1997-02-04 - Re: Secure Phones

Header Data

From: Peter Gutmann <pgut001@cs.auckland.ac.nz>
To: cryptography@c2.net
Message Hash: f7728037bfbb2435d1aa346f5bce684bda413ece63749c04012d6b198350c998
Message ID: <199702041456.GAA28776@toad.com>
Reply To: N/A
UTC Datetime: 1997-02-04 14:56:36 UTC
Raw Date: Tue, 4 Feb 1997 06:56:36 -0800 (PST)

Raw message

From: Peter Gutmann <pgut001@cs.auckland.ac.nz>
Date: Tue, 4 Feb 1997 06:56:36 -0800 (PST)
To: cryptography@c2.net
Subject: Re: Secure Phones
Message-ID: <199702041456.GAA28776@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


>My guess on the CESCOMM device is that they (would like us to belive that
>they) use pure RSA with optional hybrid links... this seems a bit obvious
>because of:
>
>"Guessing the unique Keys is out of the question. Acquiring the keys through
>wiretapping is impossible, since they are never transmitted." <--RSA?
 
This thing is snake oil.  What it does is move the data through an FIR filter
with the taps being controlled by a secret key.  The data itself isn't
encrypted, but is spread out over a wide spectrum in a (they hope)
difficult-to-analyse manner.  However with only 1K possible taps and
(presumably) something as high-security as an LFSR driving it, I think the
strength of the system has been overestimated somewhat.  It wasn't designed for
security at all, it was designed by an ex-Canterbury uni engineer to provide
add-on noise-immunity to fax machines, and they only decided to market it as an
encryption device later on - the designer apparently knows very little about
encryption.  I've got a photo of it, it's in a box the size of a small modem
and consists of a circuit board with an ASIC on it and a bit of interface
circuitry.
 
The company has a patent on it, but a search for the patent has so far been
unsuccessful (mind you I didn't search very hard).  If anyone wants to check it
themselves, the patent will probably be assigned to Ken Stokes of Cardinal
Encryption Services - they claim to have worldwide coverage.
 
>I emailed the German team about the LC-1... don't know if I'll hear back from
>them, but if I do, I'll pass on everything I get.
 
This is rather cool, it was designed by a couple of students at the University
of Saarbruecken.  It uses the Lintel RSA chips which are fast enough to do
real-time RSA voice encryption, either singly for 512 bits or chained for 1033
bits.  I've got a brochure somewhere which shows one of the inventors using it,
it's a small motherboard containing the RSA chip, some other unidentifiable
circuitry (presumably a modem chipset), an EPROM, etc etc.  It was done as a
research project by students who are unlikely to have put backdoors in it.  The
BSI (German NSA) were not at all happy about it.
 
It's a pretty neat product, but unfortunately due to its origins it's having
difficulty getting any market penetration.  In addition the Lintel chips are
f-ing expensive and there are many other components that go in on top of that,
I doubt the whole thing sells for less than DM 1000-1500.
 
Peter.
 







Thread