How the Greek cellphone network was tapped.
Florian Weimer
fw at deneb.enyo.de
Tue Jul 10 01:59:56 EDT 2007
* John Ioannidis:
> Florian Weimer wrote:
>
>> It's also an open question whether network operators subject to
>> interception requirements can legally offer built-in E2E encryption
>> capabilities without backdoors.
>>
>
> You probably meant device vendors, not network operators. The whole
> *point* of E2E security is that network operators are not involved. If
> they were, it wouldn't be end-to-end!
Uh-oh, no. The protocol characteristics don't change depending on who
is selling you the device. Many telcos have an aversion to end-to-end
protocols. Building reliable networks for ill-behaving end systems
has been a pretty recent idea (and we are still far away from a
complete solution).
There aren't any interception requirements for device vendors, either,
at least not any I'm aware of. They aren't telcos. Projects like
OpenMoko should not be affected.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list