Skip to navigation
   
Simon Bisson & Mary Branscombe's Blog
RSS

Locking up your voice

By Simon Bisson & Mary Branscombe in Editorial

Posted in Security, Mobile on May 6, 2009 at 10:59 pm

Permalink | Author Profile

Voice is mobile’s killer app. Secure voice? That’s another story.

Way back in the early days of the GSM specification, the designers came up with a voice cryptography standard, called A. Governments and security agencies  weren’t too happy as they felt that A was too strong - and it would make conversations far too hard to monitor. The result was A5/1, a rather less strong cryptosystem. Whether the over the air path was encrypted or not didn’t really matter - as once your call hit the wired network it was transmitted in the clear.

Not every call can run in the clear.

Some contain significantly price sensitive information - details of a new drug, information about the location of an oil field, negotiations for a merger or an acquisition. It’s information that if it’s lost could cost you, or your business, a lot of money. There’s also no way of quantifying the risk. Then there’s information that could be damaging if it’s intercepted - the details of a divorce settlement, or a bitter custody dispute. You might also be a government employee, trying to keep secrets secret. And finally there’s the issue of the current economic downturn, where very little is certain - apart from the fact that industrial espionage always increases during a recession.

So how do you secure your voice calls?

You could buy a secure cellphone, but it’s not really an economic proposition - it’s expensive to run, the call quality is reltively poor, and there’s lots of lag. More importantly, the phones are large and obvious, so anyone who sees you make a call with one knows you have something to hide.

One alternative is a UK startup, Cellcrypt, which has developed a software voice encryption client that runs on a standard smartphone. We sat down with the CEO, Dr Simon Bransfield-Garth at RIM’s WES event in Orlando to find out more.

There’s a new mantra in the mobile industry: voice is data. Cellcrypt treats it just that way, using IP to connect devices together. The result is a service that’s secure over GPRS, 3G, and WiFi. All of the encryption is in the device, so there’s no reliance on the network - all you need to do is run an application that looks like a standard phone application. Just choose a contact, and the application secures a channel and makes a voice connection between two devices.

The authentication key is set using RSA and 204-bit elliptic curve Diffie Hellman (elliptic curve cryptography gives you a lot of encryption per bit, and is very efficient). Once a session has been authenticated Cellcrypt generates a session key to handle the conversation cryptography, using 256-bit AES wrapped in 256-bit RC4. The whole process is currently being certified for government use by FIPS, and there are plans to go through the UK’s CAPS certification.

One thing to note - there is a server in the cloud to handle call connections and routing, but it doesn’t do any cryptography at all, it just handles the call initiation and licence management. There’s also no central key server, and keys generated from first principles in the phone - giving you a very secure end-to-end environment.

I gave it a try - even in the crowded wireless spectrum of WES the call quality was good. There is some latency, which is only to be expected, and the lower the quality network, the greater the latency. WiFi networks should expect 250ms, 3G, 370ms, and 2G, 500 ms. The business model is based around a service fee of $1K/person/year.

–S

12345
Rated: 20% (1 votes)
Loading ... Loading ...

Previous Post | Next Post

 
 
Comments

Trackback by Savanna Bottone - February 9, 2012 on 3:39 am

greenpeace usa interest group…

[…]his loved ones and hundreds of thousands of worldwide supporters, campaigners and celebrities wait patiently […]…

Trackback by Wade Clammer - February 9, 2012 on 8:39 am

will smith dead or alive…

[…]ready brief even though ago, “Mom athlonsports are exceeded shin as properly as knee players, I […]…

Make a comment

* required

* required

We stop spam using reCaptcha.
Type the words below and click Submit Comment.

