«

On 27/02/2011 02:40, (PeteCresswell) wrote:

> I don't claim any real knowledge, but looking at it from the
> outside:

> - I'd think 256-bit DES encryption would be tb quite a challenge
> for anybody except the USA NSA.

DES, AES or any public/private key encryption is impossible to break in
real-time using current technology. Tunnelling calls using SSL/TLS is
the simplest implementation if you're designing your own VoIP protocol
(or, better yet, using an existing one).

Of course, you have to be certain that your data can't be intercepted
and subjected to a 'man in the middle' attack...

On 03/01/2011 09:50 PM, Mr. Benn wrote:

> Another option is an encrypted data radio link using HF radio (between 3
> - 30MHz).

Heavy equipment, big aerial, easy to spot, easy to DF.

The traditional way to shut down an illicit HF transmitter was a
jack-boot through the door followed by a grenade and a burst from an MP-38.

--
William Black

"Any number under six"

The answer given by Englishman Richard Peeke when asked by the Duke of
Medina Sidonia how many Spanish sword and buckler men he could beat
single handed with a quarterstaff.

Cynic wrote:
>
> As one example of a secure key exchange:
>
> 1) Station A creates a one-off public/private key pair and sends the
> public key to station B. The private key is never sent anywhere

Hostile intelligence service intercepts the transmission and sends its
public key to station B.
>
> 2) Station B creates a 256 bit random number to use as a key, encrypts
> that random number using the public key obtained from station A and
> sends the encrypted key to station A.

Hostile service decrypts the session key and re-encrypts it with As real
public key, etc., etc.

This is a classic man in the middle attack and why one needs trusted
third parties in any public key exchange.
>

On 01/03/2011 21:49, David Woolley wrote:
> Cynic wrote:
>>
>> As one example of a secure key exchange:
>>
>> 1) Station A creates a one-off public/private key pair and sends the
>> public key to station B. The private key is never sent anywhere
>
> Hostile intelligence service intercepts the transmission and sends its
> public key to station B.

There's a little more to PKI than that.

On 01/03/2011 22:20, David Woolley wrote:
> martin wrote:
>
>>
>> There's a little more to PKI than that.
>
> Specifically trusted third parties, which I mentioned at the end of my
> article. They allow B to be sure they are talking directly to A.

Ah so you did. My apologies

On 02/03/2011 12:38, Cynic wrote:

> On Tue, 01 Mar 2011 17:44:41 +0000, White Spirit
> <> wrote:

>> DES, AES or any public/private key encryption is impossible to break in
>> real-time using current technology. Tunnelling calls using SSL/TLS is
>> the simplest implementation if you're designing your own VoIP protocol
>> (or, better yet, using an existing one).

>> Of course, you have to be certain that your data can't be intercepted
>> and subjected to a 'man in the middle' attack...

> See my explanation of how the key exchange is carried out. A
> man-in-the-middle attack is useless against such a method unless the
> MitM is wanting to impersonate one of the parties rather than
> intercept the communication between them. And with a voice
> communication it is unlikely that the impersonation would work if the
> real parties have communicated previously or are known to each other.

That is true. It's sole use would be to block the communications.

Cynic wrote:

> man-in-the-middle attack is useless against such a method unless the
> MitM is wanting to impersonate one of the parties rather than

That is the definition of a man in the middle attack.

On Feb 27, 6:27*pm, William Black <blackuse...@gmail.com> wrote:
> On 02/27/2011 11:34 PM, S wrote:
>
>
>
>
>
> > On Feb 27, 10:22 am, William Black<blackuse...@gmail.com> *wrote:
> >> On 02/27/2011 02:38 AM, tinn...@isbd.co.uk wrote:
>
> >>> In uk.telecom.mobile Denis McMahon<denis.m.f.mcma...@googlemail.com> * *wrote:
> >>>> On 26/02/11 12:35, john reves wrote:
> >>>>> With recent political troubles in the middle east someone in the U.K. would
> >>>>> like to make
> >>>>> ** Secure ** telephone calls to arrange evacuation of persons who would be a
> >>>>> very likely target for hostage takers.
>
> >>>>> What would experts suggest using out of these various alternatives available
> >>>>> to them? A direct BT line, The 18185 indirect secondary service on that BT
> >>>>> line, the internet voip connection service, 'Voip Stunt' and an Asda 'pay as
> >>>>> you go' mobile connection.
>
> >>>>> Security and privacy of conversation without any remaining local government
> >>>>> or security services listening in would be more important than cost..
>
> >>>> If your far end party wants to avoid locals overhearing their plans,
> >>>> they could use skype over an ssh connection to an out of country proxy.
>
> >>>> Of course, doing so may draw attention to them, as the encrypted traffic
> >>>> stream will be visible, and it's endpoints can be determined, if notthe
> >>>> content.
>
> >>>> Note, however, that unless you have already exchanged ssh encryption
> >>>> keys, this is pointless, as setting up the ssh connection without
> >>>> existing keys will involve a key exchange which can be intercepted.
>
> >>>> The same really applies to any such scheme, unless you arranged it
> >>>> already, it's too late to set it up when you actually need to use it..
>
> >>> Unless you're being watched continuously then simply splitting the key
> >>> into bits and sending them separately will probably help.
>
> >> You assume a sleeping signals intelligence organisation here.
>
> >> Key management isn't something you can make up on the spot...
>
> >>> Alternatively converse in chinese, or polish or something, probably
> >>> just as effective.
>
> >> Now that really is the road to dusty death, *as the British found out in
> >> Korea when they tried that trick with Ghurkali...
>
> >> Signals intelligence organisations always employ those peculiar people
> >> who can speak and understand thirty or forty languages.
>
> >> Whose life are you willing to bet?
>
> > Code talkers were quite successful in WWII. Of course, the Navajo code
> > talkers are the best known, but Choctaw and Basque have also been
> > used, as well as Welsh by the British Army.
>
> Only in very localised circumstances in tactical use.
>
> When the USAAF tried the Choctaw trick over Germany twice they found
> that on the second use the Germans had dug up an elderly linguistics
> professor who spoke the language and they got shot to bits...
>

