Anders Rundgren wrote:

I'm looking for a system that offers authenticated and confidential
messaging which would among things include mobile phone voice messaging.
If such system would require users to trust certificates and stuff, it will 
fail.

Our current only alternative is the trusted provider concept.

Well, I don't see that. PGP and Skype both offer authenticated + confidential messages, without the "certificate" side of things. They do it conceptually by tightly binding the keys to the user, and having each user authenticate their handles directly to each other.

(Ignoring the implementation details ... obviously the different actual networks work better or worse.)

An old military secure phone trick was to read off the numbers displayed on the phone. This is using a different channel -- voice -- to authenticate the numbers which then authenticate the commsec.

A problem with this sort of work is that people take the security model from a text book and then try and implement it without complaint. This doesn't really work, as the target audience generally have a different model of security, sometimes mildly different, sometimes wildly different. This syndrome is sometimes encapsulated in WYTM? or What's your threat model?

iang
_______________________________________________
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto

Reply via email to