SoylentNews

pTamok [soylentnews.org] writes:

Bruce Schneier's blog has a nice pointer to a Kickstarter project that aims to provide easy secure end-to-end voice encryption for connections between devices with standard head- and microphone- sockets.

Bruce Schneiers blog article, with comments: https://www.schneier.com/blog/archives/2014/09/jackpair_encryp.html#comments [schneier.com]

The Kickstarter: https://www.kickstarter.com/projects/620001568/jackpair-safeguard-your-phone-conversation [kickstarter.com]

"JackPair: secure your voice phone calls from wiretapping"
"JackPair protects your privacy by encrypting your voice over phone calls. It works with any device through standard 3.5 mm audio jack."

While it does not prevent people with access to phone company records from knowing which numbers you called (the metadata), it could effectively prevent the unencrypted content of conversations being recovered by third parties (assuming the implementation has no flaws or deliberately-installed back-doors).

The Kickstarter page details the use of Diffie-Hellman-Merkle ( http://en.wikipedia.org/wiki/Diffie%E2%80%93Hellman_key_exchange [wikipedia.org]) key exchange to set up a session key between two JackPair devices. The session key is then used to encrypt the voice stream using a cipher based on 'Salsa20 stream cipher' ( http://www.ecrypt.eu.org/stream/e2-salsa20.html [eu.org] )

The benefits for non-law-abiding people are obvious, and I wonder how long it will take for a deep packet inspection device to be programmed to identify streams of such encrypted data and block them?

---

Original Submission