Have you got a reference for this? The few online account don't
mention anything like this, rather the opposite, they consider it
successful.

On 03/03/2011 02:18 AM, S wrote:
> On Feb 27, 6:27 pm, William Black<blackuse...@gmail.com> wrote:
>> On 02/27/2011 11:34 PM, S wrote:
>>
>>
>>
>>
>>
>>> On Feb 27, 10:22 am, William Black<blackuse...@gmail.com> wrote:
>>>> On 02/27/2011 02:38 AM, tinn...@isbd.co.uk wrote:
>>
>>>>> In uk.telecom.mobile Denis McMahon<denis.m.f.mcma...@googlemail.com> wrote:
>>>>>> On 26/02/11 12:35, john reves wrote:
>>>>>>> With recent political troubles in the middle east someone in the U.K. would
>>>>>>> like to make
>>>>>>> ** Secure ** telephone calls to arrange evacuation of persons who would be a
>>>>>>> very likely target for hostage takers.
>>
>>>>>>> What would experts suggest using out of these various alternatives available
>>>>>>> to them? A direct BT line, The 18185 indirect secondary service on that BT
>>>>>>> line, the internet voip connection service, 'Voip Stunt' and an Asda 'pay as
>>>>>>> you go' mobile connection.
>>
>>>>>>> Security and privacy of conversation without any remaining local government
>>>>>>> or security services listening in would be more important than cost.
>>
>>>>>> If your far end party wants to avoid locals overhearing their plans,
>>>>>> they could use skype over an ssh connection to an out of country proxy.
>>
>>>>>> Of course, doing so may draw attention to them, as the encrypted traffic
>>>>>> stream will be visible, and it's endpoints can be determined, if not the
>>>>>> content.
>>
>>>>>> Note, however, that unless you have already exchanged ssh encryption
>>>>>> keys, this is pointless, as setting up the ssh connection without
>>>>>> existing keys will involve a key exchange which can be intercepted.
>>
>>>>>> The same really applies to any such scheme, unless you arranged it
>>>>>> already, it's too late to set it up when you actually need to use it.
>>
>>>>> Unless you're being watched continuously then simply splitting the key
>>>>> into bits and sending them separately will probably help.
>>
>>>> You assume a sleeping signals intelligence organisation here.
>>
>>>> Key management isn't something you can make up on the spot...
>>
>>>>> Alternatively converse in chinese, or polish or something, probably
>>>>> just as effective.
>>
>>>> Now that really is the road to dusty death, as the British found out in
>>>> Korea when they tried that trick with Ghurkali...
>>
>>>> Signals intelligence organisations always employ those peculiar people
>>>> who can speak and understand thirty or forty languages.
>>
>>>> Whose life are you willing to bet?
>>
>>> Code talkers were quite successful in WWII. Of course, the Navajo code
>>> talkers are the best known, but Choctaw and Basque have also been
>>> used, as well as Welsh by the British Army.
>>
>> Only in very localised circumstances in tactical use.
>>
>> When the USAAF tried the Choctaw trick over Germany twice they found
>> that on the second use the Germans had dug up an elderly linguistics
>> professor who spoke the language and they got shot to bits...
>>
>
> Have you got a reference for this? The few online account don't
> mention anything like this, rather the opposite, they consider it
> successful.

Not now, no.

Mainly because I'm over 4,000 mioles from home.


--
William Black

"Any number under six"

The answer given by Englishman Richard Peeke when asked by the Duke of
Medina Sidonia how many Spanish sword and buckler men he could beat
single handed with a quarterstaff.