Multiple responses inline: On Jan 26, 2009, at 11:26 AM, Paul Hoffman wrote:
I too would like to hear more information on this, particularly the crypto that is known to be used on the Edge.
See sections 'Secure Speech Processing' and 'Interoperability' of <http://www.gdc4s.com/documents/GD-Sectera_Edge-w.pdf >. The standard suites are used, as one would expect.
On Jan 26, 2009, at 4:56 PM, Jerry Leichter wrote:
The FAQ, indirectly, answers the your previous question of why only Secret for email: Data-at-rest is encrypted using AES, which is only approved for Secret, not Top Secret, data.
This isn't the case; AES is approved for Top Secret with 192- or 256- bit keys, per <http://www.cnss.gov/Assets/pdf/cnssp_15_fs.pdf>.
On Jan 26, 2009, at 9:26 PM, Steven M. Bellovin wrote:
Quite simply, voice offers one service -- voice. Data offers many services, and hence many venues for data-driven attacks: email (which includes many MIME types) and probably clicking on URLs, web (which includes HMTL, gif, jpeg, perhaps png, and almost certainly Javascript), and perhaps data files including pdf, Word, Powerpoint, and Excel. Any one of those data formats is far more complex than even compressed voice; the union of them makes me surprised it can handle even Secret data... Note especially that HTML involves IFRAMEs and third-party images, which means inherent cross-domain issues.
I've thought about this, but I don't buy it. I'm a heavy user of wireless e-mail, but I use it as nothing more than a SMTP-addressable SMS service without a length limit. In other words, people can send me messages from a computer and not just from a mobile handset (true in the other direction, too), and I can read and write more than 160 characters at a time.
I'd find mobile e-mail just as useful if it went through a proxy that stripped out _everything_ that's not plaintext. I open attachments on my phone about once in a blue moon, and wouldn't miss the ability if it were gone.
Cheers, -- Ivan Krstić <krs...@solarsail.hcs.harvard.edu> | http://radian.org --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com
