I can't violate my NDA, but PGPFone will be a *major* revolution for communication security. I would not be surprised to see several hundred thousands of users. PGP will plale in comparison.
I sincerely doubt this. if someone could find a way of doing voice encryption through simple idiotproof hardware adapters (I am thinking of cups that you could attach to any standard phone) the voice encryption will not be widely used, I think. there are very many PGP users right now, say at least in the tens of thousands if not hundreds of thousands. the requirements for live voice encryption are pretty significant: a fast computer and fast modem. this alone is only a subset of those people using PGP right now. also, I doubt there are going to be few people who use PGP phone but not PGP software.
I don't think CPUs and modems are an issue. When I bought my 486/DX2 more than a year ago, it was a near top of the line machine (a P66 was the only thing better and it was a lot more expensive). Now, I can look in computer shopper and see that not only is my machine not near the top of the line, it's not even "Entry Level". Pentium 75/90 systems are going for 1/3 the price I bought my computer for, and those systems have PCI buses (vs my VESA local bus), larger HDs, EDO RAM, faster video cards, etc. Assuming a baseline of a 486DX/33 or faster (like a DX4) is not unreasonable. Secondly, 14.4K modems are a dime a dozen. You can get them as low as $50 (with RPI) or $70-80 for full functionality. 28.8K modems can be bought for $150. The problem with PGPFone as I see it, is that it's an application and not a application to a protocol. To get voice encryption in large scale use will require several things IMHO 1) performance is reasonable 2) user interface is very easy to use, as easy as using a walkie talkie with a key 3) software is very easy to setup up (no knowledge of hayes commands required, no editing of slip configuration, etc) Finally, even that is not going to drive the system into a defacto ubiquitous standard unless 4) a complete, easy to read specification of the protocol used is published (perhaps as an RFC) 5) third party applications that use the protocol evolve. #5 is needed because competition between applications writers will improve the human interface of the software beyond what the PGP authors can design. (who are more likely algorithm specialists, not human interface people) 6) network independent this will be a benefit to people who want to make long distance calls over data networks. it could also be used by companies for secure teleconferencing. I would like to see a secure voice communication protocol that is divorced from the particular details of the algorithms used (although a base level of some voice compression technique + DES + RSA will have to be used) That way, new and better algorithms can be dropped in depending on the network used (modem, ipx, tcp/udp, etc) and the bandwidth required (CELP vocoder, MPEG-audio, lossless encoding, progressive PCM, etc) -Ray