[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Streams, Voice, and Sensitive Dependence

On Fri, 4 Dec 1998, Michael Motyka wrote:

> > http://www.starium.com
> > 14.4 modem, awsome sound quality, 2048 bit DH, 3DES.
> The web site is pretty sparse. No wonder I couldn't find them before - I
> was looking for "Starion" a while back. I'll call them next week -
> they're practically local. What's the approximate price?

The company used to be called Comsec. http://www.comsec.com/ They've
expanded and are working on the next revision of the product. The old
version was $750 each. The new version will be a lot less expensive. When
you call, ask for Eric Blossom. (831) 333-9393  x12
> I have another question for you:
> I thought I was a real whiz kid a few years back when I figured out that
> by using an agreed upon startup key then using a "random" public/private
> key pair generated by the SW, two voice stations could exchange a
> "random" session key. With thumbscrews and the rack you could not get
> the session key. Even the dreaded rubber hose would fail. The startup
> key protected the PK. The ultimate security was as good as the PK
> portion. The conversation was practically pre-shredded.
> I was bummed when I discovered this had already been patented and was
> called EKE.
> Does the Starium phone accomplish this effect?

Starium's current generation phone encryption device, the GSP8191,
performs a 2048 bit DH key exchange to establish a 3DES session key. Each
party then reads out half of the hash. If the hashes match, you know that
you are not subject to an MIM attack. The system has perfect forward
secrecy. Thumb screws will have no effect. :-)

-- Lucky Green <[email protected]> PGP v5 encrypted email preferred.