From: Bill Frantz <frantz@netcom.com>
Date: Mon, 20 Jan 1997 13:42:20 -0800 (PST)
To: Adam Back <aba@dcs.ex.ac.uk>
Subject: Re: GSM crypto upgrade? (was Re: Newt's phone calls)
Message-ID: <199701202142.NAA19098@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


At 3:41 PM -0800 1/16/97, Adam Back wrote:
>Bill Frantz <frantz@netcom.com> writes:
>> At 4:39 AM -0800 1/16/97, Adam Back wrote:
>> >- PIN for phone's RSA signature keys
>>
>> It is not clear you need signatures in the secure phone case.  Eric
>> Blossom's 3DES uses straight DH for key exchange with verbal verification
>> that both ends are using the same key.
>
>How does Eric's box display the negotiated key to the user?  (I don't
>recall the pair I saw having displays).

I have not seen the production box, I am going from my memory of Eric's
preproduction description at a meeting last spring.  I hope someone who
knows what they are talking about will butt in here if I am wrong.

The box has a 3 or 4 digit display which displays "something" about the
3DES key, where "something" is some of the bits, or a hash, or ...  With 3
decimal digits, a MIM attacker has a 999 out of 1000 chance of getting
caught.

-------------------------------------------------------------------------
Bill Frantz       | Client in California, POP3 | Periwinkle -- Consulting
(408)356-8506     | in Pittsburgh, Packets in  | 16345 Englewood Ave.
frantz@netcom.com | Pakistan. - me             | Los Gatos, CA 95032, USA