Domain: vectrotel.ch
Stories and comments across the archive that link to vectrotel.ch.
Comments · 9
-
Mod my previous reply down
[Please mod my previous reply down. It's botched.]
There is some information about the algorithms they're using here. That page says that they're using 1024-bit DH to negotiate a 128-bit AES key, then they XOR the output of the AES algorithm with the voice data.
Frankly, I don't trust it.
First of all, neither 1024-bit DH nor 128-bit AES actually give you 128-bit security (i.e. 2^128 complexity). For AES, you need at least 256 bits of key material to get 128 bits of security. I don't know specifically about Diffie-Hellman, but it's similar in structure to RSA, and experts have been recommending at least 2048-bit keys for new designs using RSA for years, and that's not even to get a 128-bit security level. For a true 128-bit security level, you need something like 6100 bits (if I remember correctly), which most people don't use because it's very slow to do in software.
The "XOR" part of the description, while somewhat scary-sounding, might actually be counter mode, which is considered secure for AES and is actually recommended by Bruce Schneier in his book, Practical Cryptography. Or, it might just be XORing the output of a single repeating AES ciphertext block with the entire plaintext datastream, which would be trivially insecure. We really have no way of knowing.
As for authentication, which is often more important than confidentiality (and which may be required for confidentiality)? This is all I could find:
Additional security and integrity is ensured by a calculated HASH checksum that is indicated on the display.
There is no mention of what hash function is being used, nor of what is being hashed. Furthermore, people who talk about "HASH" -- in all-caps, as if HASH is an algorithm itself -- clearly don't know what they're doing. It might just be Vecrotel's marketing department messing things up. Or, it could be a more fundamental lack of expertise within the company. Who knows?
Have a look at the Vecrotel FAQ:
VECTROTEL IS BASED ON WHICH SW PLATFORM? IS THERE A SECURITY RISK?
The software is proprietary. There is no security risk....
KNOWING AND CHECKING THE SOURCE CODE IS VERY IMPORTANT. IS EVERYBODY ABLE TO REVIEW THIS SOURCE CODE?
No, we do not release the source code. Too much know-how would be at stake.Totally unacceptable.
If those really are "frequently-asked questions", those responses are simply arrogant. The company has clearly adopted a "trust us" mentality. If I was willing to blindly trust other companies, I wouldn't be looking for a secure phone!
Crypto products are like voting machines. If their operation is not independently verifiable, then they simply cannot be trusted.
As an interesting side note, I don't see any FIPS certifications.
I smell snake oil.
-
Mod my previous reply down
[Please mod my previous reply down. It's botched.]
There is some information about the algorithms they're using here. That page says that they're using 1024-bit DH to negotiate a 128-bit AES key, then they XOR the output of the AES algorithm with the voice data.
Frankly, I don't trust it.
First of all, neither 1024-bit DH nor 128-bit AES actually give you 128-bit security (i.e. 2^128 complexity). For AES, you need at least 256 bits of key material to get 128 bits of security. I don't know specifically about Diffie-Hellman, but it's similar in structure to RSA, and experts have been recommending at least 2048-bit keys for new designs using RSA for years, and that's not even to get a 128-bit security level. For a true 128-bit security level, you need something like 6100 bits (if I remember correctly), which most people don't use because it's very slow to do in software.
The "XOR" part of the description, while somewhat scary-sounding, might actually be counter mode, which is considered secure for AES and is actually recommended by Bruce Schneier in his book, Practical Cryptography. Or, it might just be XORing the output of a single repeating AES ciphertext block with the entire plaintext datastream, which would be trivially insecure. We really have no way of knowing.
As for authentication, which is often more important than confidentiality (and which may be required for confidentiality)? This is all I could find:
Additional security and integrity is ensured by a calculated HASH checksum that is indicated on the display.
There is no mention of what hash function is being used, nor of what is being hashed. Furthermore, people who talk about "HASH" -- in all-caps, as if HASH is an algorithm itself -- clearly don't know what they're doing. It might just be Vecrotel's marketing department messing things up. Or, it could be a more fundamental lack of expertise within the company. Who knows?
Have a look at the Vecrotel FAQ:
VECTROTEL IS BASED ON WHICH SW PLATFORM? IS THERE A SECURITY RISK?
The software is proprietary. There is no security risk....
KNOWING AND CHECKING THE SOURCE CODE IS VERY IMPORTANT. IS EVERYBODY ABLE TO REVIEW THIS SOURCE CODE?
No, we do not release the source code. Too much know-how would be at stake.Totally unacceptable.
If those really are "frequently-asked questions", those responses are simply arrogant. The company has clearly adopted a "trust us" mentality. If I was willing to blindly trust other companies, I wouldn't be looking for a secure phone!
Crypto products are like voting machines. If their operation is not independently verifiable, then they simply cannot be trusted.
As an interesting side note, I don't see any FIPS certifications.
I smell snake oil.
-
Mod my previous reply down
[Please mod my previous reply down. It's botched.]
There is some information about the algorithms they're using here. That page says that they're using 1024-bit DH to negotiate a 128-bit AES key, then they XOR the output of the AES algorithm with the voice data.
Frankly, I don't trust it.
First of all, neither 1024-bit DH nor 128-bit AES actually give you 128-bit security (i.e. 2^128 complexity). For AES, you need at least 256 bits of key material to get 128 bits of security. I don't know specifically about Diffie-Hellman, but it's similar in structure to RSA, and experts have been recommending at least 2048-bit keys for new designs using RSA for years, and that's not even to get a 128-bit security level. For a true 128-bit security level, you need something like 6100 bits (if I remember correctly), which most people don't use because it's very slow to do in software.
