At 01:25 PM 6/3/03 -0700, Eric Blossom wrote: ...
Having spent many years messing with these things, I've come to the conclusion that what I personally want is a cell phone that implements good end-to-end crypto. This way, I've always got my secure communication device with me, there's no "bag on the side", and it can be made almost completely transparent.
I agree end-to-end encryption is worthwhile if it's available, but even when someone's calling my cellphone from a normal landline phone, I'd like it if at least the over-the-air part of the call was encrypted. That's a much bigger vulnerability than someone tapping the call at the base station or at the phone company. Otherwise, encrypted phone calls with the secure cellphone start looking a lot like encrypted e-mail with PGP--I have PGP, so do a few other people, but most people I want to talk to don't have it installed, and so most of my calls remain in the clear. This includes phone calls to my doctor, mother, priest, shrink, sister, lawyer, best friend, wife, bank, accountant, etc., e.g., all the calls I probably really wanted secured, and which will basically never be secured end-to-end if this requires each of those people to buy a special new phone, or do some tinkering with configuring secure phone software for their PDA. "Hmmm, which key size do I need? Is 1024 bits long enough? Why do I have to move the mouse around, again, anyway?" For essentially all of these, just getting to where I can use a cordless or cell phone on these calls without feeling like I'm broadcasting my private conversations in the clear would be great. Securing the other end is even better, but I'd like to do the part I can do now, not when the world finally realizes that unencrypted wireless stuff is a gaping privacy hole.
...
> And for cellphones, I keep thinking we need a way to sell a secure > cellphone service that doesn't involve trying to make huge changes to the > infrastructure, ...
Agreed. Given a suitably powerful enough Java or whatever equipped cell phone / pda and an API that provides access to a data pipe and the speaker and mic, you can do this without any cooperation from the folks in the middle. I think that this platform will be common within a couple of years. The Xscale / StrongARM platform certainly has enough mips to handle both the vocoding and the crypto.
Yep. I have this mental picture of downloading some software for my PDA/cellphone, and buying a $200 box for my home, and getting a secure cordless phone when I'm in range, and a secure cellphone when I'm not, maybe with a secure voicemail system thrown in for good measure. It seems like most of this is off-the-shelf technology (wireless networking, a box connected to two landlines, some minimal encryption and key management software, etc.).
When you ask for a secure call, your cellphone calls the box in your house (over an encrypted link), and it makes the rest of the call. Similarly, when someone calls your secure phone line number, it rings at the box, and then gets forwarded over the encrypted link to your cellphone. If two boxes like this call each other, they do end-to-end encryption. But the over-the-air stuff always gets encrypted. It sure seems like this would be worth putting up with a little delay in the call setup. (But maybe there's some reason this won't work.)
Eric
--John Kelsey, [EMAIL PROTECTED] PGP: FA48 3237 9AD5 30AC EEDD BBC8 2A80 6948 4CAA F259
--------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
