LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 24, 2012

A uTouch architecture introduction

LWN.net Weekly Edition for May 17, 2012

Tasting the Ice Cream Sandwich

Highlights from the PostgreSQL 9.2 beta

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Telephone encryption and closed algorithm security

Telephone encryption and closed algorithm security

Posted May 15, 2003 19:45 UTC (Thu) by MortFurd (guest, #9389)
Parent article: May CRYPTO-GRAM newsletter

QUOTE:
Two points immediately spring forward:

1) Encryption of phone communications is very uncommon. Sixteen cases
of encryption out of 1,358 wiretaps is a little more than one
percent. Almost no suspected criminals use voice encryption.

2) Encryption of phone conversations isn't very effective. Every time
law enforcement encountered encryption, they were able to bypass it. I
assume that local law enforcement agencies don't have the means to
brute-force DES keys (for example). My guess is that the voice
encryption was relatively easy to bypass.

These two points can be easily explained by the fact that telephones
are closed devices. Users can't download software onto them like they
can on computers. No one can write a free encryption program for
phones. Even software manufacturers will find it more expensive to
sell an added feature for a phone system than for a computer system.

This means that telephone security is a narrow field. Encrypted phones
are expensive. Encrypted phones are designed and manufactured by
companies who believe in secrecy. Telephone encryption is closed from
scrutiny; the software is not subject to peer review. It should come
as no surprise that the result is a poor selection of expensive lousy
telephone security products.

For decades, the debate about whether openness helps or hurts security
has continued. It's obvious to us security people that secrecy hurts
security, but it's so counterintuitive to the general population that
we continually have to defend our position. This wiretapping report
provides hard evidence that a closed security design methodology -- the
"trust us because we know these things" way of building security
products -- doesn't work. The U.S. government hasn't encountered a
telephone encryption product that they couldn't easily break.

END QUOTE

I think there are other possibilites that should be considered. There is voice encryption (encrypted digital transmission of voice) and voice scrambling on the market today. True encryption devices can't be bought by just any Tom, Dick, or Harry. Try sometime and you'll see. Voice scrambling, on the other hand, is much easier to come by - and at lower security levels quite trivial to crack since it is purely analog.
Voice scrambling is nothing more than frequency inversion. More secure systems change inversion frequencies more rapidly and use more elaborate schemes for staying synchronized.

The lowest level systems use a single fixed inversion frequency which can easily be "cracked." Slightly more secure systems change inversion frequencies up to a few times per second.

A mid-level system changes inversion frequencies up to a few hundred times a second. High level systems change frequencies up a thousand times per second. Anything above the lowest level uses a pseudo random number generator to select the next frequency at each change.

For the lower levels, no improvement in the random number generation is going to help. The inversion is to easy to get around. At the very low levels, a human being can change his decoder frequencies manually fast enough to decode everything - and if he has a recording then there's really nothing to it.

The higher levels are impossible to decode by hand - they aren't commonly available, though.

The decoder need not match the encoder perfectly, either. A match to within about 200Hz is good enough for intelligibilty.

Due to the bandwidth limitations of the analog telephone network, and echoes and other problems, a telephone scrambling unit actually has a very limited range of inversion frequencies it can use. It is also limited in the rate at which it can change frequencies. Because of these limitations, and because plus or minus 200Hz is a good enough match, it is usually sufficient to set a simple inverter to somewhere near the middle of the scrambling units inversion frequency range. The audio will be distorted to some extent, but intelligible enough for a trained ear to understand perfectly well. Some people with enough experience can "decode" the lower level systems with nothing but their ears.

Manufacturers routinely market analog scrambling equipment as "voice encryption equipment." That is not strictly true, but it is close enough for marketing types and for the people who purchase it.

I've read the referenced report, and nowhere does it mention the type of encryption used. Since the average person on the street doesn't differentiate between encyrption and scrambling, I would venture to say that in most (if not all) cases analog scrambling was used.

Since the referenced cases were probably not using digital encryption, picking on the algorithm is rather like blaming a break in on the padlock on the front door, when in reality the thief simply walked around back and kicked in a window.

Given the different types of equipment available, and the lack of details in the study, it would seem that the study has no great relevance to the discussion of open versus closed algorithm security.

(Log in to post comments)

Copyright © 2012, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds