Paul Pomes wrote :
"William H. Geiger III" <whgiii@amaranth.com> writes:
|It's an intresting side note that the reason why the Cell Phones in this |country do not use strong crypto is because of the intervention of the FCC |and associated Federal LEA's.
Not that it would have mattered except to scanner owners with too much time on their hands. The LEAs can intercept at the cellular base station where the air segment traffic is decrypted.
While your point about link versus end to end security is certainly most important, LEAs have a long track record of illegal, or at least unofficial, warrentless interceptions. And they have bought lots of high end scanners (ask any ICOM dealer). Interception via the Digital Telephony mandated interfaces is supposed to handled by a telco employee under the Digital Telephony act provisions and as such is logged and on record, whilst nobody is the wiser about radio link interceptions. And it is a lot easier to get a wiretap warrent when you've already got some evidence from a "very reliable confidential informant". I don't doubt that the NSA and CIA and other related agencies have methods of using backdoors in switch and cross connect software to bypass the Telco people who are supposed to be logging the wiretap, but law enforcement in general is much less apt to have access to these highly sensitive and classified entry points which necessarily are closely guarded. And of course nothing in US law does any good for TLAs operating elsewhere, even though the hardware is the same or similar.
For mobile-to-landline, the landline options are decidely minimal. If you go with STU-III you have the problem of a fixed-rate 4800 baud modulation sucking up bandwidth. That could be put in the base station but then the path is no longer end-to-end.
Unfortunately nobody has addressed this little issue. Cellular IP connectivity in its various flavors may help, but then you get into the worst case latency and related queueing issues that makes data type connections unpleasant for high quality voice. And the person using the cellphone has to have an external encryption and vocoding box even though the phone has all this built in. Of course it would have been possible to accomadate this if there had been a market.... In fact it would be technically possible to offer a secure end to end service connecting to existing encrypting digital cellphones based on letting the party at the POTS end, armed with suitable software on a PC, decrypt and demodulate the voice. The carrier would merely pass standard encrypted voice packets back and forth between the cellphone and the PC, persumably over a standard wireline modem to the PC. Might be rather strange, but modern PC hardware should be able to handle this kind of compute load easily. I don't know if there is any provision in current cellphone firmware for negotiating a voice privacy key in such a way that the carrier would not know it, but I suppose that something could be developed. Or alternatively special cellphone firmware could be developed that would complete a special class of data connection to the POTS end and shovel the existing vocoded voice packets back and forth under a DH negotioted key. For the cell carrier this would be a special (low latency, fixed bandwidth, in order delivery) grade of data connection which could be used for all kinds of things, but for the cellphone user it would obviate the need for an external secure telephone and would allow even small hand held digital cellphones to communicate securely end to end. And the POTS end could be either a PC or a secure handset based on cellphone technology that would be also useful for secure calls on wireline connections. But I guess I dream, as there are those who would not appreciate this...
/pbp