Dear Readers,
i am looking for a secure communication solution.
So far i found the following products:
1)
http://www.cryptophone.de
- This product is bundled with the qtek 2020 hardware
+ seems to be trustworthy (opensource & reviewed by the hacker club CCC)
- costs about 1800 Euro's
2)
http://www.raseac.com.br/
+ seems to be usable with every platform (pdaI, pdaII, pdaIII)
+ software-only solution
- not opensource
- no codereview by a thrustworthy organisation
- costs about 250 euros
Do you know any further products?
Are there any free & opensource products for secure voice communication like gnupg for data encryption?
kind regards,
Ben
No one?
I apreciate any information regarding further gsm voice encryption products.
kind regards,
Ben
Related
My company developed a product that uses GSM/CSD mode to send voice encrypded using 256 bits Rijndael. I don't know if in Europe my product works. I have a XDA working fine here in Brazil. I will apreciate if my software could be tested using the XDA and XDA-II (we don't tested-it with the XDA-II), because we don't have how to test-it in Europe.
My site is http://www.raseac.com.br , and in the site we have a working demo with 128 bits security and one minute of conversation per call. We have also a manual in PDF format (in english).
I will apreciate some help from Europe.
My personal e-mail is MOD EDIT: REMOVED EMAIL
Please erase the [REMOVE] in the e-mail.
Thank You.
Cesar Bremer Pinheiro
cesarbremer said:
My company developed a product that uses GSM/CSD mode to send voice encrypded using 256 bits Rijndael. I don't know if in Europe my product works. I have a XDA working fine here in Brazil. I will apreciate if my software could be tested using the XDA and XDA-II (we don't tested-it with the XDA-II), because we don't have how to test-it in Europe.
My site is http://www.raseac.com.br , and in the site we have a working demo with 128 bits security and one minute of conversation per call. We have also a manual in PDF format (in english).
I will apreciate some help from Europe.
My personal e-mail is MOD EDIT: REMOVED EMAIL
Please erase the [REMOVE] in the e-mail.
Thank You.
Cesar Bremer Pinheiro
Click to expand...
Click to collapse
I think you might consider looking also for European based solution, similar but using specifically MDA / XDA for encrypted comm
http://www.cryptophone.de/html/products_en.html
BTW when you consider introducing fully fledged and operational version for wm2003 ??
regards, monika
Thank you for your interest in our product.
We will test our product with the wm2003 in the next month, but we can't have a date limit to finish the compatibility test yet. There are a lot of hardware available to run our product. I will remember you that we are selling software (not hardware like cryptophone), and to sell our product we need to make compatibility tests in a lot of hardware . Our idea in this case is, if you have a hardware available (like the XDA), you only need to buy a software (and not the hardware that you already have). You investment in this case will be US$149,99 for the 128 bits version (US$ 249,99 for the 256 bits) in order to have a solid voice encryption product. Our product uses a TAPI modem linked with a PocketPc 2002 handheld by cable, bluetooth or a compactflash connection, and uses fixed, cellular and satelite lines. We tested the Raseac Secure Phone it in a lot of hardware (we have our product in our lab running in a XDA). We don't know about the CSD (Circuit Switched Data) quality in GSM networks outside Brazil (we are asking the readers to test-it and send us their comments). The bonus in this case is the use of a solid 128 bits voice encryption software free for one minute of conversation per call, with no limits in the number of calls (our freeware version).
Thank you.
Cesar Bremer Pinheiro
Sorry for the mistake in the price: The correct values are US$149.99 for the 128 bits version and US$249.99 for the 256 bits version.
Thank You.
Cesar.
How do we know if the software is actually carrying out the encryption, and that the voice is actually being encrypted is there something obvious that will let me know this.
The encryption is the easier part to be done in this system, if you see the user's manual, the most part of the system is the user interface and its architecture (our strongest point is our system design).
