[87778] in Cypherpunks

home help back first fref pref prev next nref lref last post

Re: Secure phone

daemon@ATHENA.MIT.EDU (Eric Blossom)
Mon Oct 6 16:37:39 1997

Date: Mon, 6 Oct 1997 12:17:25 -0700
From: Eric Blossom <eb@comsec.com>
To: aba@dcs.ex.ac.uk
Cc: frantz@netcom.com, cypherpunks@Algebra.COM
In-Reply-To: <199710061757.SAA01293@server.test.net> (message from Adam Back on Mon, 6 Oct 1997 18:57:44 +0100)
Reply-To: Eric Blossom <eb@comsec.com>

> Bill Frantz <frantz@netcom.com> writes:
> > At 6:25 PM -0700 10/5/97, Adam Back wrote:
> > >On the other hand, using persistent key public key crypto, Tim has
> > >been signing his posts recently, and I have an ancient public key of
> > >his stashed away which his new key is signed with.  If we were able to
> > >construct a protocol to bolt on top of the reading of hashes, we could
> > >have much greater protection against MITM.
> > 
> > Of course if you can use PGP as well as the secure phone, you can use PGP
> > to exchange a pad of one-time passwords.
> 
> The passwords alone don't do you any good: if you read them out over
> the phone, Eve can just repeat them.

There's no reason you couldn't use the passwords in a bidirectional
challenge/response scenario.  The units can pass (optionally
encrypted) control messages back and forth while in secure voice mode.

Eric


home help back first fref pref prev next nref lref last post