Re: Secure Phones
My guess on the CESCOMM device is that they (would like us to belive that they) use pure RSA with optional hybrid links... this seems a bit obvious because of:
"Guessing the unique Keys is out of the question. Acquiring the keys through wiretapping is impossible, since they are never transmitted." <--RSA?
This thing is snake oil. What it does is move the data through an FIR filter with the taps being controlled by a secret key. The data itself isn't encrypted, but is spread out over a wide spectrum in a (they hope) difficult-to-analyse manner. However with only 1K possible taps and (presumably) something as high-security as an LFSR driving it, I think the strength of the system has been overestimated somewhat. It wasn't designed for security at all, it was designed by an ex-Canterbury uni engineer to provide add-on noise-immunity to fax machines, and they only decided to market it as an encryption device later on - the designer apparently knows very little about encryption. I've got a photo of it, it's in a box the size of a small modem and consists of a circuit board with an ASIC on it and a bit of interface circuitry. The company has a patent on it, but a search for the patent has so far been unsuccessful (mind you I didn't search very hard). If anyone wants to check it themselves, the patent will probably be assigned to Ken Stokes of Cardinal Encryption Services - they claim to have worldwide coverage.
I emailed the German team about the LC-1... don't know if I'll hear back from them, but if I do, I'll pass on everything I get.
This is rather cool, it was designed by a couple of students at the University of Saarbruecken. It uses the Lintel RSA chips which are fast enough to do real-time RSA voice encryption, either singly for 512 bits or chained for 1033 bits. I've got a brochure somewhere which shows one of the inventors using it, it's a small motherboard containing the RSA chip, some other unidentifiable circuitry (presumably a modem chipset), an EPROM, etc etc. It was done as a research project by students who are unlikely to have put backdoors in it. The BSI (German NSA) were not at all happy about it. It's a pretty neat product, but unfortunately due to its origins it's having difficulty getting any market penetration. In addition the Lintel chips are f-ing expensive and there are many other components that go in on top of that, I doubt the whole thing sells for less than DM 1000-1500. Peter.
participants (1)
-
Peter Gutmann