   
Tag cloud

Mercury usb how do I get the back off? data loss Quest smartphone wubi cam clean install ADFS 2.0 collaboration adfs media Numenta macro Itanium evernote management flash drive electricity price CES microsoft security essentials it pro Hugh Thompson Motorola exchange goview battery life fire terabytes T9 gameboard html uninstall Intel netbooks eu active digitiser social networking no signal yahoo Wimbledon MacWorld 2008 fingerprint scanner Mozilla semiotics business technology optimisation secure Palladium LiveID Ruby On Rails international roaming isp Clear RX acquisitions xT9 competition Frauenhofer pen computing MWC SP1 VSSAdmin tablet privacy cisco bugs flex calit2 Beacon office 2010 voice recognition griffin Windows Live streaming media multiple monitors offload Gartner OpenID mobile working colossus disaster recovery information rights management Fire Eagle nvision08 ribbon sun service oriented enterprise AMD IT value keyboard mobile Visual Studio MING Eee PC demo09 venture capital apps numbers SBS power supply enterprise architecture Bing politics enterprise wireless USB fingerprint GPL education target 2009 965 patch Tuesday mythbusters Google Jeff Hawkins optical interconnects microsoft research OFCOM open innovation data task bar outlook display Corsair co-processor information hierarchical temporal memory whitelist ProCurve advertising g-1 Apple backhaul annotation aws rich client training geotagging Tablet Kiosk geocaching fibre social engineering HSPA Express Gate project Opsware future in review cables DLP Active Directory lost server business model g-2 culture design screencam Delphi fault cloud identitity network Chrome gamer desktop. PC phone management server sprawl installation HTC Xen beta test Netscan TSA android MRDA traffic appzero spam business intelligence Live Mesh phone settings docking station wildfire iPhone software isps CTO Toshiba Portege R500 tennis Google Spreadsheets Tim Berners-Lee Internet hyper-v moscow bombe utility AuthenTec windows server 2008 r2 pgp Tablet PC Vodafone pre-boot hdmi wifi CIO CUDA Microsoft FUD ultraportable Previous Versions lawsuit appstore citrix system management ruggedized WPF O'Reilly virtualisation Verbatim user experience Mark Hurd gabriola anti-patterns identity theft netbook Istanbul spam fighting drivers logitech web high performance computing history futura NGSCB power saving ipv6 Opteron installer IT policy bolt Windows Server 2008 rtm lockdown legislation Windows Mobile Safari TechEd 2008 BES green printing Netscape T-Mobile 64-bit Crossfader business continuity Internet Explorer web2expo Jeff Jones emulator IO EMC Trampoline market share media center networks Opera rc OEM consolidation accessories mapping icons BT Google IO Ruby credit crunch old software NexT Asus security paradox regulation upgrade Magny-Cours Google Sets business technology automation biometrics trends Mono UMPC ontier vulnerabilities ClipMate Reqall windows Gears designer browser M&A Java migration performance business teched support distributed computing atom cold fusion EEE mms 2009 geek tourism data tariff parallel computing Moonlight Web 2.0 WEI screen d2c power cuts downturn hard drive control panel developer information cards green IT bandwidth p2v radeon application compatibility laptop MAX security theatre virtual desktop troubleshooting Bill Cheswick cloud computing Treo Pro O2 analytics MacBook Air tele atlas Xobni cloud service google online applications Tombstone Objects cosmic rays RIM RBL webkit demo RSA 2008 codec SSD SMB 2 HP HSDPA BitLocker dual display firewall TouchSmart MIX Volume Shadow Copy maps magic safend fonts exabytes processors Trolltech ec2 deperimeterization i-mate cracking Secunia turing Acrobat Pro hold music public cloud data loss prevention Palm .NET insert SIM Tripit Nuance Windows Server IT automation mobile ofcom network video Wyse cellcrypt case data centre ANR mobile broadband community SapphireSteel dvi ubuntu Dell Smartbook mysql HMT user interface security merger beta thin client NVIDIA RAZR Vista private cloud Linux patent anti-trust Seagate disk thermo Salesforce monitor telecoms Sony CPU DOSBox encryption conferences IT transformation Facebook bletchley park ports Skyfire camera machine learning Girl Geek Dinners search ipsec hp microsoft research ucsd visualisation RIA power AIR bug mscape malware GPS ballmerbot database christmas workflow winhec2008 verdana robot AskEraser catalyst flash IIW2008b hacking interoperability Internet Explorer 8 data centre transformation DSL conference benchmark Adobe quiz natural interface macbook todo list context OQO mash-up Trend Micro Nokia people routing gaming mobility oracle email infrastructure remove back national museum of computing productivity IDF DOS amazon geneva storage office politics Enterprise 2.0 BBC WWW CardSpace Qualcomm navteq Credentica windows 7 bbc iplayer GPU wes images system center Bill Gates IM Loki instant messaging DisplayLink etech Protected View iPass BlackBerry QWERTY 2.0 Barracuda virus open source pixetell identity metasystem dual boot ikea office transcoding anti-virus NAS web 2.0 expo october disk space amherst Silverlight accelerator Tom Hogan Greasemoneky hibernation relocation Location Ray Ozzie utilities regulations Dopplr direct access hardware development twitter Mini-Note police mainframe HTML 5 server CERN netiquette Hp 2710p congestion charge WinHEC connectivity Ask.com Lenovo applications navigation Pal forensics Windows 7 vs Windows Vista mobile Linux mobile network deborah adler voice augmented reality claims toshiba bea meaning IBM SKU mobile data tariffs london Large Hadron Collider vmware wave ATI legacy MIX08 RSS search city switch greenplum 3G setup Embarcadero timezones licensing Firefox moblin LHC
Advertisement

   
Archives

   
Most commented posts

   
Highest Rated Blog Posts

Advertisement