[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: (Off Topic) Re: FCC_ups
David Wagner wrote:
| The *real* challenge: how do you support sender- and recipient- anonymous
| phone calls with strong security? Have fun.
Caller calls 1-900-stopper via an international callback
service. Caller uses Stopper to reach callee's phone number. Callee,
taking responsibility for their own privacy, uses a forward that she
placed on a pay phone in Grand Central to a cheese box* in the
Seychelles to her real phone.
Oh, you want authentication and MITM protection?
Only caller<-->callee needs authentication, for the DH key that
they share for the call. The other encryption is point to point
transport layer stuff; its nice that its there, but a MITM can listen
in, and only get one or two phone #s. The chain is as strong as its
strongest link, namely the photuris style authentication of the
caller<->callee.
(A cheese box is a forwarder that works outside of the switch; call
#1, it dials #2, then connects it to line 1. So called because the
first one the police found was in a cheese box.)
Adam
--
"It is seldom that liberty of any kind is lost all at once."
-Hume