Re: Rotenberg as the Uber Enemy

[Dave Emery <die@pig.die.com>]

Paul Pomes wrote :

> "William H. Geiger III" <whgiii@amaranth.com> writes:
> 
> |It's an intresting side note that the reason why the Cell Phones in this
> |country do not use strong crypto is because of the intervention of the FCC
> |and associated Federal LEA's.
> 
> Not that it would have mattered except to scanner owners with too much time
> on their hands.  The LEAs can intercept at the cellular base station where
> the air segment traffic is decrypted.

	While your point about link versus end to end security is
certainly most important,  LEAs have a long track record of illegal, or
at least unofficial, warrentless interceptions.  And they have bought
lots of high end scanners (ask any ICOM dealer).  Interception via the
Digital Telephony mandated interfaces is supposed to handled by a telco
employee  under the Digital Telephony act provisions and as such is
logged and on record, whilst nobody is the wiser about radio link
interceptions.   And it is a lot easier to get a wiretap warrent when
you've already got some evidence from a "very reliable confidential
informant". I don't doubt that the NSA and CIA and other related
agencies have  methods of using backdoors in switch and cross connect
software to bypass the Telco people who are supposed to be logging the
wiretap, but law enforcement in general is much less apt to have access
to these highly sensitive and classified entry points which necessarily
are closely guarded.  

	And of course nothing in US law does any good for TLAs operating
elsewhere, even though the hardware is the same or similar.

> For mobile-to-landline, the landline options are decidely minimal.  If you
> go with STU-III you have the problem of a fixed-rate 4800 baud modulation
> sucking up bandwidth.  That could be put in the base station but then the
> path is no longer end-to-end.
> 
	Unfortunately nobody has addressed this little issue.   Cellular
IP connectivity in its various flavors may help, but then you get into
the worst case latency and related queueing issues that makes data type
connections unpleasant for high quality voice.  And the person using the
cellphone has to have an external encryption and vocoding box even
though the phone has all this built in.   Of course it would have been
possible to  accomadate this if there had been a market.... 

	In fact it would be technically possible to offer a secure end
to end service connecting to existing encrypting digital cellphones
based on letting the party at the POTS end, armed with suitable software
on a PC, decrypt and demodulate the voice. The carrier would merely pass
standard encrypted voice packets back and forth between the cellphone
and the PC, persumably over a standard wireline modem to the PC. Might
be rather strange, but modern PC hardware should be able to handle this
kind of compute load easily.  I don't know if there is any provision in
current cellphone firmware for negotiating a voice privacy key in such a
way that the carrier would not know it, but I suppose that something
could be developed.

	Or alternatively special cellphone firmware could be developed
that would complete a special class of data connection to the POTS end
and shovel the existing vocoded voice packets back and forth under a DH
negotioted key.  For the cell carrier this would be a special (low
latency, fixed bandwidth, in order delivery) grade of data connection
which could be used for all kinds of things, but for the cellphone user
it would obviate the need for an external secure telephone and would
allow even small hand held digital cellphones to communicate securely
end to end. And the POTS end could be either a PC or a secure handset
based on cellphone technology that would be also useful for secure
calls on wireline connections.

	But I guess I dream, as there are those who would not appreciate
this...
							


> /pbp
>