On Sat, 12 Apr 2003, John Kelsey wrote:
I keep thinking that the only way we're going to get strong encryption on cellphones is to make it something that individuals can do themselves. The cellphone providers have little incentive to do this well.
The telcos are often legally required to NOT do this well. We should keep in mind that the Adversary keeps the infrastructure compromised.
Ideally, the software for both the box and the phone would be open source, and no harder to set up than a VCR. In fact, this could double as a secure cordless phone, using an 802.11b card; the box chooses the cheapest method to reach your handset.
Ideally, it would be a plug-and-play thingy, a box with just a connector and the antenna.
For extra credit, if two such boxes ever talk to each other, they could do end-to-end encryption. But honestly, it's a lot more critical to get the stuff going out over the air encrypted (since that can be intercepted with very little risk of anyone noticing).
In "auto" mode, the box should ask the other side if it is a compatible box, and if yes, do a key handshake.
I wonder if such a box could become a kind of communications hub, handling (secure) voice mail, cellphone, and multiple cordless phones.
There is no reason why it couldn't. :)
And if the boxes became widespread, we'd start seeing "transparent" use of end-to-end encryption. (The only way we're ever likely to see normal, non-paranoid non-criminals using voice encryption very often is if it's just something that happens automatically and painlessly.)
The Adversary won't like this. This is another reason why the design has to be completely open and widely published. I can imagine a government shutting down a corporation or an individual enterpreneur. I can't imagine a government successfully shutting down eg. Linux movement, DeCSS, pr PGP. Asymmetrical warfare in its best :)