[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Crypto not being used where needed

To: [email protected]
Subject: Re: Crypto not being used where needed
From: [email protected] ([email protected] +1-510-484-6204)
Date: Mon, 10 Jan 94 20:21:07 EST

h
There are two different problems with eavesdropping cellular calls:
- trying to find a *specific* person's calls
- trying to find any interesting call.
The former is still hard, but if unencrypted cellular credit-auth
boxes become widespread, all you'll have to do is set your scanner to
listen for 1200-baud tones and match for patterns that look like
credit-card requests, since you don't really mind *who* you rip off.
This is not good.  One way around it is to use public-key crypto;
however, simple symmetric-key crypto with different keys per vendor
should be adequate, and the paper-trail for setting up credit-card service
gives you a key distribution mechanism.

Prev by Date: Re: Forged messages part of "Operation"?
Next by Date: Re: Crypto not being used where needed
Prev by thread: Re: Crypto not being used where needed
Next by thread: Beware of forged messages
Index(es):
- Date
- Thread