[13408] in cryptography@c2.net mail archive
Re: Maybe It's Snake Oil All the Way Down
daemon@ATHENA.MIT.EDU (Eric Young)
Tue Jun 3 14:39:25 2003
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
Date: Wed, 04 Jun 2003 01:05:24 +1000
From: Eric Young <eay@pobox.com>
To: iang@systemics.com
Cc: EKR <ekr@rtfm.com>, Eric Murray <ericm@lne.com>,
Scott Guthery <sguthery@mobile-mind.com>,
Rich Salz <rsalz@datapower.com>,
Bill Stewart <bill.stewart@pobox.com>,
cypherpunks <cypherpunks@lne.com>, cryptography@metzdowd.com
In-Reply-To: <3EDC9725.6588CFEA@systemics.com>
Ian Grigg wrote:
>It's like the GSM story, whereby 8 years
>down the track, Lucky Green cracked the
>crypto by probing the SIMs to extract
>the secret algorithm over a period of
>many months (which algorithm then fell to
>Ian Goldberg and Dave Wagner in a few hours).
>
>In that case, some GSM guy said that, it
>was good because it worked for 8 years,
>that shows the design was good, doesn't
>it?
>
>And Lucky said, now you've got to replace
>hundreds of millions of SIMs, that's got
>to be a bad design, no?
>
>
Well the point here is that the data encryption in GSM is not relevant to
the people running the network. The authentication is secure,
so there is no fraud, so they still get the money from network
usage. Privacy was never really there since
the traffic is not encrypted once it hit the base station, so the
relevant government agencies can be kept happy.
The encryption was only relevant to protect the consumers
from each other.
eric (hopefully remembering things correctly)
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
