Re: PRZ encrypted voice software release imminent
-----BEGIN PGP SIGNED MESSAGE----- In article <199508110254.TAA02204@netcom14.netcom.com>, vznuri@netcom.com ("Vladimir Z. Nuri") wrote:
as if PRZ is not already enough of a folk hero.... BTW, he has been beat by Nautilus, right? Nautilus is public domain, right? (I'm thinking of that public domain voice encryption released a few mos ago). I wonder if he is going to try to put a "spin" on this one to differentiate it from the other one. on the other hand, just having his name on it is plenty of "spin"...
I can't violate my NDA, but PGPFone will be a *major* revolution for communication security. I would not be surprised to see several hundred thousands of users. PGP will plale in comparison. - -- - -- Lucky Green <mailto:shamrock@netcom.com> PGP encrypted mail preferred. - --- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address corresponding to the signature and forwarded.] -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Gratis auto-signing service iQBFAwUBMCr8YioZzwIn1bdtAQH+qQF/bA4povjtixKhIxak+M7aCYmbdMjj9U3r azryqeapO4A2vYc4qEnP1zLmp83ceMUV =W9y9 -----END PGP SIGNATURE-----
-----BEGIN PGP SIGNED MESSAGE-----
In article <199508110254.TAA02204@netcom14.netcom.com>, vznuri@netcom.com ("Vladimir Z. Nuri") wrote:
as if PRZ is not already enough of a folk hero.... BTW, he has been beat by Nautilus, right? Nautilus is public domain, right? (I'm thinking of that public domain voice encryption released a few mos ago). I wonder if he is going to try to put a "spin" on this one to differentiate it from the other one. on the other hand, just having his name on it is plenty of "spin"...
I can't violate my NDA, but PGPFone will be a *major* revolution for communication security. I would not be surprised to see several hundred thousands of users. PGP will plale in comparison.
My question is, how portable is it, and does it work over TCP/IP rather than just modem connections (I suggested this about a year ago)? My ideal implementation would function on the following architectures: Unix: can be used through either /dev/tty?? or Socket (probably want to use UDP). Works on Solaris, IRIX, AIX, NetBSD/FreeBSD/BSDI and Linux. (audio devices are all proprietary) Windows: uses Window's sound card device drivers, works via either comport or WinSock Mac: uses Mac sound drivers, uses Mac modem port or MacTCP I'm looking for someting that has the look and feel of Internet Phone (but ported to multiple platforms) with encryption. -Ray
Ray Cromwell writes: | Unix: can be used through either /dev/tty?? or Socket (probably want | to use UDP). Works on Solaris, IRIX, AIX, NetBSD/FreeBSD/BSDI and Linux. | (audio devices are all proprietary) AudioFile could be one way around the proprietary audio device problem - have a look for "AF" on archie Martin
In article <199508110254.TAA02204@netcom14.netcom.com>, vznuri@netcom.com ("Vladimir Z. Nuri") wrote:
as if PRZ is not already enough of a folk hero.... BTW, he has been beat by Nautilus, right? Nautilus is public domain, right? (I'm thinking of that public domain voice encryption released a few mos ago). I wonder if he is going to try to put a "spin" on this one to differentiate it from the other one. on the other hand, just having his name on it is plenty of "spin"...
I can't violate my NDA, but PGPFone will be a *major* revolution for communication security. I would not be surprised to see several hundred thousands of users. PGP will plale in comparison.
-- -- Lucky Green <mailto:shamrock@netcom.com> PGP encrypted mail preferred. --- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address corresponding to the signature and forwarded.]
This doesn't fall into line with the "mainstream" of personal computing, of course, but does anyone know if there is a planned release for a Linux version, preferably with SoundBlaster support? I mention Soundblaster support because, even though it's old, it seems to be the standard, at least indirectly. The GUS has a Soundblaster emulation mode, for instance, if I'm not mistaken. Of course I suppose the real reason I'm asking is because I run Linux and have a Soundblaster. :)
I can't violate my NDA, but PGPFone will be a *major* revolution for communication security. I would not be surprised to see several hundred thousands of users. PGP will plale in comparison.
