Re: Newt's phone calls
The take on this that we won't hear is: "This is outrageous! Why don't cell-phones offer encryption to ensure our privacy?"
Cell-phone encryption is 'essential' for 'important' people. However, it is 'dangerous' in the hands of the 'citizens' (translate that to mean 'schmucks'). The government doesn't object to crack-dealers having cryptography capabilities, they just want to make sure that those crack-dealers work for the CIA (freelancers need not apply).
Toto
When I worked at Cylink we developed a product, called SecureCell which combined a standard analog cellphone (NEC I think) and a version of our SecurePhone. Despite the fact that it could thwart any but the most well funded eavesdropping we only sold a handfull. It was quite pricy (about $6,000) and required a small suitcase to tote, but even so only a few gov't agencies (mostly diplomatic) and execs thought it was worth the trouble. One problem facing such devices are the interruptions caused by cell-to-cell handoffs. These can occur even when stationary. SecureCell, I believe, used off-the-shelf line modems. I've read newer modem technologies (Spectrum and AT&T) have pretty much solved this problem. There's no reason Eric Blossom's phone encryptor can't be readily adapted to cellular to offer a secure and more reasonably priced cellular encryptor. PGP Fingerprint: FE 90 1A 95 9D EA 8D 61 81 2E CC A9 A4 4A FB A9 --------------------------------------------------------------------- Steve Schear | Internet: azur@netcom.com Lamarr Labs | Voice: 1-702-658-2654 7075 West Gowan Road | Fax: 1-702-658-2673 Suite 2148 | Las Vegas, NV 89129 | --------------------------------------------------------------------- Internet and Wireless Development 1935 will go down in history! For the first time a civilized nation has full gun registration! Our streets will be safer, our police more efficient, and the world will follow our lead in the future! --Adolf Hitler
The take on this that we won't hear is: "This is outrageous! Why don't cell-phones offer encryption to ensure our privacy?"
A full page ad from the January 14, 1997 New York Times: Dear Mr. Speaker: If you'd rather not have your phone conversation overheard and printed word for word in the newspaper, next time use an Omnipoint wireless phone instead of a cellular phone. The ad then explains that cell phone eavesdropping happnes all the time, and offers Omnipoint, "a new 100% digital wireless phone system that operates on a technology far superior to cellular. It encrypts your voice so no one can listen in on your conversations. Or capture any personal data transmissions." It's a pretty funny ad.
Steve Shear <azur@netcom.com> writes:
When I worked at Cylink we developed a product, called SecureCell which combined a standard analog cellphone (NEC I think) and a version of our SecurePhone. Despite the fact that it could thwart any but the most well funded eavesdropping we only sold a handfull. It was quite pricy (about $6,000) and required a small suitcase to tote, but even so only a few gov't agencies (mostly diplomatic) and execs thought it was worth the trouble.
One problem facing such devices are the interruptions caused by cell-to-cell handoffs. These can occur even when stationary. SecureCell, I believe, used off-the-shelf line modems. I've read newer modem technologies (Spectrum and AT&T) have pretty much solved this problem.
There's no reason Eric Blossom's phone encryptor can't be readily adapted to cellular to offer a secure and more reasonably priced cellular encryptor.
Eric's phone I thought operated as a bump in the line for landline. The phone was acting as a speaker and microphone, and also is used to make the connection via tone dial? The `bump' switched to 14.4k modem when you pressed go secure, and did A/D, D/A, encrypt, and decrypt. An encrypting cell-phone would be an interesting project. What about starting from a digital GSM phone - it already has all the A/D, and ability to maintain digital connection across hand-offs. I would have thought the extra hardware would be minimal - a RISC chip with on chip RAM and EPROM to encrypt and decrypt. GSM includes A5 encryption here, so basically the whole design is worked out - all you'd have to do is rip out the A5 chip and replace with a decent encryption system. Anyone know how modular the design is, for instance if it would be possible to give a GSM A5 based cell phone a crypto upgrade using published electrical interface standards? (I want one of those - Nokia phone with IDEA + 2048 bit RSA signatures + DH forward secrecy!) Adam -- print pack"C*",split/\D+/,`echo "16iII*o\U@{$/=$z;[(pop,pop,unpack"H*",<> )]}\EsMsKsN0[lN*1lK[d2%Sa2/d0<X+d*lMLa^*lN%0]dsXx++lMlN/dsM0<J]dsJxp"|dc`
On Sun, 12 Jan 1997, Adam Back wrote:
GSM includes A5 encryption here, so basically the whole design is worked out - all you'd have to do is rip out the A5 chip and replace with a decent encryption system. Anyone know how modular the design is, for instance if it would be possible to give a GSM A5 based cell phone a crypto upgrade using published electrical interface standards? (I want one of those - Nokia phone with IDEA + 2048 bit RSA signatures + DH forward secrecy!)
I don't understand what you are getting at here. This would demand cooperation from the cell phone provider, with a compatible device at the other end of the airwaves. Then the call would go unencrypted through much of the system until it reached the callee's current cell sender anyway. GSM is alledgedly A5 encrypted only in the air. And if A5 is a 'decent' algorithm or not is up to discussion. It hasn't been up on the list for a long time now but from earlier discussions I remember that the latest versions of A5, if not 'strong' in a crypto anarchy sense, are susceptible to attack only from very sophisticated adversaries and certainly not from Newt's 'couple'. Asgaard
Asgaard <asgaard@cor.sos.sll.se> writes:
On Sun, 12 Jan 1997, Adam Back wrote:
[...] Anyone know how modular the design is, for instance if it would be possible to give a GSM A5 based cell phone a crypto upgrade using published electrical interface standards? (I want one of those - Nokia phone with IDEA + 2048 bit RSA signatures + DH forward secrecy!)
I don't understand what you are getting at here. This would demand cooperation from the cell phone provider, with a compatible device at the other end of the airwaves.
If you super-encrypted the IDEA encrypted traffic with A5, it should not require cooperation of the cell phone provider. You always need a capable device at the other end. If the phone at the other end isn't IDEA/RSA/DH capable, you can fall back to only A5. My question about electrical interfaces was wondering if the above could be acheived by producing a plugable mini-smartcard, or desolderable IC which would allow this to be done with standard GSM phones.
Then the call would go unencrypted through much of the system until it reached the callee's current cell sender anyway. GSM is alledgedly A5 encrypted only in the air.
And if A5 is a 'decent' algorithm or not is up to discussion. It hasn't been up on the list for a long time now but from earlier discussions I remember that the latest versions of A5, if not 'strong' in a crypto anarchy sense, are susceptible to attack only from very sophisticated adversaries and certainly not from Newt's 'couple'.
Not from Newt's eavesdroppers sure, but it wouldn't cost that much for someone who wanted the traffic. 40 bits of effective key space at most, Adam -- print pack"C*",split/\D+/,`echo "16iII*o\U@{$/=$z;[(pop,pop,unpack"H*",<> )]}\EsMsKsN0[lN*1lK[d2%Sa2/d0<X+d*lMLa^*lN%0]dsXx++lMlN/dsM0<J]dsJxp"|dc`
participants (4)
-
Adam Back -
Asgaard -
azur@netcom.com -
Nelson Minar