Technical Sheet - CSD
We only use open, transparent and standard encryption protocol. End-to-end security between phones is provided by ZRTP, the open IETF standard voice
encryption system invented by Philip Zimmermann that requires human-based verification for the encryption of a call. Security is established between
the caller phone and the called one without any ability of any networking.
Since there was encryption standard just for Packet Switched telecommunication technologies (Internet/IP, VoIP, ZRTP, SIP, RTP, SRTP), but not for securing
Circuit Switched ones (GSM CSD/HSCSD, ISDN, PSTN, SAT), we invented, in partnership with Philip Zimmermann, ZRTP/S, a way to use ZRTP over a non-IP
communication channel. ZRTP/S provides transport of ZRTP and SRTP packet along with identification and capability exchange of peers of a phone call
over a 9600bps channel without IP. The communication could be easily described as a “RS323 serial connection between two phones over the telephony
network” on top of which ZRTP/S exchanges ZRTP-encrypted voice packets.
ZRTP and ZRTP/S use only the best symmetric and asymmetric encryption and hashing algorithms.
· ZRTP uses ECDH 384bit for asymmetric encryption DH key exchange in compliance with USA NSA Suite B security requirements, NIST SP800-56A
standard and ECDSA FIPS 186-3. It could be configured also to use other ZRTP/S supported encryption algorithms for compatibility with third
party software supporting ZRTP/S.
· ZRTP/S employs AES256 in counter mode (CTR) for symmetric encryption in compliance with FIPS 197 security requirements.
The ZRTP/S payload is compatible with the SRTP protocol and its standard security features.
Random number generation
The random number generation is seeded by an unpredictable physical source of entropy (voice audio sample recorded from microphone and free
running counters available on ARM processors) that complies with FIPS-186-2-CR1 security requirements. It is further processed by a Deterministic
Random Bit Generation, compliant with NIST SP800-90 security requirements.
All encryption related libraries and technologies used by PrivateGSM are provided 100% free of backdoor. The source code of the security library is
provided for free in open source and has been publicly reviewed by Philip Zimmermann and by a vast number of scientific communities. The open source
solution guarantees a politically neutral solution and provides much easier source code review activities.
In order to operate over ultra-narrowband communication channels like GSM CSD, running at 9600bps, PrivateWave employs AMR audio codec that
compresses the voice that will be enciphered and then sent across the network. The Adaptive Multi Rate codec, running at 4750bit/s, reduces the amount
of data to be sent across the network, thus reducing the impact of cell handover on CSD calls. In order to reduce further the required bandwidth and to
maximize the radio resource efficiency, we employ voice activity detection (VAD) techniques that prevent the phone from sending full data while not
CSD additional data number
To place a PrivateGSM data call, the user has to enable CSD calls (data & fax) and he/she needs to ask his/her mobile operator which is the additional
data number assigned to his/her SIM card (the same SIM used for standard calls). This service is usually available through subscriptions, and is not
always available through prepaid cards. Note that most 3G operators do not provide it.
GSM operators have a quite heterogeneous support for GSM Circuit Switched Data calls. While travelling abroad, for instance, the roaming operator may
not support CSD calls properly. PrivateGSM, if a connection error occurs, automatically redials the call by reconnecting across all roaming available
More information at: firstname.lastname@example.org www.privatewave.com