Maybe It's Snake Oil All the Way Down

John Kelsey kelsey.j at ix.netcom.com
Tue Jun 3 18:17:12 EDT 2003


At 01:25 PM 6/3/03 -0700, Eric Blossom wrote:
...
>Having spent many years messing with these things, I've come to the
>conclusion that what I personally want is a cell phone that implements
>good end-to-end crypto.  This way, I've always got my secure
>communication device with me, there's no "bag on the side", and it can
>be made almost completely transparent.

I agree end-to-end encryption is worthwhile if it's available, but even 
when someone's calling my cellphone from a normal landline phone, I'd like 
it if at least the over-the-air part of the call was encrypted.  That's a 
much bigger vulnerability than someone tapping the call at the base station 
or at the phone company.  Otherwise, encrypted phone calls with the secure 
cellphone start looking a lot like encrypted e-mail with PGP--I have PGP, 
so do a few other people, but most people I want to talk to don't have it 
installed, and so most of my calls remain in the clear.  This includes 
phone calls to my doctor, mother, priest, shrink, sister, lawyer, best 
friend, wife, bank, accountant, etc., e.g., all the calls I probably really 
wanted secured, and which will basically never be secured end-to-end if 
this requires each of those people to buy a special new phone, or do some 
tinkering with configuring secure phone software for their PDA.  "Hmmm, 
which key size do I need?  Is 1024 bits long enough?  Why do I have to move 
the mouse around, again, anyway?"  For essentially all of these, just 
getting to where I can use a cordless or cell phone on these calls without 
feeling like I'm broadcasting my private conversations in the clear would 
be great.  Securing the other end is even better, but I'd like to do the 
part I can do now, not when the world finally realizes that unencrypted 
wireless stuff is a gaping privacy hole.

...
> > And for cellphones, I keep thinking we need a way to sell a secure
> > cellphone service that doesn't involve trying to make huge changes to the
> > infrastructure, ...
>
>Agreed.  Given a suitably powerful enough Java or whatever equipped
>cell phone / pda and an API that provides access to a data pipe and
>the speaker and mic, you can do this without any cooperation from the
>folks in the middle.  I think that this platform will be common within
>a couple of years.  The Xscale / StrongARM platform certainly has
>enough mips to handle both the vocoding and the crypto.

Yep.  I have this mental picture of downloading some software for my 
PDA/cellphone, and buying a $200 box for my home, and getting a secure 
cordless phone when I'm in range, and a secure cellphone when I'm not, 
maybe with a secure voicemail system thrown in for good measure.  It seems 
like most of this is off-the-shelf technology (wireless networking, a box 
connected to two landlines, some minimal encryption and key management 
software, etc.).

When you ask for a secure call, your cellphone calls the box in your house 
(over an encrypted link), and it makes the rest of the call.  Similarly, 
when someone calls your secure phone line number, it rings at the box, and 
then gets forwarded over the encrypted link to your cellphone.  If two 
boxes like this call each other, they do end-to-end encryption.  But the 
over-the-air stuff always gets encrypted.  It sure seems like this would be 
worth putting up with a little delay in the call setup.  (But maybe there's 
some reason this won't work.)

>Eric

--John Kelsey, kelsey.j at ix.netcom.com
PGP: FA48 3237 9AD5 30AC EEDD  BBC8 2A80 6948 4CAA F259



---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com



More information about the cryptography mailing list