09 May 2004

crypto on handheld devices

ok, so there's a problem with doing pub/priv key encryption on mobile devices because the CPUs are slow. so most devices now have network capabilities, like bluetooth, GPRS, wifi, etc. so why don't we create what i will term as "crypto daemons". basically, a handheld, when it wants to encrypt or decrypt a packet, it establishes a secure link with a crypto daemon (using some sort of stored or generated link key), then forwards the key and the data to be encrypted/decrypted (encyrpted with the link key), and the server sends it back.

now this means you have implicit trust of the server, so the ideal place for such a server would be on your desktop computer or laptop. a commercial entity like a mobile network provider can also provide that functionality. you could also think of ways to encrypt/scramble the data so it can be somehow obfuscated.

You can reply to me about this on Twitter: