From: Adam Back <aba@dcs.ex.ac.uk>
Date: Mon, 20 Jan 1997 08:12:11 -0800 (PST)
To: frantz@netcom.com
Subject: Re: GSM crypto upgrade? (was Re: Newt's phone calls)
Message-ID: <199701201612.IAA12435@toad.com>
MIME-Version: 1.0
Content-Type: text/plain



Bill Frantz <frantz@netcom.com> writes:
> At 4:39 AM -0800 1/16/97, Adam Back wrote:
> >- PIN for phone's RSA signature keys
> 
> It is not clear you need signatures in the secure phone case.  Eric
> Blossom's 3DES uses straight DH for key exchange with verbal verification
> that both ends are using the same key.  

How does Eric's box display the negotiated key to the user?  (I don't
recall the pair I saw having displays).

> As long as the man in the middle can't imitate a familiar voice,
> this procedure is reasonably secure.

This is the approach taken by PGPfone also.  If the value of the
conversations was high (>$100,000?) passable voice imitation wouldn't
be that hard I suspect.

Also I thought it would be kind of cute if there were some way for
phones to exchange their signature keys `face to face' as well.

> I agree that signatures of some kind are needed to identify the phone to
> the cell company to prevent an all too familiar technique of stealing phone
> service.  But this protection would not be a 3rd party cell phone upgrade.

It's about time something was done about that problem.

Adam
--
print pack"C*",split/\D+/,`echo "16iII*o\U@{$/=$z;[(pop,pop,unpack"H*",<>
)]}\EsMsKsN0[lN*1lK[d2%Sa2/d0<X+d*lMLa^*lN%0]dsXx++lMlN/dsM0<J]dsJxp"|dc`