From: John Deters <jad@dsddhc.com>
Date: Thu, 9 Oct 1997 02:34:10 +0800
To: Eric Blossom <eb@comsec.com>
Subject: Re: Secure phone
In-Reply-To: <3.0.3.32.19971007102724.00a499c0@labg30>
Message-ID: <3.0.3.32.19971008132417.00b0c6d0@labg30>
MIME-Version: 1.0
Content-Type: text/plain



At 12:44 PM 10/7/97 -0700, Eric Blossom you wrote:
>I wrote:
>> Therefore, man-in-the-middle can be more precisely described as an
>> unauthenticated end-point problem.  Therefore, without authentication,
>> there is no defense (yet) against MITM attacks.
>
>I concur from the theoretical point of view.

Really, that's the only point I was attacking.  I agree that from a
practical standpoint that you probably would be able to detect a fake voice
today.

However, a weakness is a weakness, and from a practical standpoint, digital
audio technology is not getting worse as time goes on.  The phone phreaker
world has a blue box (available on the net and called bluebox, I think)
that uses the sound card to generate tones to fool phone systems into
giving them free long distance.  It also will use a recorded human voice to
"read" credit card numbers and phone numbers to a telephone operator.
While it's not perfect, it does manage to get inflection and tone properly
across.  The imperfections are ostensibly covered up by the omnipresent
telephone network noise (from which your box does not suffer.)  

It would not take an enormous amount of recorded conversation to have
enough samples to extract the complete set of hex digits from any given
speaker.  But, it would take an enormous amount of chutzpah for a MITM to
try it.

It would be easy enough to "trick" the MITM into exposing their existance
anyway, just by using digits that come up in conversation.  Humans would be
able to come up with unique situations that the MITM would find all but
impossible to predict.  "Hey, Eric, I noticed that the third digit of your
IP address' second octet is the same as the second digit of our exchange.
How's by you?"  A sudden dropout of sound (or "accidental" loss of
connection) while the MITM recognizes the trap and tries to backpedal will
be instantly noticed.  Human protocols are resilient, whereas mathematical
protocols are precise.

Having a working theory behind securing the exchange (whether or not you
implement it) makes for a nice mind exercise, anyway.  Your working boxes
are a far cry above any theory we discuss here.  If I had one of your nifty
boxes, I'm sure I wouldn't lose sleep over the theoretical holes.

John
--
J. Deters "Don't think of Windows programs as spaghetti code.  Think
          of them as 'Long sticky pasta objects in OLE sauce'."
+--------------------------------------------------------------------+
| NET:   mailto:jad@dsddhc.com (work)   mailto:jad@pclink.com (home) |
| PSTN:  1 612 375 3116 (work)          1 612 894 8507 (home)        |
| ICBM:  44^58'36"N by 93^16'27"W Elev. ~=290m (work)                |
| For my public key, send mail with the exact subject line of:       |
| Subject: get pgp key                                               |
+--------------------------------------------------------------------+