[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Discuss-gnuradio] Blackberry: Conspiracy / Reality
|
From: |
Eric Blossom |
|
Subject: |
[Discuss-gnuradio] Blackberry: Conspiracy / Reality |
|
Date: |
Thu, 21 Mar 2002 19:01:36 -0800 |
|
User-agent: |
Mutt/1.2.5i |
On Thu, Mar 21, 2002 at 05:40:45PM -0800, Ettus, Matt wrote:
> > And given the description of the two classes of Blackberry
> > customer, I cannot help but wonder if LEAs and TLAs had
> > something to do
> > with the decisions involved - clearly very few if any corporate
> > customers with BES systems and the whole 9 yards inside their
> > firewalls
> ...
> Thus keeping the rf link completely open helps the
> > watchers watch, and is something that they can be presumed to have
> > quietly pressured to have happen.
Matt, I don't disagree with you on the point about the "cheap one
won't have all the features of the expensive one" but, there is a real
history of NSA (or MIB if you prefer) meddling with communications
standards and/or implementations. I've talked to the people who were
at the meetings; I've read the specs.
Concrete examples:
* Most GSM SIMs currently deployed have the low 10 bits of the 64 bit
key set to zero. Gee, that's really going to help the crypto. This
is easy to verify. The SIM follows a well specified standard.
Just observe the answer it returns.
* IS-136 (North American Digital Cellular) has extremely lame crypto
designed into it for voice privacy. In fact, it xors a constant
mask across each each speech coder frame. Given discontinuous
transmission (last 3 frames of a talk spurt are statistically
silence), combined with the fact that the FEC is on the wrong side
of crypto spells LAME. Oh, did I forget to tell you that even this
lame stuff is *never* enabled. If you're an IS-136 user this
experiment is trivial to perform: select the "enhanced privacy"
option from your phone menu. Your phone will then give you an alert
on every call that you place or receive notifying you that "enhanced
privacy is not available". We're run this experiment across the
country. So far noone has ever seen a basestation that accepts the
handset's request. Note that the crypto that is involved in billing
matters has held up a lot better. Sell out the end user, protect
the revenue stream. Makes perfect sense.
* IS-95 (Qualcomm's CDMA) uses only 64 spreading codes from the base
station to the mobile. Thus, the raw bits are available for all to
intercept. Now, they are "encrypted", but did you happen to notice
that the "encryption" is a *linear* function! There is also a ton of
redundancy in the signal (obscured somewhat by random diddling for
power control purposes of 16 out of 24 bits), but nevertheless, in
the worst case it takes 1 second to gather enough data to solve 42
equations in 42 unknowns resulting in the key. With that key, you are
then able to demodulate the reverse channel from the mobile to the
basestation. The Qualcomm guys are smart. This wasn't an oversight.
The typical story with these is that a MIB talks to the equipment
manufacturer and says, "Hey, you know that you're going to have one
hell of an export problem if you keep headed down the path you're on.
I suggest that making these minor changes might help you access
the international market..."
There are lots more stories. Talk to anybody who ever tried to build
crypto hardware or software in the "bad old days".
Also, note the similarity of the cell phone operator's strategy to the
MPAA's strategy:
Pass a law: ban non-compliant receivers of clear text cell phone calls.
Pass a law: ban non-compliant receivers of clear text TV programs.
Eric