On Sat, 29 Dec 2001, Ryan Lackey wrote:
I'm unclear why Lucky dislikes the Sectra Tiger (www.sectra.se); the key management is not what I'd like, but seems designed specifically for hierarchical military or corporate organizations, which is the only viable market for a EUR 2500 encrypting cellphone.
The reason why I have little faith in the Sectra Tiger is because I talked with one of Sectra's head cryptographers. Below is a brief recap of the conversation: Lucky: How did Secrta solve the key distribution problem in the military version of your product adopted by the Swedish army? Sectra: We are using a central key server. Lucky: How does the system respond to a failure of the central key server? Secrta: The hansets revert to a system-wide default key installed in the handset at time of manufacture. The key is idential for all handsets. Lucky: [Pause]. I see... Do you believe that a communication system that depends for its security on the enemy ignoring your central key server to be suitable for military applications? What if somebody destroys the key server? Secrta: [Visibly surprised by the question]. But we live in times of peace! Why would anybody wish to destroy the key server? Lucky: Right..... [I guess they no longer shoot military suppliers who's products endanger the armed forces for treason]. -- Lucky Green <shamrock@cypherpunks.to> PGP encrypted email preferred.