Slashdot Mirror

← Back to Stories (view on slashdot.org)

Italian Phone Taps Spur Encryption Use

Posted by kdawson on from the what-is-the-frequency-kenneth dept.

manekineko2 writes "This article in the NYTimes discusses how a recent rash of high-profile mobile phone taps in Italy is spurring a rush toward software-encrypted phone conversations. Private conversations have been tapped and subsequently leaked to the media and have resulted in disclosures of sensitive takeover discussions, revelations regarding game-fixing in soccer, and the arrest of a prince on charges of providing prostitutes and illegal slot machines. An Italian investigative reporter stated that no one would ever discuss sensitive information on the phone now. As a result, encryption software for mobile phones has moved from the government and military worlds into the mainstream. Are GSM phones in the US ripe for a similar explosion in the use of freely available wiretapping technology, and could this finally be the impetus to for widespread use of software-encrypted communications?"

8 of 176 comments (clear)

  1. Nice thing by crunzh · · Score: 5, Interesting

    It would be really nice if that came standard in cellphones (Properly just a empty dream). But maybe a plugin for windows mobile and symbian handsets could be possible.

    --
    Visit http://www.crunzh.com/ for free software. Mac/Lin/Win
    1. Re:Nice thing by smilindog2000 · · Score: 4, Informative

      Software or hardware encryption of streams using ARC-DROP(768) seems plenty secure for real world applications, and the inner loop is only about 10 lines of code to process 1 byte. At voice speeds, your average $0.25 microcontroller should have plenty of horsepower, so long as it's got 256 bytes of RAM. I've built a simple file encryptor at tinycrypt.sf.net based on it. Let me know if you find any bugs!

      --
      Beer is proof that God loves us, and wants us to be happy.
  2. Re:Key Exchange? by jez9999 · · Score: 4, Interesting

    Why would it be a problem? Only private keys ca be used to decrypt data. Unless you were concerned about the man-in-the-middle just rewriting the data to say something else, but it's hard to imagine how they'd do that to a live voice conversation.

    --
    == Jez ==
    Do you miss Firefox? Try Pale Moon.
  3. Re:Key Exchange? by jrumney · · Score: 4, Informative

    It's a fundamental feature of public key encryption that public keys can be exchanged in the clear without compromising security.

  4. Re:Italy & US by jonwil · · Score: 4, Informative

    I believe the GSM standards actually mandate encryption. However, such encryption isn't going to do very much to protect you from wiretaps if the wiretapper has the permission from the carrier.

    OpenMoko (or other communications platform with open software) + VoIP + AES encryption + Diffie-Hellman (or use RSA and public key cryptography) is the solution if you REALLY need to keep your stuff secret.
    Even the NSA doesn't have enough computing power to decrypt THAT. And, the same solution could run on a PC or anything else with enough CPU power.

  5. Not Gonna Happen in US by gambit3 · · Score: 4, Insightful

    Quite simply, one of two things would prevent encrypted cell phones from becoming successful in the US:

    1. The government would simply make it illegal (don't want to give the terrorists any new tools).

    2. The government would require a backdoor be built in by manufacturers, defeating the purpose.

    --
    Watch the Teaser Trailer for "The Lightning Thief" Her
  6. Re:Key Exchange? by d3ac0n · · Score: 4, Informative

    We seem to have a fundamental misunderstanding of PKE here.

    Person A wants to talk to person B using encryption.

    A sends B his public Key, B sends A her public key. They each then use the combination of the other's public key and their own private key to encode and decode messages to and from each other.

    Let's say A goes to send B his key, but it's intercepted by C, and C sends B a modified key (man in the middle attack). Then B will not be able to initiate communication with A because the key won't match. This is how and why PKE works. If it was possible to capture and send a modified key and have the conversation still function then PKE wouldn't be very useful, would it?

    --
    Official Heretic from the "Church of Global Warming". Proven right thanks to whistle blowers. AGW = Flat Earth Theory
  7. Get a CryptoPhone by mwilliamson · · Score: 4, Informative

    It looks like a firm in Germany already offers a AES-256 bit encrypted mobile and POTS phone, as well as a softphone. Although their hard phones aren't cheap, the softphone is free to give to your contacts. http://www.cryptophone.de They alse include source code for "full independent review" with their products.

    Similarly, Phil Zimmermann, the creator of PGP has released his Zphone to make encrypted VoIP calls. Also, the Asterisk project offers an encrypted IAX channel.