Wired: Echelon Furor Ends in a Whimper

[Peter Fairbrother]

> David Wagner at daw@mozart.cs.berkeley.edu wrote:

> Owen Lewis wrote:
>> The real problem with "universal end to end encryption" is that its
>> universality must depend on:
>> a. Universal adoption of a single PKC.
> 
> I think it might not be so hard as you imagine, in some contexts.
> Consider what it would take to institute universal end-to-end
> encryption for cellphones to protect against passive eavesdropping.
> The technological infrastructure is well within our reach, and it doesn't
> require a global PKI where every cellphone user must have a certified
> public key.


Implementing protections against passive-only interception is a bit like
installing a reinforced, fortified door and leaving the windows unlocked. It
might deter the casual passerby from theft but it's not going to seriously
inconvenience determined thieves. Without meaning to give offence, I
generally regard honest advocates of such systems as either babes in the
woods or ********* ******.

Universal end-to-end encryption for cellphones can be implemented protecting
against both active and passive eavesdropping by a second negotiation based
on the shared DH secret. This can prevent MITM completely, without a global
PKI.

PK's may be needed so people can use a 'phone directory with confidence, or
to defeat spoofing or meaconing, but they aren't needed to extend
anti-eavesdropping measures from passive to active.

-- Peter