Re: Instant Ciphertext-Only Cryptnalysis of GSM Encrypted Communication
From: Douglas A. Gwyn (DAGwyn_at_null.net)
Date: 09/06/03
- Next message: Tom St Denis: "Re: Factoring program"
- Previous message: Mok-Kong Shen: "Re: Factoring program"
- In reply to: Mok-Kong Shen: "Re: Instant Ciphertext-Only Cryptnalysis of GSM Encrypted Communication"
- Next in thread: Mok-Kong Shen: "Re: Instant Ciphertext-Only Cryptnalysis of GSM Encrypted Communication"
- Reply: Mok-Kong Shen: "Re: Instant Ciphertext-Only Cryptnalysis of GSM Encrypted Communication"
- Reply: Ulrich Wurst: "Re: Instant Ciphertext-Only Cryptnalysis of GSM Encrypted Communication"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sat, 06 Sep 2003 08:22:41 -0400
Mok-Kong Shen wrote:
> What was meant also indirectly is: With all the work
> on security by the people in the cellphone business, why
> isn't a general attempt undertaken to e.g. leave
> some space in memory such that a user could do some
> programming of his own, for example, to do some encryption
> for his SMS?
?? You don't get security by letting the end user program
the processor.
In fact there have been cellular telephones that support
various forms of cryptosecurity. But you need to be part
of the key management system.
> As an aside, in a past thread of the group someone claimed
> that the more modern types of cellphones maintain contact
> with base stations even if switched off by the user, unless
> the battery is removed. (An article in the German
> newspaper Computer Zeitung long ago had an interview
> with someone of BSI who also recommended the removal
> of batteries in cases needed.) This would enable constant
> tracking of people, excepting those who take the pain
> to remove batteries. (This is fine for the children,
> though. I read that in UK there is now business offering
> finding the location of children to parents.)
Actually it's not fine for anybody. If a business can
track your kids, so can a stalker.
The requirement for tracking was imposed by government(s)
without much notice being paid by the news media.
> BTW, another very dumb question: It is said that there
> are export and non-export version of the encryption
> algorithm involved. Is it that there again the US export
> regulations are playing a role? If yes, is eventually
> Kasumi also subject to US regulations (it's a
> Japanese developement, though, if I don't err)?
Not just US regulations.
The US has for the most part employed different modulation
systems from the Europeans, not usually out of considerations
of preventing technology transfer. The original US analog
scheme was pushed out the door despite expert testimony of
the *ease* of intercept, basically a CB radio with different
crystal. The FCC's response was to push for legislation
outlawing interception, instead of requiring that a secure
design be used. The whole subject is rather sickening.
Products sold within the US are subject to US regulations.
> Anyway, it seems that the subject line of this thread
> is a good reminder of the (trivial) fact that, for stuffs
> that are really critical, anything short of end-to-end
> encryption can never be good.
Or that even end-to-end encryption might not be sufficient.
- Next message: Tom St Denis: "Re: Factoring program"
- Previous message: Mok-Kong Shen: "Re: Factoring program"
- In reply to: Mok-Kong Shen: "Re: Instant Ciphertext-Only Cryptnalysis of GSM Encrypted Communication"
- Next in thread: Mok-Kong Shen: "Re: Instant Ciphertext-Only Cryptnalysis of GSM Encrypted Communication"
- Reply: Mok-Kong Shen: "Re: Instant Ciphertext-Only Cryptnalysis of GSM Encrypted Communication"
- Reply: Ulrich Wurst: "Re: Instant Ciphertext-Only Cryptnalysis of GSM Encrypted Communication"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
