Maybe It's Snake Oil All the Way Down

John Kelsey kelsey.j at ix.netcom.com
Wed Jun 4 16:15:13 PDT 2003


At 03:50 PM 6/3/03 -0700, Eric Blossom wrote:
...
>GSM and CDMA phones come with the crypto enabled.  The crypto's good
>enough to keep out your neighbor (unless he's one of us) but if you're
>that paranoid, you should opt for the end-to-end solution.  The CDMA
>stuff (IS-95) is pretty broken: *linear* crypto function, takes 1
>second worst case to gather data sufficient to solve 42 equations in
>42 unknowns, but again, what's your threat model?  Big brother and
>company are going to get you at the base station...

Big brother has a limited budget, just like the rest of us.  If he has to 
produce a warrant or tap a wire somewhere to listen in on me, he probably 
won't bother.

The only thing protecting my cellphone calls right now is trivially-broken 
encryption, the need for some moderately expensive equipment, and some laws 
prohibiting cellphone eavesdropping.  That means that some bad guys may be 
eavesdropping now, and there's no telling how many bad guys will be doing 
so tomorrow.  Nobody here knows how much eavesdropping is being done, 
because communications intercepts can be done without leaving any record 
anywhere.  Do the police in some cities troll for interesting cellphone 
calls?  Does the NSA do that in the US, quietly?  Do Russian or French 
intelligence agencies?  How would we know?

So, what can I do about it, as an individual?  Make the cellphone companies 
build good crypto into their systems?  Any ideas how to do that?

The only way I can see getting decent security on my cellphone is to do 
something that doesn't require the rest of the world's permission or 
assistance.  The simplest version of that is to have a box at my house 
that's connected to two phone lines, and have all calls to and from my 
cellphone go through that box.  Calls to other secure cellphones can be 
encrypted end-to-end.  Calls to everyone else get encrypted between my 
phone and my box at home.  I spend a little extra for extra security, 
nobody else has to pay anything, and I can call friends on my cellphone 
without being susceptible to trivial eavesdropping.

Can the bad guys defeat this?  Sure, they can tap my landline, or bug my 
car, or do all sorts of other things.  But none of those are cheap enough 
to do to everyone, and probably none are cheap enough to do to me.  Tapping 
my landline either means interacting with the phone company, or paying 
someone to go install a tap, each of which implies a risk of getting 
caught, practical limits on how often it can be done, etc.

This also bypasses the "network effect" of encrypting phones, where you get 
approximately zero benefit from having one until they're widespread.  I 
have an old Comsec 3DES phone at home.  It's nice technology.  I think I've 
used it twice.  If you're not a cryptographer or a cocaine smuggler, you 
probably don't know anyone who owns an encrypting phone or would 
particularly want to.  Even if you'd like to improve your own privacy, you 
can't buy an end-to-end encrypting phone and improve it much.  That's what 
I'd like to see change.

...
>Eric

--John Kelsey, kelsey.j at ix.netcom.com
PGP: FA48 3237 9AD5 30AC EEDD  BBC8 2A80 6948 4CAA F259



---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com





More information about the cypherpunks-legacy mailing list