Re: [cryptography] The NSA and secure VoIP

2012-03-03 Thread Krassimir Tzvetanov
The way I read it is something much simpler than attacking the encryption - it seams to be about operational procedures security. Think if somebody mis-configures something on the first layer you still have the second layer. Now if you add two separate teams managing each layer then you have a

Re: [cryptography] The NSA and secure VoIP

2012-03-02 Thread Marsh Ray
On 03/01/2012 09:31 PM, Jeffrey Walton wrote: Interesting. I seem to recall that cascading ciphers is frowned upon on sci.crypt. I wonder if this is mis-information Not mis-information. You could easily end up enabling a meet-in-the-middle attack just like double DES.

Re: [cryptography] The NSA and secure VoIP

2012-03-02 Thread ianG
On 2/03/12 14:31 PM, Jeffrey Walton wrote: On Thu, Mar 1, 2012 at 10:27 PM, Steven Bellovins...@cs.columbia.edu wrote: http://www.scmagazine.com.au/News/292189,nsa-builds-android-phone-for-top-secret-calls.aspx makes for interesting reading. I was particularly intrigued by this:

Re: [cryptography] The NSA and secure VoIP

2012-03-02 Thread Steven Bellovin
On Mar 2, 2012, at 2:59 AM, Marsh Ray wrote: On 03/01/2012 09:31 PM, Jeffrey Walton wrote: Interesting. I seem to recall that cascading ciphers is frowned upon on sci.crypt. I wonder if this is mis-information Not mis-information. You could easily end up enabling a meet-in-the-middle

[cryptography] The NSA and secure VoIP

2012-03-01 Thread Steven Bellovin
http://www.scmagazine.com.au/News/292189,nsa-builds-android-phone-for-top-secret-calls.aspx makes for interesting reading. I was particularly intrigued by this: Voice calls are encrypted twice in accordance with NSA policy, using IPSEC and SRTP, meaning a failure requires “two

Re: [cryptography] The NSA and secure VoIP

2012-03-01 Thread John Case
On Thu, 1 Mar 2012, Jeffrey Walton wrote: On Thu, Mar 1, 2012 at 10:27 PM, Steven Bellovin s...@cs.columbia.edu wrote: http://www.scmagazine.com.au/News/292189,nsa-builds-android-phone-for-top-secret-calls.aspx makes for interesting reading.  I was particularly intrigued by this:        

Re: [cryptography] The NSA and secure VoIP

2012-03-01 Thread coderman
On Thu, Mar 1, 2012 at 7:31 PM, Jeffrey Walton noloa...@gmail.com wrote: ... Interesting. I seem to recall that cascading ciphers is frowned upon on sci.crypt. I wonder if this is mis-information you've got a single cipher suite applied for a given transport layer, but two layers of

Re: [cryptography] The NSA and secure VoIP

2012-03-01 Thread Nasko Oskov
On Thu, Mar 01, 2012 at 09:08:54PM -0800, coderman wrote: On Thu, Mar 1, 2012 at 7:31 PM, Jeffrey Walton noloa...@gmail.com wrote: ... Interesting. I seem to recall that cascading ciphers is frowned upon on sci.crypt. I wonder if this is mis-information you've got a single cipher suite