Questions about the Cryptophone Technology

What kind of cryptography and what key length is used in the CryptoPhone?

All CryptoPhone calls are encrypted with 256-bit keys using AES and Twofish as counter mode stream ciphers. For SMS the algorithms are used in CCM-mode. Using both AES and Twofish results in much stronger encryption than using only one algorithm. For the highly unlikely case that a weakness is discovered in one of the algorithms, the use of the second algorithm provides still a sufficient margin of security. The use of the two very strong algorithms is a unique feature of the CryptoPhone. The key used is generated using a 4096-bit Diffie-Hellman shared secret exchange. For CryptoPhone calls a new key exchange is run for every call. For SMS the result of an initial key exchange is stored in the Secure Storage on the phone and used by means of a hash-chain.

The crypto block diagram is shown below:

Cryptoflow

What is the voice compression used in the CrypoPhone? How does it sound? Is there a delay?

The basic design of a secure GSM phone is to take the voice from the microphone, digitize it and run it through a compression algorithm, before encrypting it and sending it via a GSM data call to the other party. The compression algorithm is also called a codec and does with voice what mp3 does with music – making sure it takes up less data.

CryptoPhones use two different codecs. The original CryptoPhone code is called CELP, running at 8kHz. The output stream of the codec is 4.8kbit/second, enabling it to be transported over a 9,6kbit GSM data call. The new CryptoPhone codec, first introduced with the G10i+ and now integrated in all current-production GSMK CryptoPhones, is a custom development based on ACELP which provides significantly improved sound quality while reducing the necessary bandwidth usage. The ACELP variant has been specifically optimized for an output bandwidth of only 4 kbit/s, so the complete CryptoPhone stream including all overhead data requires less then 4,8 kbit/s.

The speech and sound quality you can expect is comparable to international phone calls. You should note that the overall speech quality depends on the GSM signal quality, so degradation does happen in low coverage areas. While in unencrypted GSM the sound quality gets bad and you would experience dropouts as the phone moves out of coverage, with the CryptoPhone under the same circumstances the call delay can increase. Simple indicators on the CryptoPhone show GSM signal coverage and call quality / delay.

All calls made with mobile CryptoPhone are subject to a certain delay in the call, as if your call is routed over a satellite link. Most of the call delay originates from the way GSM networks handle the data calls. The CryptoPhone must use the GSM data call instead of the normal voice call mode to ensure a transparent communications channel between the two CryptoPhones. Because the delay is a side-effect of all GSM data calls there is nothing we can do about it. All available GSM encryption products on the market suffer equally from this delay. The CryptoPhone itself introduces comparatively little delay from the voice encoding and encryption. By consequence, GSMK CryptoPhone secure fixed-line phones are not subject to any such mobile network limitations.

So what does the software architecture of the CryptoPhone look like?

Cp Software Architectur V1

I noticed that GSMK CryptoPhone mobile phones are based on Windows Mobile. Isn’t this a security risk?

GSMK CryptoPhone mobile phones run on top of a heavily modified and stripped-down Microsoft Windows Mobile operating system. Windows Mobile provides an affordable and well researched platform that offered sufficient performance for the speech encoding and crypto functions. A Windows Mobile based system was chosen as the first platform for CryptoPhone because it was the only sufficiently fast device allowed us to do software integrity protection in ROM and the stripping of unnecessary functions.

We are continiously evaluating other platforms for CryptoPhone products and will put up announcements of additional platforms in due time. Unfortunatelly there is at this point in time no viable mass-market Linux based phone with sufficient choice of devices form factors, performance, stability, hardware integration and availability on the market, as we of course would prefer a completely auditable source base for our products.

We are aware that there are risks associated with using any Windows platform and we have taken a number of extensive measures to mitigate these risks as best as we could. We removed applications, communication stacks and system parts that are unnecessary for the CryptoPhone’s operation and which may cause potential security problems. Since we introduced our operating system hardening, for every attack that was published against Windows Mobile we could show that we had already identified the threat and disabled the affected components years before in CryptoPhones. While this is no guarantee for the future, we have at least a provable continuous track record in respect to systematically securing mobile devices, which is much more than our competition has to show.

Most important for you as a user is that you should not install third party software on the CryptoPhone to prevent software based attacks on the firmware integrity. Protection against trojan software that is intentionally installed by the user is nearly impossible, so it is your responsibility as a user to prevent that risk. The CryptoPhone firmware update mechanism is cryptographically secured.

What other platforms do you plan to release the CryptoPhone on?

We plan to offer products based on fully auditable hardware platforms. Today, we have created a family of interoperable CryptoPhone products that offer the privilege of secure communication on all relevant networks. We will continue to build on our achievements and introduce support for ever more networks and device platforms. Watch our website for more specific products announcements.

FAQ Sections:

  • General Questions about Cryptophone Products
  • Questions about interception of GSM Calls
  • Questions about Cryptophone technology
  • Questions about published source code
  • Questions about purchase and usage of Cryptophone Products
  • Questions
  • about
  • Cryptophone Technology