Maybe It's Snake Oil All the Way Down
bear
bear at sonic.net
Wed Jun 4 19:53:29 EDT 2003
On Tue, 3 Jun 2003, John Kelsey wrote:
>At 01:25 PM 6/3/03 -0700, Eric Blossom wrote:
>...
>>Having spent many years messing with these things, I've come to the
>>conclusion that what I personally want is a cell phone that implements
>>good end-to-end crypto. This way, I've always got my secure
>>communication device with me, there's no "bag on the side", and it can
>>be made almost completely transparent.
>
>I agree end-to-end encryption is worthwhile if it's available, but even
>when someone's calling my cellphone from a normal landline phone, I'd like
>it if at least the over-the-air part of the call was encrypted. That's a
>much bigger vulnerability than someone tapping the call at the base station
>or at the phone company. Otherwise, encrypted phone calls with the secure
>cellphone start looking a lot like encrypted e-mail with PGP--I have PGP,
>so do a few other people, but most people I want to talk to don't have it
>installed, and so most of my calls remain in the clear. This includes
>phone calls to my doctor, mother, priest, shrink, sister, lawyer, best
>friend, wife, bank, accountant, etc., e.g., all the calls I probably really
>wanted secured, and which will basically never be secured end-to-end if
>this requires each of those people to buy a special new phone, or do some
>tinkering with configuring secure phone software for their PDA. "Hmmm,
>which key size do I need? Is 1024 bits long enough? Why do I have to move
>the mouse around, again, anyway?" For essentially all of these, just
>getting to where I can use a cordless or cell phone on these calls without
>feeling like I'm broadcasting my private conversations in the clear would
>be great. Securing the other end is even better, but I'd like to do the
>part I can do now, not when the world finally realizes that unencrypted
>wireless stuff is a gaping privacy hole.
Too right. The problem is that your priest, sister, shrink, lawyer,
etc, aren't technical people. They may be concerned about privacy, but
as long as they don't understand how and why this stuff works - and
as long as there is some level of functionality they can get without
doing it - they aren't going to understand what they need to do, or
necessarily even know if they're doing it wrong or know what the risks
are.
They already remember a shared value to talk to you - your phone number.
They might be annoyed if the phone number were fifteen digits longer
(extended by a password), but they'd at least "get it" if they had to
enter the extra fifteen digits to talk to you. They wouldn't, however,
manage it like a password - it would be all over their autodial systems
and jotted down on postit notes etc.
If you wanted your end of the conversation encrypted calling from your
cell you could call a service that takes encrypted cell phone calls
and "forwards" them on a fiber trunk unencrypted for the benefit of
your sister who won't get a better phone... but if she takes the call
on her cell, or on her wireless handset, it's going to be unencrypted
on the air again at her end.
There doesn't seem to be a good solution that's fully interoperable
with the current technology.
Bear
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list