Don't need to break phone to tower encryption when the vast majority of the call pathway is not encrypted. 


On Tue, Mar 8, 2022 at 4:59 PM Michael Thomas <mike@mtcc.com> wrote:

Hi, I was reading an article on why Russia hasn't taken out Ukraine's
mobile networks and one of the premises was that they could use it to
eavesdrop on calls. Depending on how old their infrastructure is, that
doesn't make sense as I would assume that along with e2e SIP that they'd
be using SRTP with the SRTP keys exchanged using DTLS which is my
understanding of the way they are secured. My understanding could be
wrong though, or either outdated, or not uniformly deployed.

The other thing that's weird is that the same article says they want to
keep it up so they can use their bandwidth too which strikes me as sort
of a crazy assumption in a war, but that's not much of an operational issue.

https://www.politico.com/news/2022/03/07/ukraine-phones-internet-still-work-00014487

Mike