I sincerely doubt this. if someone could find a way of doing voice encryption through simple idiotproof hardware adapters (I am thinking of cups that you could attach to any standard phone) the voice encryption will not be widely used, I think. there are very many PGP users right now, say at least in the tens of thousands if not hundreds of thousands. the requirements for live voice encryption are pretty significant: a fast computer and fast modem. this alone is only a subset of those people using PGP right now. also, I doubt there are going to be few people who use PGP phone but not PGP software. the real holy grail for voice communication encryption is when this stuff starts to get integrated into the real phone system, or people start making hardware that is cheap and self contained and idiot proof. "but it's difficult to make anything foolproof, because fools are so ingenious" <g> the actual phone networks, because of political pressure, certainly are probably going to be the last entities on earth to use hardware that makes encryption built in. (well, assuming they don't get all that cash from the government to built in key escrow). what I think would be cool, and I'm sure everyone here would agree, is a "back door" way to encryption. one example: it used to be that slip providers were charging a lot of money. then the authors of TIA (Internet Adaptor) discovered they could simulate SLIP over a unix shell account without a significant performance penalty (i.e. it was possible). voila!! slip for everyone, *regardless* of what the provider wants or tries to manage. then, someone did this for *free* in public domain SLiRP software. this is an extremely useful model: "big fish provider" gives a capability that people want, namely processing time and disk space. they think they can regulate the uses of their system, but if there is enough degrees of freedom, they cannot, and people can actually simulate the services they want on the system regardless of what the system operators wish to control or not control. with the phone system, the analogy is that the communication networks are providing bandwidth, and while they would like to control things like voice vs. data vs. encryption, they *cannot* if their capabilities are suitably diverse (and it is virtually impossible for them *not* to be). when someone invents cheap hardware that you can just plug on top of any existing phone, i.e. "the phone adaptor", TPA?, *that's* when the world is going to go crazy with crypto. all this stuff that requires lots of hardware can be used, but the thing that will cause *everyone* to use it is when someone invents a TPA. I'm very, very surprised that no one has tried to do this yet. ~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^ \ / ~/ |\| | | |> | : : : : : : Vladimir Z. Nuri : : : : <vznuri@netcom.com> \/ ./_.| | \_/ |\ | : : : : : : ftp://ftp.netcom.com/pub/vz/vznuri/home.html
I can't violate my NDA, but PGPFone will be a *major* revolution for communication security. I would not be surprised to see several hundred thousands of users. PGP will plale in comparison.
I sincerely doubt this. if someone could find a way of doing voice encryption through simple idiotproof hardware adapters (I am thinking of cups that you could attach to any standard phone) the voice encryption will not be widely used, I think. there are very many PGP users right now, say at least in the tens of thousands if not hundreds of thousands. the requirements for live voice encryption are pretty significant: a fast computer and fast modem. this alone is only a subset of those people using PGP right now. also, I doubt there are going to be few people who use PGP phone but not PGP software.
I don't think CPUs and modems are an issue. When I bought my 486/DX2 more than a year ago, it was a near top of the line machine (a P66 was the only thing better and it was a lot more expensive). Now, I can look in computer shopper and see that not only is my machine not near the top of the line, it's not even "Entry Level". Pentium 75/90 systems are going for 1/3 the price I bought my computer for, and those systems have PCI buses (vs my VESA local bus), larger HDs, EDO RAM, faster video cards, etc. Assuming a baseline of a 486DX/33 or faster (like a DX4) is not unreasonable. Secondly, 14.4K modems are a dime a dozen. You can get them as low as $50 (with RPI) or $70-80 for full functionality. 28.8K modems can be bought for $150. The problem with PGPFone as I see it, is that it's an application and not a application to a protocol. To get voice encryption in large scale use will require several things IMHO 1) performance is reasonable 2) user interface is very easy to use, as easy as using a walkie talkie with a key 3) software is very easy to setup up (no knowledge of hayes commands required, no editing of slip configuration, etc) Finally, even that is not going to drive the system into a defacto ubiquitous standard unless 4) a complete, easy to read specification of the protocol used is published (perhaps as an RFC) 5) third party applications that use the protocol evolve. #5 is needed because competition between applications writers will improve the human interface of the software beyond what the PGP authors can design. (who are more likely algorithm specialists, not human interface people) 6) network independent this will be a benefit to people who want to make long distance calls over data networks. it could also be used by companies for secure teleconferencing. I would like to see a secure voice communication protocol that is divorced from the particular details of the algorithms used (although a base level of some voice compression technique + DES + RSA will have to be used) That way, new and better algorithms can be dropped in depending on the network used (modem, ipx, tcp/udp, etc) and the bandwidth required (CELP vocoder, MPEG-audio, lossless encoding, progressive PCM, etc) -Ray
-----BEGIN PGP SIGNED MESSAGE----- On Fri, 11 Aug 1995, Vladimir Z. Nuri wrote:
the real holy grail for voice communication encryption is when this stuff starts to get integrated into the real phone system, or people start making hardware that is cheap and self contained and idiot proof. "but it's difficult to make anything foolproof, because fools are so ingenious" <g>
This can be done with hacked telephones probably. A switch in the telphones that then takes the line over turning it into a data connection and negotiating keys etc.. with the remote side which would have a similiarly equipped telephone. It may already be done, but rather prohibitevly expensive for common use.
