Slashdot Mirror

← Back to Stories (view on slashdot.org)

German Crypto Mobile Announced

Posted by Hemos on from the making-things-encrypted dept.

XMLGuy writes "The first German crypto mobile phone is to be built by Rohde and Schwarz - a company that took over the hardware-crypto segment of Siemens at the beginning of May this year. At the push of a button the mobile phone (they are called "handies" here in Germany) will set up an encrypted communications link with your communications partner. According to heise online, the mobiles then use a 128 bit key to encrypt the channel. One of the technicians is quoted as saying that "A thousand pentium computers would need over 10 years to decrypt a 10 minute phone-call". The mobiles will cost around 6000 German Marks. " You know where the the fish is for translation.

7 of 112 comments (clear)

  1. Swedes has sold Crypto GSM phones for a long time. by bodin · · Score: 3

    Sectra in Sweden has been selling crypto GSM phones for a very long time.

    http://www.sectra.se/

    Check out their "Tiger-phone" which is a combo GSM/DECT phone with built in crypto.

    Sold to the Swedish military.

  2. This is not as impressive as it sounds: by Mr.+Flibble · · Score: 3

    the mobiles then use a 128 bit key to encrypt the channel. One of the technicians is quoted as saying that "A thousand pentium computers would need over 10 years to decrypt a 10 minute phone-call

    As outlined in Cracking DES, an algorithm can take years to crack using a conventional computer. However, if you custom design a computer from the ground up (not as difficult as it might sound) to specifically attack the algorithm, the encryption can fall quite quickly, as it does with DES. *

    I think that encryption should be evaluated on the strength of the algorithm, not on how many brute force attacks it would take to defeat it. (This is what is mentioned by Schneier in Applied Cryptography.)

    * For those of you who doubt this, read the book.

    --
    Try to hack my 31337 firewall!
  3. There is a backdoor.. by abelsson · · Score: 3
    Quote 1:...use[s] a 128 bit key to encrypt the channel.
    Quote 2: ...A thousand pentium computers would need over 10 years to decrypt a 10 minute phone-call.

    1) A 128 bit string has roughly 10^38 possible combinations (keys)
    2) Assuming a pentium chip can perform 1 million decryptions per second of the algorithm 1000 pentiums working for 10 years would try roughly 10^17 keys - which is equivalent with a 58 bit real key length. (suspiciosly similar to DESes 56bit, maybe they use DES with some custom key magic to be able print "128bit keys" on the box)

    This means there's a better than bruteforce way of cracking the algorithm used and this phone probably shouldnt be used for anything important (as we all know, des can be cracked in hours by d.net, probably in minutes or seconds by intelligence agencies)

    Also, even if it isnt DES.10000 pentiums (1yr) - or more likely, a custom chip (much less), is not outside the reach of intelligence agencies or even large companies.

    -henrik

  4. Some more translation by harmonica · · Score: 3
    I don't want to translate all of it, just some interesting parts:
    • cellphone looks like a Siemens S35i
    • it's not made by Siemens but a smaller enterprise that was created from one of Siemens' departments
    • unencrypted calls work just like with normal cellphones
    • for encrypted calls, the user presses a special key and then enters the number; a GSM-like data channel [I don't know whether there might be a better translation] is opened and data encrypted by a stamp-sized chip is transferred
    • the encrypted connection only works if the other person has a matching cellphone or an ISDN telephone with a corresponding encryption device
    • in some countries, the use of such a cellphone is forbidden
    • price is DM 6000, which is about USD 3000
    • German secretary of the interior Otto Schily got one for free
  5. Re:A better way to do this? Already been done... by Holger · · Score: 3

    Your idea isn't new. A german inventor had something like that worked out about five years ago, they are finally through the patenting process and are starting to produce actual hardware. Check out www.dirc.net. Unfortunately the original idea "user buys equipment once, no further costs" has been dropped in the process. Now the business model is more along the lines of "provider buys lots of them and rents them out to consumers". But still pretty cool tech.

  6. A better way to do this? by E1ven · · Score: 4

    or- Distributed mobile phones.

    An Idea that I've been kicking around in my head for a while is the concept of a distribted mobile phone. Each Phone acts as a transmitter for your call, and a forwarder for other calls.
    Thus, as the number of phones sold increases, so does the total range of the system.

    Such an infrastructure would be, in a similiar way to the internet, very resistant to attack, and the loss of nodes would not defeat the entire network.

    To handle encrpytion, such as in the article, two phones could by sync'ed, via an infrared channel (when the two persons were physically close together), upon which point they would exchange their respective public keys.

    To get from Phone A to Phone E, the message hops out, from phone to phone, looking for way to phone E.
    Each hop, it increases it's HTL by one.
    When it arrives at the Phone E, E checks the HTLs of messages that arrive, and then sends back a message that attempts to take a similiar route.
    (ie, if a node is missing, it will hop around, looking to get back ont he chain, or, to get back to phone A)

    Does this sound like a viable phone model?


    --

    This message brought to you by Colin Davis

    --
    Colin Davis
  7. They Obviously Don't Watch X-Files by karma+kameleon · · Score: 3

    Smoking Man has a secret briefcase with a button and a knob marked 'Decrypt', which renders this technology and it's kin useless.