Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!swrinde!zaphod.mps.ohio-state.edu!casbah.acns.nwu.edu!accuvax.nwu.edu!nucsrl!telecom-request
From: CAPEK%YKTVMT.BITNET@cunyvm.cuny.edu (Peter G. Capek)
Newsgroups: comp.dcom.telecom
Subject: Re: Secure Phones
Message-ID: <16161@accuvax.nwu.edu>
Date: 17 Jan 91 16:43:21 GMT
Sender: news@accuvax.nwu.edu
Organization: TELECOM Digest
Lines: 21
Approved: Telecom@eecs.nwu.edu
X-Submissions-To: telecom@eecs.nwu.edu
X-Administrivia-To: telecom-request@eecs.nwu.edu
X-Telecom-Digest: Volume 11, Issue 46, Message 6 of 13


The discussion about Cliff Stoll's "secure line" phone call got me to
thinking again about something which has always bothered me.  Since
secure phones work by performing some sort of "encryption" (encrypting
digitized voice, switching and inverting frequency bands, etc.), and
since such a phone isn't much use unless it can talk to many others
like it, how is the key management performed?  It can't be that all
the phones use the same key, as compromising that key would render all
the phones useless (and perhaps not even be noticed).  

I don't think it can be that the key is negotiated when the call is
setup, as that would be subject to eavesdropping (although that could
be done under a universal key, but that would be subject to compromise
as above).  Various compromises are possible, but they all seem to
have either security or functional problems.  Does anyone KNOW how
this is done?  The only actually feasible solution I know of involves
a mutually trusted third party to communicate a key to both parties,
but that's not consistent with use in phone networks.


Peter Capek