GSM - A5 Strength

Brian Gladman gladman at seven77.demon.co.uk
Thu, 9 Apr 1998 10:24:03 +0100 

From: Markus Kuhn <Markus.Kuhn@cl.cam.ac.uk>
To: ukcrypto@maillist.ox.ac.uk <ukcrypto@maillist.ox.ac.uk>
Date: 08 April 1998 13:23
Subject: Re: GSM - A5 Strength

<material deleted>

>Paul is right: Since tapping a normal phone is so trivial and lacks
>so much academic challenge, few people perceive it as a risk in
>paranoia discussions on mailing lists. Perception of risk is first of
>all a marketing issue. You can't publish a scientific paper on tapping
>phones in any respected crypto journal (not even in the NY Times :),
>so it is not exciting and nobody talks about it. The other side of
>this argument is that strong cryptography such as PGP gives people
>a false perception of security, because people start to trust the
>strongest link in the chain.


We are not comparing like with like here.

In the voice communications world there is no practical distinction (in end
user terms) between the application layer and the network layer whereas in
the Internet world we can distinguish between these layers.  Moreover,
whereas the network layer is controlled by organisations that are
susceptible to government pressures, Internet end users have secured
substantial control over what happens at the applications layer.

Now the importance of PGP is not so much its strength but rather the fact
that it is applied at the applications layer.  As a result it undermines the
traditional forms of network layer intercept that our governments know and
love so much.

So the 'chain' here is not a simple linked chain where breaking one link
breaks the whole chain - breaking the network layer when PGP is being used
for confidentiality at the applications layer does not break the
confidentiality being achieved.  Here we are not adding an extra serial link
in a security chain - we are adding a stronger link in parallel with some of
the existing links so that when they break the chain still remains intact.

Composition of security properties is not simple and the chain analogy is
often inappropriate.

        Brian