this is an extremely useful model: "big fish provider" gives a capability that people want, namely processing time and disk space. they think they can regulate the uses of their system, but if there is enough degrees of freedom, they cannot, and people can actually simulate the services they want on the system regardless of what the system operators wish to control or not control.
not true really, most providers shut off accounts that run SLIRP if they also offer SLip/PPP service to customers. I know MCSnet did. but SLIP/PPP was only five dollars more a month and offered much better performance. "I regret that I have but six orifices to give you" -Nesta Stubbs /-/ a s t e http://www.mcs.net/~nesta/home.html Angeli Caduti Assasin -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBMCueoDMPw/Yr5YDZAQEfRgQAjmBFu4Oqg4XhIh+pG2/smvP7Eg8/cHP/ bgrtErzQudyjre5Bxind0AK54fGdsJf21kZK0BESxgspA9+K5w/970UfyVFTwIaL LTQgSdqezyMx3S0HMJYoWvH5xJ3sOmHMGnq7n3hQVFoBMaVCfvUnUiUJodPr5Wd0 /TXBL5TSUSM= =6qJf -----END PGP SIGNATURE-----
On Fri, 11 Aug 1995, Vladimir Z. Nuri wrote:
when someone invents cheap hardware that you can just plug on top of any existing phone, i.e. "the phone adaptor", TPA?, *that's* when the world is going to go crazy with crypto.
It's closer than you think. I've been messing with TI's Digital Signal Processing DSK. For $99 you get a DSP with audio in, audio out and 10k of memory. Reference implementations of : DTMF encoders/decoders; 300, 1200, 2400 baud modem programs; and voice processing software already exist. The TI Linear Products Transmission, Switching, Subscriber, and Transient Suppressors Data Book is sitting on my desk along with the Data Transmission and Control Circuits (etc) Data Book. Combined with the pinouts and software that came with DSP DSK I've been painfully trying to piece together how one might glue up a telephone interface. Unfortunately, I'm a software guy and am still learning. In any case, assuming Joe STUD Hardware Guy was willing to make a daughterboard with a 64k memory module (10k is just not enough) with an FCC approved telephone interface (available from parts suppliers). You could have a 25 MIPS based personal STU. I'm envisioning a 'black box' with two RJ-11 jacks which daisy chained in with your phone like a modern modem. Triggering key exchange could be a simple DTMF sequence. Ultimately, the device could be combined into a single board eliminating parts, reducing space, and lowering power supply requirments. The DSP DSK currently needs ~14 Volts AC. I'd like to see that black box portable and able to use some nine volt or AA batteries.
all this stuff that requires lots of hardware can be used, but the thing that will cause *everyone* to use it is when someone invents a TPA. I'm very, very surprised that no one has tried to do this yet.
In any case, I'm trying to do it, but my efforts will never realise a commericial result. I just don't have the money to buy parts in bulk, and without doing that units would be $200-$500 each.
On Fri, 11 Aug 1995, David Neal wrote:
On Fri, 11 Aug 1995, Vladimir Z. Nuri wrote:
when someone invents cheap hardware that you can just plug on top of any existing phone, i.e. "the phone adaptor", TPA?, *that's* when the world is going to go crazy with crypto.
It's closer than you think. I've been messing with TI's Digital Signal Processing DSK. For $99 you get a DSP with audio in, audio out and 10k of memory. Reference implementations of : DTMF encoders/decoders; 300, 1200, 2400 baud modem programs; and voice processing software already exist.
It would be interesting to create a hardware device which is interoperable with PGPFone but uses a DSP chip and a slower control processor. I can easilly imagine $100-$150 as a reasonable range. I will be really curious to see what kind of voice coder they are using in PGPFone...I assume it is some flavor of CELP. -Thomas
participants (8)
-
David Neal -
Jason Burrell -
Martin Hamilton -
Nesta Stubbs -
Ray Cromwell -
shamrock@netcom.com -
Thomas Grant Edwards -
Vladimir Z. Nuri