Cellcrypt mobile for_android_social_slides_140611


Published on

Cellcrypt Launches Encrypted Voice Calling for Android Smartphones. Cellcrypt Mobile provides encrypted voice calling for off-the-shelf cell phones using government-certified security in an easy-to-use downloadable application that makes highly secure calling as easy as making or placing a normal phone call. It is a software-only solution that uses the IP data channel of cellular (2G, 3G, 4G), Wi-Fi and satellite networks and can be deployed to personnel anywhere in the world in as little as 10 minutes.

Published in: Technology, Business
1 Like
  • Be the first to comment

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide
  • Cellcrypt is the leading provider of voice call encryption on off-the-shelf mobile phones – including Android™, BlackBerry®, iPhone ®, and Nokia® smartphones – that enables secure calling to mobile phones and office phone systems (PBXs) to allow landline calling as well as access to standard PBX features such as voicemail, conference calling and calling out to the public phone network. You may want this if you need to keep private and sensitive conversations protected from cell phone interception, especially if you travel abroad where this is common practice.
  • Device Attacks: One method of interception that bypasses the call entirely is by placing a listening device (hardware or software) in the mobile phone, which monitors the microphone and speaker, and records or forwards the call to the eavesdropper. Active Attacks: This attack uses a radio scanner to intercept and manipulate the radio signal between the mobile phone and the cellular base station tower. It exploits a particular weakness of some cellular systems whereby mobile phones do not check the authenticity of base stations that they connect with. Because mobile phones continually scan radio waves and switch to base stations with the strongest signals, it is easy for a scanner that impersonates a base station to cause all mobile phones in an area log on to it simply by transmitting the strongest signal. Once a scanner has control of a connected mobile phone, it then manipulates communications in several different ways. First and most simply, it can redirect outgoing calls from the mobile phone through its own communication channel and record the call. If standard encryption (as deployed by carriers) is being used then this attack is able to instruct the mobile phone to turn its encryption off, thereby bypassing the normal encryption between the phone and the base station. The unencrypted call is then readily eavesdropped. Hackers have demonstrated simultaneous interception of hundreds of mobile phones in this way using a software defined radio transceiver costing less than $1,500, and also four hacked mobile phones as transceivers, each costing $15. The software is open source and free to download. Network Attacks: Exploits network hardware such as base stations or microwave repeaters where encryption is not used Passive attacks: This method also intercepts the radio signal between the mobile phone and the base station but simply decodes the signals without needing to interfere with them. Passive scanners contain advanced processing software that can be run on a laptop and a programmable radio receiver and antenna. Without disturbing the normal operations of the cellular network, the passive scanner listens to the radio waves of the mobile phone call and processes them. Depending on the sophistication of equipment used, individual calls can be targeted or multiple calls harvested. This attack is particularly dangerous because it is impossible to detect, however it is also challenging because it has to break the call encryption. Insider Attacks: One common method of interception exploits the internal infrastructure of telecommunication networks, which can often prove to be the most vulnerable part of the call path. These networks decrypt calls at the base station so that they are transmitted onwards across fixed lines as unencrypted calls and can be intercepted by internal staff who have been bribed, threatened, coerced or even joined the company specifically to make an attack. Alternatively, compromises have occurred at the bases stations and within repeater equipment that use unencrypted microwave signals. Additionally, internal systems – including lawful intercept systems – used to monitor and manage the calls may be subverted to illegally intercept calls.
  • At the same time as the threat level increasing, the use of cell phones for discussing sensitive and confidential information has also increased, even among government employees, due to the ease of use, ubiquity and interoperability of mobile phones. This leads to an increased need for government-grade end-to-end protection that provides assurance that call security is controlled along all points of the call path between caller and recipient and risks are adequately mitigated in compliance with internal security policies.
  • Cellcrypt Mobile provides encrypted voice calling for off-the-shelf cell phones using government-certified security in an easy-to-use downloadable application that makes highly secure calling as easy as making or placing a normal phone call. It is a software-only solution that uses the IP data channel of cellular (2G, 3G, 4G), Wi-Fi and satellite networks and can be deployed to personnel anywhere in the world in as little as 10 minutes.
  • Cellcrypt has launched Cellcrypt Mobile™ for Android™, a version of its encrypted voice calling application that runs on Android devices operating over Wi-Fi™, GSM and CDMA wireless networks. Cellcrypt Mobile for Android is available immediately on devices supporting Android 2.3 and is interoperable with Cellcrypt running on other devices such as Nokia and BlackBerry® smartphones.
  • It’s a standard downloadable app. To make a call click on the app icon.
  • Select the caller from your Cellcrypt address book, or
  • Press on the phone icon to make a call.
  • Or use the key pad to dial the number manually.
  • What is happening here is that the phones are authenticating each and generating a secret key that they share to encrypt and decrypt the voice call. Cellcrypt uses strong cryptographic protocols recommended by governments to do this including 2048-bit RSA and ECDSA for authentication and Elliptic Curve Diffie Hellman and RSA for key exchange. When the call connects the audio is encrypted on one phone using the secret key, sent across the internet as IP traffic, and decrypted on the other phone. The app is unique in that it first encrypts the voice with 256-bit AES and then re-encrypts it a second time using 256-bit RC4. Until the channel is secure the other phone will not start ringing.
  • The other device is running Cellcrypt Mobile in idle mode but after the channel is secured then it wakes up and rings. To answer accept the call in the usual way.
  • The call is encrypted end-to-end which is important because nothing else has access to the keys and even if the call were intercepted it could still not be decrypted and would remain unintelligible and secure. There is now an encrypted voice call secured securing to government-grade cryptographic standards provided in a downloadable app on a standard Android – it’s as simple as that.
  • Founded in 2005, Cellcrypt's R&D innovation resulted in Encrypted Mobile Content Protocol (EMCP), an Internet Protocol (IP) based technology that optimizes delivery of encrypted data between mobile devices over wireless networks. EMCP solves the technical challenge of delivering reliable high-performance encryption of voice data over networks with low bandwidth and varying connectivity.
  • For more information contact Cellcrypt today on www.cellcrypt.com. Copyright © 2011 Cellcrypt Inc. All rights reserved. All trademarks used herein are the property of their respective owners.
  • Cellcrypt mobile for_android_social_slides_140611

