[Cryptography] The crypto behind the blackphone

Phillip Hallam-Baker hallam at gmail.com
Mon Jan 27 15:04:42 EST 2014 

On Mon, Jan 27, 2014 at 12:24 PM, Daniel Cegiełka <daniel.cegielka at gmail.com
> wrote:

> 2014-01-27 Jon Callas <jon at callas.org>:
> >
> > On Jan 26, 2014, at 10:41 PM, Daniel Cegiełka <daniel.cegielka at gmail.com>
> wrote:
>
> >> I don't know how they
> >> will solve the baseband problem (closed-source proprietary chip/RTOS
> >> running alongside e.g. Android).
> >>
> >>
> http://www.technologyreview.com/news/428632/gps-weakness-could-enable-mass-smartphone-hacking/
> >>
> http://reverse.put.as/wp-content/uploads/2011/06/basebandplayground-luismiras.pdf
> >
> > There's no way we can solve this problem for the first device. Baseband
> security is a huge problem.
> >
> >>
> >> Crypto is the smallest problem in this project.
> >
> > Absolutely! Frankly, one of the things I consider most important is
> building the phone so that the OS can be updated for a reasonable life of
> the hardware.
> >
> >         Jon
>
> What gives you the use of cryptography, if your phone is factory
> built-in backdoor (baseband)? Until not solve this problem, you can
> not say that Blackphone is really safe.
>

Yes they can.

I have no direct knowledge of the specs other than brief hints from Jon.
But it is pretty clear that this phone is going to offer application layer
encryption like the silent circle products do.

The big difference is that on this phone you can compile the code from
source and be sure there is no backdoor. Which is not really possible on
the iPhone version (though I guess someone could compile the source and
check that the deployed app matches if they provide source for that.)

There are some attacks that no application layer scheme can protect you
against. In particular, traffic analysis and metadata can't be fully
controlled, particularly for a system with a low user volume. Say there are
a million users of the phone and a thousand calls in progress at a time. if
the Feds are watching two people and one dials and the other picks up at
that very moment, they have a data point. If they do it a second time then
they have two data points. Three data points are enough to put the match
beyond reasonable doubt.

This is the attack that caught the jackass who tried to avoid a finals exam
with a bomb threat at Harvard last term. The police found that only five
people were using Tor on campus at the time. Now if the guy had been at
MIT...

I am pretty certain Jon and co have the confidentiality pretty well locked
down so that is an advance.


-- 
Website: http://hallambaker.com/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20140127/83de1a39/attachment.html>

More information about the cryptography mailing list