Path: utzoo!utgpu!news-server.csri.toronto.edu!bonnie.concordia.ca!uunet!zaphod.mps.ohio-state.edu!casbah.acns.nwu.edu!accuvax.nwu.edu!nucsrl!telecom-request
From: roeber@cithe1.cithep.caltech.edu (Frederick Roeber)
Newsgroups: comp.dcom.telecom
Subject: Re: Secure Phones
Message-ID: <16214@accuvax.nwu.edu>
Date: 19 Jan 91 16:19:23 GMT
Sender: news@accuvax.nwu.edu
Organization: California Institute of Technology, Pasadena
Lines: 31
Approved: Telecom@eecs.nwu.edu
X-Submissions-To: telecom@eecs.nwu.edu
X-Administrivia-To: telecom-request@eecs.nwu.edu
X-Telecom-Digest: Volume 11, Issue 50, Message 11 of 11


In article <16161@accuvax.nwu.edu>, CAPEK%YKTVMT.BITNET (Peter G. 
Capek) writes:

> secure phones work by performing some sort of "encryption" (encrypting
> digitized voice, switching and inverting frequency bands, etc.), and

[digital encryption, actually]

> since such a phone isn't much use unless it can talk to many others
> like it, how is the key management performed? ...
> ... The only actually feasible solution I know of involves
> a mutually trusted third party to communicate a key to both parties,
> but that's not consistent with use in phone networks.

Yes, it is.  When a call is made secure, both ends call the control
computer, which issues them the digital key to use for their
conversation.  These calls to the computer are encrypted, of course.
During each such call, the computer tells the phone what key to use
the next time it calls the computer.  So all you have to do is
initialize each phone with the first key it'll need.  This is done by
putting the number in a chip, which is mounted in a key-shaped hunk of
plastic.  Carry the "key" to the phone in some secure manner, plug it
in and turn.  Periodically -- I think per annum -- this is repeated to
re-initialize the phone.  The encryption algorithm used is considered
so safe that without the key, the phone equipment is unclassified.


Frederick G. M. Roeber | CERN -- European Center for Nuclear Research
e-mail: roeber@caltech.edu or roeber@cern.ch | phone: +41 22 767 3180
r-mail: CERN/PPE, CH-1211 Geneva 23, Switzerland