Cell Phone Encryption? 42
Black Diamond asks: "I know I'm not up to speed on cell phone encryption, but I was wondering, are there any cell phones that let you handle the encryption from your end of things? Something along the lines of a phone you hook up to your computer to input specific encryption keys for specific contacts, as well as a private key for yourself. Is such a thing plausible, or should you trust the standard encryption that comes on some cell phones nowadays?"
Similar to PGPfone... (Score:4, Informative)
There are both binaries and source code available here: http://www.pgpi.org/products/pgpfone/
Windows and Mac only, and it's a very crude app... It would be nice for someone to develop something more robust and with better features.
GSM phones encrypt anyway (Score:3, Informative)
That is one of the big advantages of digital cellular modes over older, analog cellular modes - the ease of adding encryption.
However, if you want to throw another layer on top of this, it gets more difficult - since digital phones take the audio signal and vocode it, you cannot just scramble your voice and feed it in - the vocoder won't know what to do with it and won't encode it properly. You would have to inject your signal after the vocoder but before the Viterbi/Trellis coding.
data encryption?? (Score:3, Informative)
Are you asking about encrypting the data stored on your fone? or encrypting the data transfer between your fone and your service provider?
If it is a Pocket PC
http://www.pointsec.com/core/default.asp
http://
However good encryption/decryption take up lots of CPU power, so I dont know how feasible it is to ecrypt all the data on your cell phone.
Re:GSM phones encrypt anyway (Score:1, Informative)
No they don't. The GSM protocol supports the capability, but it isn't necessarily turned on. At least one of the UK operators does not use it.
The algorithms are also dated, and it has been demonstrated that can be readily compromised, in real time, using off the shelf hardware available today.
BB
Re:Some thoughts from a ham (Score:4, Informative)
Nobody's been able to demonstrate real-time listening capabilities (yet).
But it is a well-known fact that the law enforcement guys have taps at the cellular switches, so they just plug into the call before it goes to hardwire -- they don't even bother trying to listen out of the air, and why should they? It's a lot easier to listen at the switch
Now, as for GSM, its encryption is definitely crackable in realtime... In fact, there have been industrial espionage problems across the English channel because of this
Re:GSM phones encrypt anyway - NOT (Score:5, Informative)
It would depend upon whom this guy wishes to protect his conversations against - J. Random Carbonunit or Special Agent TLA.
If the former, than the encryption used in GSM is enough - few people have the gear to modulate and demodulate a GSM signal with proper time slotting, time of flight correction, etc. Making a GSM signal is HARD - I build gear that does it.
If the latter, then they won't screw around picking the signal off the air - they will throw a CALEA intercept on his phone when it hits the PTSN. Then the only thing that can protect him would be VERY strong encryption seperate from the phone - which as I said in my first posting is difficult due to the nature of digital phones.
Lastly, if he is trying to protect himself from Special Agent TLA, encrypting his signal like this won't help - it will just raise a big red flag saying "Look At Me! I Am Hiding SomeThing!". He would be far better served making an innocuous word code and using that.
It is possible, and it is real (Score:5, Informative)
Of course, lack of standard make these chips non-interoperable (not encryption/decryption but key management). Once it becomes popular standards need to emerge.
...with the resources... (Score:2, Informative)
Unless you enjoy designing custom analog/digital hardware, there is just no way you're going to override the single byte in a stream that selects clear encoding, and then just listen to a clear channel conversation. The "man in the middle" attack is your only hope for using off the shelf toys. You'll need proper amps., a sharply directional antenna, and GSM phone-test-set that will exchange two-way pcm data with sufficient programability to allow you to emulate the mark's usual carrier signature, and a GSM test phone that outputs it's received PCM data in digital format so you don't have to go analog to digital again (which would sound atrocious given the kinds of compression involved).
Assume you could get these things, expand their capabilities and get them to communicate smoothly, you still wouldn't get the right caller ID unless you intercepted the challenge going to your test phone SIM from the carrier and repeated it to the mark's phone so you could be seen as having his IMSI. That would be yet another awesome hack to your credit.
And then of course you'd have to follow conspicuously closely to keep the mark from stepping behind something that blocked your signal (extra power won't help much in the microwave band).
Until we all start using it, encrypting your voice signal would certainly just shout "I'm hiding something."
If you want one of these conversations from your GSM phone, I'd go somewhere where they had GPRS or another GSM enabled data access method and send seriously encrypted VOIP traffic. If you want stealth, pick a location where you can get multiple GPRS timeslots (some phones support up to 128k bits) and package your voice in an encrypted stream like SSH. No one would think it unusual for a computer geek to ssh into his server from the field. The fact that one of your socket connections was a VOIP stream wouldn't be externally detectable.
Secure CDMA Phone (Score:1, Informative)
Re:Similar to PGPfone... (Score:1, Informative)
for Unix + PC) and Nautilus secure
phone. All free & Free.
PGPfone can do modem-to-modem.
Put them on your pocket PC
and cable that to your regular
cell phone.
Problem is the other end needs the
same setup.
Motorola (Score:4, Informative)
From what I understand, phones with this devices are aproved by NSA for secret transmittions.
Doing a google seach I came up with this:
http://www.cellular.co.za/phones/generaldynamic