[guardian-dev] Vodaphone Encrypted Phone

Matej Kovacic matej.kovacic at owca.info
Wed Mar 12 02:18:20 EDT 2014


Hi,

> I saw Vodaphone's new encrypted phone which stores digital private keys
> and corresponding certificates on a SIM card.  SIM cards have very
> limited storage capacity so not a great place to store a private key.  
> If I was working at Vodaphone I would have added that conversations are
> only encrypted if you don't piss of anyone who's downloaded Cain and
> Abel to brute-force your private key.

In fact, storing private keys on a SIM card is not so bad idea, because
SIM card is a place when your mobile identity is stored. If that keys
would be used for end-to-end encrypted communications, that would be a
step forward.

Of course, space on a SIM card is limited. But what about  using
elliptic curves which can use shorter keys?

Anyway, this is also interesting:

http://nelenkov.blogspot.com/2013/09/using-sim-card-as-secure-element.html

https://github.com/nelenkov/sim-password-manager

Regards,

M.


More information about the Guardian-dev mailing list