Re: Newt's phone calls

[Adam Back <aba@dcs.ex.ac.uk>]

Asgaard <asgaard@cor.sos.sll.se> writes:
> On Sun, 12 Jan 1997, Adam Back wrote:
> 
> >[...]  Anyone know how modular the design is, for instance if
> >it would be possible to give a GSM A5 based cell phone a crypto upgrade
> >using published electrical interface standards?  (I want one of those -
> >Nokia phone with IDEA + 2048 bit RSA signatures + DH forward secrecy!)
> 
> I don't understand what you are getting at here.
> This would demand cooperation from the cell phone provider,
> with a compatible device at the other end of the airwaves.

If you super-encrypted the IDEA encrypted traffic with A5, it should
not require cooperation of the cell phone provider.  You always need a
capable device at the other end.  If the phone at the other end isn't
IDEA/RSA/DH capable, you can fall back to only A5.

My question about electrical interfaces was wondering if the above
could be acheived by producing a plugable mini-smartcard, or
desolderable IC which would allow this to be done with standard GSM
phones.

> Then the call would go unencrypted through much of the
> system until it reached the callee's current cell sender
> anyway. GSM is alledgedly A5 encrypted only in the air.
> 
> And if A5 is a 'decent' algorithm or not is up to discussion.
> It hasn't been up on the list for a long time now but from
> earlier discussions I remember that the latest versions of
> A5, if not 'strong' in a crypto anarchy sense, are susceptible
> to attack only from very sophisticated adversaries and certainly
> not from Newt's 'couple'.

Not from Newt's eavesdroppers sure, but it wouldn't cost that much for
someone who wanted the traffic.  40 bits of effective key space at
most,

Adam
--
print pack"C*",split/\D+/,`echo "16iII*o\U@{$/=$z;[(pop,pop,unpack"H*",<>
)]}\EsMsKsN0[lN*1lK[d2%Sa2/d0<X+d*lMLa^*lN%0]dsXx++lMlN/dsM0<J]dsJxp"|dc`