[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Mass-market crypto phones



At 11:50 AM 11/22/96 -0800, Sean Roach wrote:
>At 09:10 AM 11/21/96 -0500, Clay Olbon II wrote:
>>A while back, Eric Blossom posted a URL for a mass-market, phone encyrption
>>device (http://www.comsec.com/)...

>At first this seemed to be a challenging goal as public key encryption (at
>least the type of which I am aware) requires a public key ring, but then I
>thought, what would be the point in real time communitation?

Both Eric's product and PGPhone use Diffie-Hellman key exchange.  They
protect against man-in-the-middle attacks by displaying (part of) the
resulting symmetric key and having the phone's users verify they are both
working with the same key in the conversation.  Until the AIs/eavesdroppers
get good enough to imitate a person on the phone, this verification
technique is good enough.


-------------------------------------------------------------------------
Bill Frantz       | The lottery is a tax on    | Periwinkle -- Consulting
(408)356-8506     | those who can't do math.   | 16345 Englewood Ave.
[email protected] |       - Who 1st said this? | Los Gatos, CA 95032, USA