From: “Carl M. Ellison” <cme@acm.org>
To: Eric Blossom <eb@comsec.com>
Message Hash: 9969f23aaacc20349e8a17442b8112c4c1fa818d49de336b96a28b3cf16697b1
Message ID: <v0300780cb062157a72d1@[168.143.8.144]>
Reply To: <3.0.3.32.19971007102724.00a499c0@labg30>
UTC Datetime: 1997-10-09 04:10:47 UTC
Raw Date: Thu, 9 Oct 1997 12:10:47 +0800
From: "Carl M. Ellison" <cme@acm.org>
Date: Thu, 9 Oct 1997 12:10:47 +0800
To: Eric Blossom <eb@comsec.com>
Subject: Re: Secure phone
In-Reply-To: <3.0.3.32.19971007102724.00a499c0@labg30>
Message-ID: <v0300780cb062157a72d1@[168.143.8.144]>
MIME-Version: 1.0
Content-Type: text/plain
Eric,
I think you can make a stronger statement.
With your phone, once you exchange the hash you have good assurance
that you have a private conversation with the person whose voice you hear.
How you determine that that is the person you think it is/should be
is a different problem.
As for proving lack of an eavesdropper, you would also need to
establish that the person's earpiece wasn't bugged, the person didn't
record the conversation to hand to someone else, ....
For my purposes, the authentication is secure enough that I'm very
pleased. The voice quality is good enough that I can recognize friends --
and if I'm calling a stranger, then the MITM is a moot point. That is, if
I'm calling a stranger named Bob, there is no way for me to tell the
difference between:
Carl -- Eve -- Bob
and
Carl -- Bob -- Eve
since both Bob and Eve are strangers to me and I don't know Bob well enough
to rule out case 2.
- Carl
+------------------------------------------------------------------------+
|Carl M. Ellison cme@acm.org http://www.clark.net/pub/cme |
|PGP: E0414C79B5AF36750217BC1A57386478 & 61E2DE7FCB9D7984E9C8048BA63221A2|
| "Officer, officer, arrest that man! He's whistling a dirty song." |
+-------------------------------------------- Jean Ellison (aka Mother) -+
Return to October 1997
Return to “The Spook <ts@dev.null>”