If you made a system that sends and receives voice without encryption, in our case you have 90% of the work done (error correction, codec optimization, software optimization). Think about reading the voice signal, compressing this signal using a voice codec, building the telephony interface, optimizing the code (our system is full-duplex), working a lot to optimize the code and let it running with quality), and until now i am not talking about encryption.
You can see in the google a lot of stuff about encryption (random number generators, hash functions, encryption functions), the encryption library available is huge.
After that work done to send and receive voice in a 4800 bauds line, you will see that 95% of the job is done. But i will remember that: To this system be a security system, all this design must be done before build the system. It is very dificult to transform a voice transmition system in a good security system(almost impossible) if you don't thing in security before building the system.
Now a little bit about encryption.
Our design is completely different from vast majority of the voice systems designs, we use block mode encryption and CBC mode encryption. The vast majority of the systems designs uses streaming mode. We generate an external random file in order to use the random numbers by the system. You can analyse this random file, it passes in the Diehard test (you can download the Diehard test and submit our generated file).
Each contact used by the system have its own master key, and you can edit this contact master key.
If you change one bit of this contact master key in your handheld, you will not be able to do the voice connection with the other handheld.
After reading our user manual, available in our site, you will see that this system was carefully built having security in mind, because you will see that you will have a 50 pages manual with a lot of information about security, and I invite you to read this manual (again, you will see a lot about our system design in this manual).
The Raseac Secure Phone security system spec will be published in february, and after that we will ask for an independent organization to analize our source code and publish the results (We think that the common user doesn't have the competence to analyse the source code). Our source code will not be available to the public only because commercial reasons, we sell software for commercial hardware available in the market (unlike our competition that sells proprietary hardware and have the copy protection inside their proprietary hardware), we have our system copy protection inside our code and we want to protect our intelectual property.
A little bit more about proprietary hardware systems: If you sell a hardware system and publish only part of the system (you can't garantee that the operational system was not changed in a dangerous way to compromise the security), the source published doesn't garantee the security at all.
Thank you.
Cesar Bremer Pinheiro.
MOD EDIT: REMOVED EMAIL
Please erase the [REMOVE] in the e-mail.
is it available in Asia?
I deployed my new site ( http://www.raseac.com.br ) with my new product, a Secure voice encryption system. My secure phone application works like the Cryptophone product.
It does the key exchange using ECDH (Elliptic Curve Diffie Hellman) with Koblitz 571 bits ( security equivalent to Diffie-hellman using 15000 bits) and AES (Advanced Encryption Standard) with 256 bits CBC mode encryption.
I tested it using XDA-II,iMate JAM, SP3i, Sp5m, k_JAM.
This new version consumed a lot of work and testing, it has a superb cryptography and nice voice quality.
It works half-duplex using OMAP 200 mhz and full-duplex with processors above 300 mhz. For the moment it works with texas OMAP and intel XSCALE processors)
I did not tested it using OmapClock to try full duplex.
In our site we have the Users Guide and our DEMO.
I would like to have another guys testing it using other equipments. If you want to take a look and can return to me your comments, i will appreciate.
Regards.
Cesar Bremer Pinheiro
Raseac Secure Phone developer.
Dear cesarbremer,
I would like to test your new Raseac Software, but I think the new Demo version use fixed key, it seems technically incomparable to real situations. If it is posible, please make it like your old way of implementing Demo version (limit sound quality/duration call).
Forgive me if my proposal is inconvenient to you.
However, I will test the software and post my results latter.
Thank you for your good work.
Regard.
Testing my application.
Dear Giangvn.
Thank you for your reply.
I think you will test and analyse the data exchange between the two computers.
I will need to prepare this new DEMO in order you can be able to test-it. The current version is doing all the key exchange, and doing AES 256 CBC encryption, the only difference is that it doesn't use the key generated by the ECDH, but a symmetric key using zeroes.
The process of preparing this new DEMO will require a little bit of work, because i need to prepare some defenses in different points of the program against hacks over the time limit.