    1. 1. Encrypted Voice Calls on Smartphones Introducing Cellcrypt Mobile™ for Android™
    2. 2. Cell phone calls are vulnerable <ul><li>Active Radio Attack </li></ul><ul><li>‘ Man in the middle’ pretends to be a cell phone base station </li></ul><ul><li>Instructs phone to turn off encryption </li></ul><ul><li>Insider Attacks </li></ul><ul><li>No/weak encryption on backhaul </li></ul><ul><li>Bribed or coerced employees subvert internal systems including lawful intercept </li></ul><ul><li>Network Attacks </li></ul><ul><li>Exploits network hardware such as base stations or microwave repeaters where encryption is not used </li></ul><ul><li>Device Attacks </li></ul><ul><li>Hardware or software listening/recording device is placed on device to bypass call encryption </li></ul><ul><li>Requires device access so can be foiled by device management </li></ul><ul><li>Passive Radio Attack </li></ul><ul><li>Undetectable, listens passively to calls </li></ul><ul><li>Decrypts calls if encryption is turned on by carrier </li></ul>Mobile Carrier Fixed Line Network
    3. 3. Cellcrypt secures your calls
    4. 4. Cellcrypt Mobile™ <ul><li>Downloadable software application for smartphones </li></ul><ul><li>As easy as making a normal phone call </li></ul><ul><li>Available over cellular, Wi-Fi and satellite networks </li></ul><ul><li>Unmatched call quality across 200+ countries </li></ul><ul><li>Strong security </li></ul><ul><ul><li>NIST FIPS 140-2 validated security </li></ul></ul><ul><ul><li>End to end encryption (crypto only at endpoints) </li></ul></ul><ul><ul><li>No central key management server & no access to keys </li></ul></ul><ul><li>Easy to use & deploy </li></ul><ul><ul><li>Software-only, deployable over the air in minutes </li></ul></ul><ul><li>Performance </li></ul><ul><ul><li>Interoperable between different smartphones and networks </li></ul></ul><ul><ul><li>Lowest latency </li></ul></ul><ul><ul><li>Highest voice quality </li></ul></ul>
    5. 5. Cellcrypt Mobile™ for Android™ As easy as making a normal call
    6. 6. To make a call click on the app icon
    7. 7. This opens your secure address book
    8. 8. Select the number you wish to call
    9. 9. Or dial the number on the key pad
    10. 10. Securing the channel with government-grade encryption
    11. 11. The channel is secured
    12. 12. An easy, encrypted voice call
    13. 13. Cellcrypt at-a-glance <ul><li>Pioneers in Encrypted Cell Phone Voice Calling </li></ul><ul><li>2005: Founders began developing core encryption & communications technology (EMCP) </li></ul><ul><li>2008: world’s first secure mobile-to-mobile IP-based software-only solution demonstrated </li></ul><ul><li>2009: Q1 world’s first secure mobile-to-landline IP-based software-only solution </li></ul><ul><li>2009: Q2 world’s first BlackBerry® secure voice solution (and first IP call on BlackBerry®) </li></ul><ul><li>2009: Q3 world’s first secure calling via satellite from business cell phones* </li></ul><ul><li>2010: Q1 SC Magazine Award Finalist “Best Encryption Product” </li></ul><ul><li>2010: Q2 world’s first BlackBerry/CDMA secure voice call </li></ul><ul><li>2010: Q3 world’s first IP-based software only encrypted cell phone conference calling service for business cell phones* </li></ul><ul><li>Leadership </li></ul><ul><li>BlackBerry Alliance Partner: First BlackBerry secure voice solution to market, referred by RIM </li></ul><ul><li>Inmarsat Alliance Partner </li></ul><ul><li>AT&T devCentral Certified Solution and approved IMAP Co-Sell Dealer </li></ul><ul><li>FIPS 140-2 certified by US National Institute of Standards and Technology (#1310) </li></ul><ul><li>Independent, privately owned, VC backed software company. US & UK ownership/leadership with offices in: </li></ul><ul><li>US (Vienna, Palo Alto, Miami) </li></ul><ul><li>Europe (London) </li></ul><ul><li>Middle East & Africa (Dubai) </li></ul><ul><li>Asia Pacific (Singapore) </li></ul>*Running on the unmodified operating systems of off-the-shelf smartphones, such as BlackBerry® and Nokia® smartphones
    14. 14. Cellcrypt Mobile™ for Android™ Thank you for watching www.cellcrypt.com