Skip to navigation
   
Simon Bisson & Mary Branscombe's Blog
RSS

Locking up your voice

By Simon Bisson & Mary Branscombe in Editorial

Posted in Security, Mobile on May 6, 2009 at 10:59 pm

Permalink | Author Profile

Voice is mobile’s killer app. Secure voice? That’s another story.

Way back in the early days of the GSM specification, the designers came up with a voice cryptography standard, called A. Governments and security agencies  weren’t too happy as they felt that A was too strong - and it would make conversations far too hard to monitor. The result was A5/1, a rather less strong cryptosystem. Whether the over the air path was encrypted or not didn’t really matter - as once your call hit the wired network it was transmitted in the clear.

Not every call can run in the clear.

Some contain significantly price sensitive information - details of a new drug, information about the location of an oil field, negotiations for a merger or an acquisition. It’s information that if it’s lost could cost you, or your business, a lot of money. There’s also no way of quantifying the risk. Then there’s information that could be damaging if it’s intercepted - the details of a divorce settlement, or a bitter custody dispute. You might also be a government employee, trying to keep secrets secret. And finally there’s the issue of the current economic downturn, where very little is certain - apart from the fact that industrial espionage always increases during a recession.

So how do you secure your voice calls?

You could buy a secure cellphone, but it’s not really an economic proposition - it’s expensive to run, the call quality is reltively poor, and there’s lots of lag. More importantly, the phones are large and obvious, so anyone who sees you make a call with one knows you have something to hide.

One alternative is a UK startup, Cellcrypt, which has developed a software voice encryption client that runs on a standard smartphone. We sat down with the CEO, Dr Simon Bransfield-Garth at RIM’s WES event in Orlando to find out more.

There’s a new mantra in the mobile industry: voice is data. Cellcrypt treats it just that way, using IP to connect devices together. The result is a service that’s secure over GPRS, 3G, and WiFi. All of the encryption is in the device, so there’s no reliance on the network - all you need to do is run an application that looks like a standard phone application. Just choose a contact, and the application secures a channel and makes a voice connection between two devices.

The authentication key is set using RSA and 204-bit elliptic curve Diffie Hellman (elliptic curve cryptography gives you a lot of encryption per bit, and is very efficient). Once a session has been authenticated Cellcrypt generates a session key to handle the conversation cryptography, using 256-bit AES wrapped in 256-bit RC4. The whole process is currently being certified for government use by FIPS, and there are plans to go through the UK’s CAPS certification.

One thing to note - there is a server in the cloud to handle call connections and routing, but it doesn’t do any cryptography at all, it just handles the call initiation and licence management. There’s also no central key server, and keys generated from first principles in the phone - giving you a very secure end-to-end environment.

I gave it a try - even in the crowded wireless spectrum of WES the call quality was good. There is some latency, which is only to be expected, and the lower the quality network, the greater the latency. WiFi networks should expect 250ms, 3G, 370ms, and 2G, 500 ms. The business model is based around a service fee of $1K/person/year.

–S

12345
Rated: 20% (1 votes)
Loading ... Loading ...

Previous Post | Next Post

 
 
Comments

Trackback by Savanna Bottone - February 9, 2012 on 3:39 am

greenpeace usa interest group…

[…]his loved ones and hundreds of thousands of worldwide supporters, campaigners and celebrities wait patiently […]…

Trackback by Wade Clammer - February 9, 2012 on 8:39 am

will smith dead or alive…

[…]ready brief even though ago, “Mom athlonsports are exceeded shin as properly as knee players, I […]…

Make a comment

* required

* required

We stop spam using reCaptcha.
Type the words below and click Submit Comment.

