End-to-end encrypting US GSM phones?
Lucky Green
shamrock at cypherpunks.to
Sun Dec 30 12:19:29 PST 2001
On Sat, 29 Dec 2001, Ryan Lackey wrote:
> I'm unclear why Lucky dislikes the Sectra Tiger (www.sectra.se); the
> key management is not what I'd like, but seems designed specifically
> for hierarchical military or corporate organizations, which is the only viable
> market for a EUR 2500 encrypting cellphone.
The reason why I have little faith in the Sectra Tiger is because I talked
with one of Sectra's head cryptographers. Below is a brief recap of the
conversation:
Lucky: How did Secrta solve the key distribution problem in the military
version of your product adopted by the Swedish army?
Sectra: We are using a central key server.
Lucky: How does the system respond to a failure of the central key
server?
Secrta: The hansets revert to a system-wide default key installed in the
handset at time of manufacture. The key is idential for all handsets.
Lucky: [Pause]. I see... Do you believe that a communication
system that depends for its security on the enemy ignoring your central
key server to be suitable for military applications? What if somebody
destroys the key server?
Secrta: [Visibly surprised by the question]. But we live in times of
peace! Why would anybody wish to destroy the key server?
Lucky: Right..... [I guess they no longer shoot military
suppliers who's products endanger the armed forces for treason].
-- Lucky Green <shamrock at cypherpunks.to> PGP encrypted
email preferred.
More information about the cypherpunks-legacy
mailing list