The "XOR" part of the description, while somewhat scary-sounding, might actually be counter mode, which is considered secure for AES and is actually recommended by Bruce Schneier in his book, Practical Cryptography. Or, it might just be XORing the output of a single repeating AES ciphertext block with the entire plaintext datastream, which would be trivially insecure. We really have no way of knowing.
As for authentication, which is often more important than confidentiality (and which may be required for confidentiality)? This is all I could find:
Additional security and integrity is ensured by a calculated HASH checksum that is indicated on the display.
There is no mention of what hash function is being used, nor of what is being hashed. Furthermore, people who talk about "HASH" -- in all-caps, as if HASH is an algorithm itself -- clearly don't know what they're doing. It might just be Vecrotel's marketing department messing things up. Or, it could be a more fundamental lack of expertise within the company. Who knows?
Have a look at the Vecrotel FAQ:
VECTROTEL IS BASED ON WHICH SW PLATFORM? IS THERE A SECURITY RISK?
The software is proprietary. There is no security risk....
KNOWING AND CHECKING THE SOURCE CODE IS VERY IMPORTANT. IS EVERYBODY ABLE TO REVIEW THIS SOURCE CODE?
No, we do not release the source code. Too much know-how would be at stake.Totally unacceptable.
If those really are "frequently-asked questions", those responses are simply arrogant. The company has clearly adopted a "trust us" mentality. If I was willing to blindly trust other companies, I wouldn't be looking for a secure phone!
Crypto products are like voting machines. If their operation is not independently verifiable, then they simply cannot be trusted.
As an interesting side note, I don't see any FIPS certifications.
I smell snake oil.
-
Re:Ummm....There is some information here. It says that they're using 1024-bit DH to negotiate a 128-bit AES key, then they XOR the output of the AES algorithm with the voice data.
Frankly, I don't trust it.
First of all, neither 1024-bit DH nor 128-bit AES actually give you 2^128 complexity. For AES, you need at least 256 bits of key material to get 128 bits of security. I don't know specifically about diffie-hellman, but it's very similar in structure to RSA, and experts have been recommending at least 2048-bit keys for RSA for years now.
The "XOR" part of the description, while somewhat scary-sounding, might actually be counter mode, which is considered secure for AES and is actually recommended by Bruce Schneier in his book, Practical Cryptography. Or, it might just be XORing the output of a single AES ciphertext block with the entire plaintext datastream. We really have no way of knowing.
Have a look at the Vecrotel FAQ:
VECTROTEL IS BASED ON WHICH SW PLATFORM? IS THERE A SECURITY RISK?
The software is proprietary. There is no security risk.... KNOWING AND CHECKING THE SOURCE CODE IS VERY IMPORTANT. IS EVERYBODY ABLE TO REVIEW THIS OURCE CODE?
No, we do not release the source code. Too much know-how would be at stake.Totally unacceptable.
If those really are "frequently-asked questions", those responses are simply arrogant. The has clearly adopted a "trust us" mentality, which just doesn't work with people who want strong security. I also don't see any FIPS certifications anywhere.
I smell snake oil.
-
Re:Ummm....There is some information here. It says that they're using 1024-bit DH to negotiate a 128-bit AES key, then they XOR the output of the AES algorithm with the voice data.
Frankly, I don't trust it.
First of all, neither 1024-bit DH nor 128-bit AES actually give you 2^128 complexity. For AES, you need at least 256 bits of key material to get 128 bits of security. I don't know specifically about diffie-hellman, but it's very similar in structure to RSA, and experts have been recommending at least 2048-bit keys for RSA for years now.
The "XOR" part of the description, while somewhat scary-sounding, might actually be counter mode, which is considered secure for AES and is actually recommended by Bruce Schneier in his book, Practical Cryptography. Or, it might just be XORing the output of a single AES ciphertext block with the entire plaintext datastream. We really have no way of knowing.
Have a look at the Vecrotel FAQ:
VECTROTEL IS BASED ON WHICH SW PLATFORM? IS THERE A SECURITY RISK?
The software is proprietary. There is no security risk.... KNOWING AND CHECKING THE SOURCE CODE IS VERY IMPORTANT. IS EVERYBODY ABLE TO REVIEW THIS OURCE CODE?
No, we do not release the source code. Too much know-how would be at stake.Totally unacceptable.
If those really are "frequently-asked questions", those responses are simply arrogant. The has clearly adopted a "trust us" mentality, which just doesn't work with people who want strong security. I also don't see any FIPS certifications anywhere.
I smell snake oil.
-
Re:Convenience
Just visiting the Vecrotel site and viewing the requirements says it all about getting these phones in the US. The GSM 1900 in US is NOT supported.
http://www.vectrotel.ch/index.php?show=60 -
Re:Man in the middleThis page says it's a 4-digit hash. The man-in-the-middle would only need to generate a trivial number of keys to find one with the same hash as the authentic key (furthermore, the keys could probably be generated in advance and stored in a lookup table).
I'm not sure what you mean about a proprietary algorithm - it uses Diffie-Hellman and AES, both of which are open, peer-reviewed algorithms.
-
Re:Feasibility for US Market?
is it possible to buy and use this cellphone in the US with a normal US carrier?
I think so, at least one of their phones. That one uses the three bands 900 MHz, 1800 MHz and 1900 MHz. The former two is used in europe (during a call the phones switches frequency bands depending on which one gives the best connection, or something similar), while the latter is used in USA (among other places, I think). That indicates that it is possible to use it in the states too. -
Official product page
Their products page reveal that they have two models (both with encryption). Of course, this is something you _could_ build yourself on top of an ordinary mobile phone, but naturally, it's convenient to just buy one. (On a side note, one of the models is bloated with a camera.)