   
Tag cloud

Mono dvi insert SIM Hp 2710p cellcrypt MacWorld 2008 Gartner ontier oracle business technology automation verdana Google IO bolt Mercury MacBook Air office politics benchmark quiz i-mate CIO greenplum Clear RX pgp drivers credit crunch nvision08 congestion charge TouchSmart AMD instant messaging Itanium uninstall education data loss prevention Google Sets SP1 london venture capital analytics Tombstone Objects national museum of computing Visual Studio webkit timezones designer performance annotation Previous Versions no signal Palladium Windows 7 vs Windows Vista bug hardware Express Gate data centre windows server 2008 r2 DOSBox bandwidth images disk display IT value 2009 enterprise architecture 965 storage wireless USB dual boot NAS radeon ballmerbot fonts business public cloud migration email Tablet PC server sprawl gabriola IT transformation biometrics fire T9 VSSAdmin Volume Shadow Copy cloud information cards RSA 2008 how do I get the back off? etech ucsd monitor SSD productivity security paradox LiveID QWERTY voice recognition Trampoline mscape parallel computing connectivity Opsware office 2010 LHC Tablet Kiosk web setup information rights management media center utilities hierarchical temporal memory citrix open source ClipMate isp phone settings project mobile data tariffs cloud computing cold fusion Delphi context gamer Silverlight toshiba rich client visualisation conference Google Spreadsheets cisco amherst christmas eu netiquette IM Crossfader data tariff processors switch consolidation business continuity database robot october Sony Credentica Trend Micro clean install Qualcomm bea html identity metasystem green IT Wimbledon moblin Ruby On Rails mobile Linux target android MING development RIM city usb secure security trends support HP winhec2008 Microsoft GPL virtual desktop CUDA identitity legacy mapping geocaching fingerprint scanner power cuts Vista FUD SapphireSteel M&A flash drive lockdown OFCOM icons battery life active digitiser mainframe data Intel hard drive Enterprise 2.0 social engineering Safari Apple terabytes Nuance networks market share futura international roaming ruggedized accelerator fault CPU Greasemoneky service oriented enterprise phone management deborah adler Quest O'Reilly Opera keyboard geek tourism Internet Explorer 8 history yahoo Vodafone windows 7 beta Firefox mash-up Barracuda cam video Eee PC hold music Xobni ipv6 Istanbul mms 2009 web2expo pen computing hdmi rc macro 2.0 aws Opteron MWC colossus optical interconnects HTC O2 advertising appzero mobile broadband BitLocker Verbatim EMC NGSCB netbooks Windows Live user experience DOS ubuntu Internet IDF streaming media media private cloud enterprise HMT deperimeterization police todo list GPS Protected View Wyse Asus MRDA Jeff Jones politics ultraportable Fire Eagle demo09 screencam acquisitions Linux culture flex distributed computing hp microsoft research Large Hadron Collider Web 2.0 Tom Hogan outlook Xen g-1 mobile legislation software wes sun windows emulator network remove back rtm Bill Cheswick CTO bletchley park management data loss community OpenID UMPC bugs catalyst goview power saving gaming Girl Geek Dinners collaboration Bing RSS search numbers task bar TechEd 2008 tennis Dopplr web 2.0 expo malware Google Magny-Cours navteq magic installation DSL codec WinHEC .NET Reqall user interface maps NVIDIA routing geotagging vmware apps open augmented reality virtualisation ATI CERN ribbon Mark Hurd Bill Gates IT automation Location Toshiba Portege R500 fingerprint AIR SKU regulation mysql server tele atlas camera docking station machine learning CES natural interface GPU Java RIA d2c adfs Salesforce interoperability traffic spam fighting Hugh Thompson claims downturn disk space anti-trust Chrome HTML 5 BBC IIW2008b exabytes green printing EEE infrastructure information direct access Netscape flash logitech cracking Skyfire design developer Lenovo browser teched Palm merger TSA Windows Server 2008 thin client exchange dual display Loki AuthenTec fibre g-2 Dell isps MAX BT cables beta test lost server semiotics Moonlight ports Active Directory high performance computing encryption upgrade forensics offload privacy WWW anti-virus griffin Mini-Note twitter future in review search virus 64-bit conferences multiple monitors pixetell application compatibility Tim Berners-Lee vulnerabilities electricity price system management BES Smartbook Tripit BlackBerry system center Ask.com WPF wifi Ruby Beacon Numenta hacking office ANR business model data centre transformation Netscan demo HSDPA Ray Ozzie IT policy Windows Server utility hibernation ProCurve ipsec cloud service google online applications disaster recovery DLP social networking OQO training WEI accessories patent mobility Seagate amazon gameboard Internet Explorer Live Mesh wave innovation microsoft research DisplayLink Motorola 3G anti-patterns firewall Treo Pro smartphone macbook patch Tuesday SBS RAZR mobile working licensing MIX competition ec2 identity theft xT9 whitelist atom control panel transcoding IO lawsuit ikea bombe iPass case Gears meaning business intelligence voice navigation AskEraser co-processor geneva Frauenhofer OEM laptop CardSpace relocation Nokia thermo turing mobile ofcom network people mythbusters pre-boot evernote Adobe IBM screen installer tablet SMB 2 microsoft security essentials MIX08 iPhone mobile network Trolltech Mozilla troubleshooting Facebook applications T-Mobile workflow Embarcadero RBL NexT power supply Jeff Hawkins appstore safend Corsair Windows Mobile hyper-v power calit2 backhaul wubi business technology optimisation Acrobat Pro Secunia ADFS 2.0 cosmic rays it pro spam desktop. PC telecoms Pal regulations moscow p2v bbc iplayer HSPA netbook old software wildfire security theatre
Advertisement

   
Archives

   
Most commented posts

   
Highest Rated Blog Posts

Advertisement