The drumbeat against anonymity continues....

Richard Parratt rparratt at
Thu Feb 9 02:12:00 PST 1995

Allen B. Ethridge wrote:

> The technology to reduce cellular fraud, through encryption and
> authentication, is easily implementable, but for some reason neither
> the operating companies nor the manufacturers want it.
> In contrast, European cellular (GSM) products do implement
> encryption and authentication (at least as far as laws allow).
> GSM mobile phones can be equipped with a slot for a card that
> identifies the subscriber.  Billing is based on the subscriber's
> identity, not the phone's.

Actually, all GSM phones use a smart card to ID the subscriber.
There was at one point the idea that this card would be useful
for other things, e.g. you could plug it into a fixed line
phone and have that phone take on your personal number, or even
use it as a payment card. However, the desire for ever smaller
phones means that the credit card form factor is dying out for SIM
cards, and one doesn't want to keep popping a 0.5" x 1" mini-SIM
out of the bowels of the phone.

GSM uses less than strong encryption, by the way. I forget the
technical details, but it is of the level that governments can
fairly readily crack, but beyond the reach of most private
organisations. (So no more 'Squidgy-gate'). It would, however,
be quite feasible to add additional second stage encryption
to phones (since the dataflow is digital point-point). I wonder
if Nokia, a Finnish company well outside the scope of COCOM,
might offer a feature like this.

Incidentally, is there likely to be any adoption of GSM
in the US in the near future?

Richard Parratt

More information about the cypherpunks-legacy mailing list