I will prepare this DEMO with one minute of conversation. As soon as i finish it, i will post a message in this forum.
Best regards.
Cesar.
Dear Giangvn.
We are selling the first two licenses of our product for US$ 98.00 (Final price for 2 licenses - for a limited time).
Our product final price will be US$ 199.00 (above the second license), and will be for a short period of time.
In this way you will be able to use our full product and evaluate it without the time limit.
I received some warnings about possible problems if deploying a freeware secure DEMO version, and for the moment i won't deploy the time limit DEMO version.
Name: Cryptographic security for mobile phone information β NUME BETA
Developer: Crypto Telecommunication Security SA (CTS), Switzerland
Price: Free
Available at: GOOGLE PLAY; Amazon com
Genre: Data protection
Current version: 1.0
Description:
NUME BETA β the encryption software demo version, developed by CTS, the leading manufacturer of data security products, allows the users to try the software prior to making a purchase decision.
NUME BETA β the security system, designed to encrypt voice for subscribers, using Android mobile phones. Each of them should download the trial NUME BETA software in his mobile phone. The communication is performed over IP telephony CTS cryptographic servers. Itβs money saving compared to standard mobile networks, especially in roaming. AES 64 bit is used in NUME BETA.
The complete working NUME software version uses 256 bit encryption algorithm, developed by CTS and ensures the cryptographic protection for voice, E-mail, SMS, MMS, crypto-chat and crypto conference. Regarding NUME software sales please apply to CTS at www nume ch
This app look good but:
* not intended for normal people (more for business people)
* need for mobile internet (in my country is a problem)
* 64 bit AES encryption algorithm is not safe
In general, the application is very interesting.
Hello, sigcont! Thank you for appreciacion. This app is for thouse, who do not want a stranger interfere in his life. 64 bit AES encryption algorithm - only for demo version
So the question:
What could I do with 50 smartphones (HTC EVO 4g's on sprint) and / or 30 mobile hotspots (all with 1gb of free data - using Freedompop) ?
Looking for any and all ideas of potential services, apps or solutions that can be brought from this. All the Tools .... now what to build?!
************************************************** ************************************
Update: * Original idea developed from using these phones to help the less fortunate by providing free internet access + voip phone service... but looking for something....BIGGER - its so much power and data that can be used...but idk for what yet.
For more info: https://www.facebook.com/groups/808042115946987/
Conversation on Hack-A-Thon-Hackers on facebook: https://www.facebook.com/groups/hackathonhackers/permalink/1033517296703755/?pnref=story
I see there has been a few mentions of TMC here and there on xda that haven't amounted to much, but I came across an old article elsewhere that discussed the possible inclusion in android. Although several years old it has a link to a basic linux based software decoder.
Link - h**tp://linux.downloadatoz.com/simple-rds-tmc-decoder/
No special hardware required (UK anyway) as RDS data is received anyway by android head units radio. It just needs filtering and injected into appropriate nav. No special hardware necessary and no need for special mcu access.
I'm sure anyone born later than 2000 will never have heard of TMC and would cite google or waze as a better alternative of info / data received over an internet stream anyway.
While this is true, the cons are
1, needs permanent reliable data connection
2, reliance on google apps / services.
3, subject to google (and others) spyware, personal location tracking.
4, possible heavy data use costs.
5, not easy to implement in a head unit, and relies on a dongle or smartphone
6, may have in app costs associated.
RDS TMC has none of these disadvantages. It is always on provided FM radio is receivable. For basic info / data It is completely free, although some providers offer extra services and charge.
It has been around and used for years in win ce based systems (before android) yet it seems to have lost favour to android based manufacturers and users. Is that I wonder because of its advantages, and big companies want people to switch to more chargeable services with personal data harvesting??
What are peoples thoughts...?
I would love to have rds working with this radio so I could get it working with some nav programs.