Search Mailing List Archives


Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

[liberationtech] Building a encrypted mobile network

Michael Rogers michael at briarproject.org
Tue Jun 11 07:45:00 PDT 2013


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi Anthony,

On 08/06/13 13:36, Anthony Papillion wrote:
> 1. Location is a particularly thorny issue. Presentations at either
> HOPE or BlackHat demonstrated how easy it is to locate a mobile
> even if you're not the government with a massive budget and mad
> technology.
> 
> Perhaps routing the network connection through Tor may suffice? But
> I don't think so as something doesn't 'feel' right about that.
> Thoughts?

Routing the call through Tor wouldn't conceal the phone's location
from the mobile network. The caller and callee would both have to use
cell towers to reach the Tor network, so their respective mobile
networks would still know their locations, and any hacks that can
currently be used to trick the mobile network into revealing a phone's
location would still work.

In theory you could conceal who calls whom from the mobile network by
routing the call through Tor. However, in order to be able to receive
calls, the callee would either have to maintain a constant connection
to Tor (draining her battery and data allowance) or ask some third
party with a constant connection to Tor to send her push notifications
of incoming calls, which she could then answer by connecting to Tor.
The third party would know when the callee was receiving incoming
calls, though not necessarily from whom.

Even this would reveal quite a lot of information to the mobile
network. Alice starts sending data at 12:34:56. Bob receives a push
notification at 12:34:57. Bob starts sending data at 12:34:58. Alice
and Bob both stop sending data at 12:44:58. The inference is pretty
clear: Alice called Bob at 12:34 and the call lasted ten minutes.

Concealing these patterns would require users to send and receive
dummy data even when they weren't sending or receiving calls, which
would drain their batteries and data allowances. It would be possible
to build such a system, but I don't think anyone would use it.

> 2. Content is much easier to protect. My initial thought is to take
> a stock Android phone, replace the dialer with a SIP client capable
> of doing ZRTP, and customize the phone to tower communication so
> that all communication between the two is fully encrypted (and I
> don't mean the BS GSM encryption). Once the data gets on the
> network, it would be decrypted and calls would be connected.
> Content would be protected automatically when the user called ANY
> SIP device that supported ZRTP. Calls to PTSN would still be wide
> open.

It's not practical to use a custom protocol between the phone and the
tower - apart from the logistical issues of rolling out a new
protocol, carriers won't adopt a protocol that lacks "lawful
intercept" backdoors.

However, phone-to-tower encryption isn't needed if you have
phone-to-phone encryption, so I believe RedPhone does what you want
(but I haven't used it so I could be wrong).

Cheers,
Michael

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iQEcBAEBAgAGBQJRtzfsAAoJEBEET9GfxSfMcfoH/jPBVjyJCBKThYy/kN14ZcNX
pwaOzHdpZ+MxHKo919Exu2XUn9nIHlrGB1sqL9azsxss+m/bTgfc9iXVrOXQLhNb
8fif2PYacKgZ7eyrV1lFYesDXbcpgrRkFI7qJodc3ukfgZx87pmHmogXRGGpVvGy
cx7X/+tXBPqi84Sq2tDRcPdX7eDRXxjoE6DK0YG6f9+KN3aPLfoFCQZrnMUzqgcG
6zvJrpuCvSiH1Uk5UMbjDGMsXempFf5kDTbThOhYJG2Fi+kOw9cOlsFx0z2QB5Yf
0dSRrTHPYOIxA+JwI0pRxhCnEOC8SEWCmQVzpzEww8RvK2/k0x5ZFBERtetxiRg=
=irF4
-----END PGP SIGNATURE-----



More information about the liberationtech mailing list