RE: status of SMS encryption project?

2002-12-22 Thread Lucky Green 
Anonymous wrote:
> All (esp. lucky) -
> 
> I was curious what the status of the SMS encryption project 
> quoted in the below post is?
[... Quoting Lucky]
> Anyway, the project I was thinking of related to encrypting 
> SMS messages.
> I discovered that while it was possible to modify Nokia firmware to
> support SMS encryption, there were easier solutions by running the SMS
> through a PC. There are other projects underway that provide 
> encrypted SMS
> messages using a Basic STAMP computer. Sorry, I am not in a 
> position to
> disclose details at this time.

Modified firmware:
The code was never finished since easier and more maintainable solutions
exist. See below.

BASIC Stamp:
I believe that code was completed. The SMS encryption protocol (SEMS)
that grew out of that project has been published. SEMS has seen a bit of
review from the community; the protocol is sufficiently simple to
probably not hold any surprises. The protocol specs used to be at
http://www.nah6.com/SEMS 
Unfortunately, this part of the NAH6 website is currently down for
maintenance. I am told the site will be back up shortly.

In the end, firmware low-level hacks to enable SMS encryption were
obsoleted by Moore's Law. GSM smart phones/PDAs that run normal
applications are easy to obtain at a reasonable price.

Should you plan to write an SMS encryption application, you may wish to
remain compatible with SEMS -- and be it for no other reason that SEMS
has some non-zero deployed base.

Hope that helps,
--Lucky Green

Re: status of SMS encryption project?

2002-12-21 Thread Thomas Shaddack 
> I was curious what the status of the SMS encryption project quoted in the below post 
>is?
> I did some googling and saw almost nothing on the subject.

Newer GSM phones have java engines, used for ie. downloadable games.
Shouldn't it be possible to write a SMS encryption/decryption software in
Java? Then we don't have to do any firmware modifications nor any external
devices, just download a java applet to the phone.

Opinions, comments?

status of SMS encryption project?

2002-12-20 Thread Anonymous 
All (esp. lucky) -

I was curious what the status of the SMS encryption project quoted in the below post 
is?

I did some googling and saw almost nothing on the subject.

thanks


* To: Multiple recipients of list <[EMAIL PROTECTED]>
* Subject: Re: AUCRYPTO: RE: Cellular Phone Anonymity/Privacy (was Israli 
cellphone)
* From: Lucky Green <[EMAIL PROTECTED]>
* Date: Wed, 21 Apr 1999 04:22:01 -0400
* Old-Subject: Re: AUCRYPTO: RE: Cellular Phone Anonymity/Privacy (was Israli 
cellphone)
* Reply-To: [EMAIL PROTECTED]
* Sender: [EMAIL PROTECTED]

On Wed, 21 Apr 1999, Tim K wrote:
[quoting somebody]
> > Of course they can always track who you call.  They can listen in on
> > the conversation.  Thats what gpg-phone is for.  As far as anonymity
> > with the person your dialing I'm not sure.
> > > > Maybe Lucky can comment.  I know he had a Nokia Project going a 
> while
> > ago.  Certainly nothing seems to be no new ideas under the cryto 
> sun.

Seems the original post never made it to me.

Anyway, the project I was thinking of related to encrypting SMS messages.
I discovered that while it was possible to modify Nokia firmware to
support SMS encryption, there were easier solutions by running the SMS
through a PC. There are other projects underway that provide encrypted SMS
messages using a Basic STAMP computer. Sorry, I am not in a position to
disclose details at this time.

Ultimately, what we need is encrypted voice. Eric Blossom's Starium is
busy working on providing that feature for both land line telephones and
mobiles. However, no add-on crypto will defend against the location escrow
universally employed by cellular providers. As long as your mobile is
turned on, your movement will be tracked and stored, ready to be retrieved
at any time in the future upon request by law enforcement or parties
willing to incentivise the $10/hour guy with access to the database. There
seem to be few automated profiling systems in place today, but that will
change over the next few years.

-- Lucky Green <[EMAIL PROTECTED]> PGP v5 encrypted email preferred.