Obama's secure PDA
Ivan Krstić
krstic at solarsail.hcs.harvard.edu
Thu Jan 29 23:17:57 EST 2009
Multiple responses inline:
On Jan 26, 2009, at 11:26 AM, Paul Hoffman wrote:
> I too would like to hear more information on this, particularly the
> crypto that is known to be used on the Edge.
See sections 'Secure Speech Processing' and 'Interoperability' of <http://www.gdc4s.com/documents/GD-Sectera_Edge-w.pdf
>. The standard suites are used, as one would expect.
On Jan 26, 2009, at 4:56 PM, Jerry Leichter wrote:
> The FAQ, indirectly, answers the your previous question of why only
> Secret for email: Data-at-rest is encrypted using AES, which is
> only approved for Secret, not Top Secret, data.
This isn't the case; AES is approved for Top Secret with 192- or 256-
bit keys, per <http://www.cnss.gov/Assets/pdf/cnssp_15_fs.pdf>.
On Jan 26, 2009, at 9:26 PM, Steven M. Bellovin wrote:
> Quite simply, voice offers one service -- voice. Data offers many
> services, and hence many venues for data-driven attacks: email
> (which includes many MIME types) and probably clicking on URLs, web
> (which includes HMTL, gif, jpeg, perhaps png, and almost certainly
> Javascript), and perhaps data files including pdf, Word, Powerpoint,
> and Excel. Any one of those data formats is far more complex than
> even compressed voice; the union of them makes me surprised it can
> handle even Secret data... Note especially that HTML involves
> IFRAMEs and third-party images, which means inherent cross-domain
> issues.
I've thought about this, but I don't buy it. I'm a heavy user of
wireless e-mail, but I use it as nothing more than a SMTP-addressable
SMS service without a length limit. In other words, people can send me
messages from a computer and not just from a mobile handset (true in
the other direction, too), and I can read and write more than 160
characters at a time.
I'd find mobile e-mail just as useful if it went through a proxy that
stripped out _everything_ that's not plaintext. I open attachments on
my phone about once in a blue moon, and wouldn't miss the ability if
it were gone.
Cheers,
--
Ivan Krstić <krstic at solarsail.hcs.harvard.edu> | http://radian.org
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list