Starium (was Re: article: german secure phone)

Thu Jun 7 10:15:47 EDT 2001

Ryan Lackey wrote:
> 
> Quoting Bram Cohen <bram at gawth.com>:
> 
> > I heard from an investor that they decided the first box was 'not secure
> > enough' and spent a bunch more time and money building the second mox,
> > which makes it harder to do physical snooping at either end, as a result
> > of which they haven't shipped a product and are now imploding.
> 
> I was told that the primary concern was lowering unit costs.  The original
> COMSEC 3-DES phone had a unit cost of approximately USD 1000.  Build cost was
> probably something like USD 300.
> 
> The Privatel, etc. equipment seems to be USD 400-500, with a build cost of
> about USD 50-100.
> 
> Eric's goal was a chipset suitable for mobile telephony (the primary market
> for secure telephones which are not inside the STE regime) and unit cost
> of +USD 50, with USD 20 or so chip cost.  I'm sure there were a lot of
> problems with that -- FCC licensing, the difficulties of designing chips
> in general, any possible resistance from equipment/handset manufacturers,
> etc.
> 
> It is highly unclear if there is enough of a market for USD 500 terminals
> which are not mobile and do not interoperate with STE.  They are clearly
> not going to be sold into the STE marketplace.  "Privacy fetishists"
> are not a viable market for any product except maybe t-shirts with cool
> slogans.  Corporate users need more sophisticated key management
> than the current offerings.  The real value users want mobile (GSM)
> functionality.  The www.sectra.se Sectra Tiger provides decent key
> management and mobile use, but it's a USD 2 500 platform.  I think they will
> sell more USD 2 500 DECT+GSM secure units than $500 privatels, though.

A quick look at bump on the line phone security boxes and potentially
secure mobile phones brings up the question of trust.  The Privatel box
has a 1024 bit modulus, and a 256 bit private key.  Lets say they sell
20,000 boxes over the life of the product.  They all operate off the same
modulus and prime number.  There are 20K 256 bit integers for their
products.  The manufacturer knows the prime and modulus and probably has
either a list of the private key parts or an actual association between
boxes and private keys.

They get approached by a TLA, the US DOJ or a secret court with a secret
order to hand over said information.  They have an employee sell out,
or through consequence of poor management get hacked, or otherwise the
information is stolen.  

You need control over your own key exchange keys to have real security.

-- 
remove "no_spam_" from Reply-to address

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com