The document discusses PrivateWave's mobile voice encryption solutions. It describes PrivateGSM software that provides encryption for phone calls on smartphones using VoIP over mobile data. PrivateGSM uses the ZRTP standard to provide end-to-end encryption with human authentication and key agreement. It can also use SRTP and provide end-to-site encryption when integrated with telephony infrastructure. The document emphasizes that PrivateWave's solutions use open standards like ZRTP and SRTP to ensure the technologies are politically neutral and not subject to backdoors.

1. The present docum ent cannot be used, m odified, published or copied in any m atter or m eans without
prior consent of Privatewave Italia Spa.
Mobile voice encryption
A revolutionary approach in voice encryption industry
Fabio Pietrosanti
CTO of PrivateWave
http://www.privatewave.com

2. The present docum ent cannot be used, m odified, published or copied in any m atter or m eans without
prior consent of Privatewave Italia Spa.
Agenda
• Corporate Information
• Mobile Voice Encryption Solutions
• Politically neutral technologies
• Voice Encryption Standards

3. The present docum ent cannot be used, m odified, published or copied in any m atter or m eans without
prior consent of Privatewave Italia Spa.
Corporate information
Who we are

4. The present docum ent cannot be used, m odified, published or copied in any m atter or m eans without
prior consent of Privatewave Italia Spa.
4
Our Mission
PrivateWave offer you the
m ost sophisticated
protection technology
through powerful and
easy-to-use phone call
encryption tools.

5. The present docum ent cannot be used, m odified, published or copied in any m atter or m eans without
prior consent of Privatewave Italia Spa.
• Established in 2005
• Research within Politechnic of Milan
• Financially robust (since 2008 or +4Mln EUR)
• Italian corporation, based in Milan
• +20 employees (majority with technical backgrounds)
• Corporate transparency as a key value
• Experts in telecommunication security
• AGT partnership in middle east
5
Corporate information

6. The present docum ent cannot be used, m odified, published or copied in any m atter or m eans without
prior consent of Privatewave Italia Spa.
We works with Industry technology leaders

7. The present docum ent cannot be used, m odified, published or copied in any m atter or m eans without
prior consent of Privatewave Italia Spa.
Mobile Voice Encryption Solutions
what do we do

8. The present docum ent cannot be used, m odified, published or copied in any m atter or m eans without
prior consent of Privatewave Italia Spa.
• We know that phone calls can be intercepted
But now…
• GSM can be cracked with 1500 EUR equipment
• Generic Radio HW + USRP1
• OpenSource cracking SW – Airprobe + A51crack
• I tested personally
• Everyone is a target
8
GSM is broken with cheap hardware

9. The present docum ent cannot be used, m odified, published or copied in any m atter or m eans without
prior consent of Privatewave Italia Spa.
• Software voice encryption product for smartphones
• Nokia S60 smartphones
• Blackberry Bold9700, Bold 9000, BB 8520
• iPhone 3GS, 4G
• Use VoIP (UMTS, GPRS, WIFI)
• Require installation at both parties
• Extremely easy to be used
• Time saving when face2face is not possible
• Ready for organization-wide distribution
• Increased user acceptance! No Dedicated Hardware!
9
PrivateGSM
Mobile Voice Encryption

10. The present docum ent cannot be used, m odified, published or copied in any m atter or m eans without
prior consent of Privatewave Italia Spa.
• PrivateGSM provide human based authentication with automatic key
generation and agreement based on ZRTP
10
PrivateGSM
Human based authentication

11. The present docum ent cannot be used, m odified, published or copied in any m atter or m eans without
prior consent of Privatewave Italia Spa.
• The user does not have to change the way he do
secure call respect to traditional calling
+801 Secure Prefix
11
PrivateGSM
Transparent to the user

12. The present docum ent cannot be used, m odified, published or copied in any m atter or m eans without
prior consent of Privatewave Italia Spa.
Differentiated Security Model
• Security model it’s highly relevant when defining
policies for secure communications
• Specific information require specific security model
• PrivateGSM support two security model
 Protecting from everyone
 Protecting from third party
12

13. The present docum ent cannot be used, m odified, published or copied in any m atter or m eans without
prior consent of Privatewave Italia Spa.
Protect from everyone
End To End Security
• The information is encrypted at the source and decrypted at the
destination.
• Anyone except the caller and the called can acquire the
communication.
13

14. The present docum ent cannot be used, m odified, published or copied in any m atter or m eans without
prior consent of Privatewave Italia Spa.
IPNetwork
Internet
MNO1
MNO2
Communication protected by ZRTP
End To End Security
Protect from everyone
Secure
Telephony
Infrastructure
PBX

15. The present docum ent cannot be used, m odified, published or copied in any m atter or m eans without
prior consent of Privatewave Italia Spa.
Protect from third party
End To Site Security
• The information is encrypted separately from the source to the
server and from the server to the destination with two different
operations.
• Anyone except the server, the caller and the called can acquire
the communication.
• The organization has the authority to eavesdrop it’s own
communication
15

16. The present docum ent cannot be used, m odified, published or copied in any m atter or m eans without
prior consent of Privatewave Italia Spa.
Protect from third party
IPNetwork
Internet
MNO1
IP Phone
(Snom)
Communication protected by SRTP/SDES
End To Site Security
Secure
Telephony
Infrastructure
PBX

17. The present docum ent cannot be used, m odified, published or copied in any m atter or m eans without
prior consent of Privatewave Italia Spa.
17
Different secure model for voice encryption

18. The present docum ent cannot be used, m odified, published or copied in any m atter or m eans without
prior consent of Privatewave Italia Spa.
• Quick Deployment
• No need to distribute hardware devices.No logistic handling
• Leverage existing smartphone base
• Quick Installation
• No need to deploy keys across secured devices
• Keys are negotiated dynamically
• Integration
• Integrate within existing phones & telephony infrastructure
• No Vendor Lock-In
• We give our customers the freedom to be indepedent from us
18
Unique advantage - Flexibility

19. The present docum ent cannot be used, m odified, published or copied in any m atter or m eans without
prior consent of Privatewave Italia Spa.
• Certified to be secure
• Multiple independent research/industry institutions
certify it to be secure
• Open Source
• Subject to public review
• Every security sensitive piece of code can be inspected and reviewed
• Full Protection
• Protect from intelligence gathering trough phone call logs (signaling)
• Politically neutral
• Technology resistant against possible political pressure on manufacturer
19
Unique advantages - Security

20. The present docum ent cannot be used, m odified, published or copied in any m atter or m eans without
prior consent of Privatewave Italia Spa.
Politically Neutral Technologies
Open & Standard Encryption

21. The present docum ent cannot be used, m odified, published or copied in any m atter or m eans without
prior consent of Privatewave Italia Spa.
• Politically neutral technology doesn’t mean “made in Switzerland”
• Politically Neutral Technologies are a result of a methodological
approach to provide guarantee of:
Protection from political pressure against manufacturer
Guarantee of well designed and secure technologies
21
What’s Politically Neutral Technology?

22. The present docum ent cannot be used, m odified, published or copied in any m atter or m eans without
prior consent of Privatewave Italia Spa.
• Risks of Backdoors
• Manufacturer can be subject to political pressure to to insert a backdoor in
encryption codes
• Proprietary encryption technologies can have security weakness due to
absence of public, distributed scientific peer review
• Proprietary solutions cannot be Politically Neutral Technology
• No protection from political pressure to put backdoors
• No public peer review of security strenght
22
NON Politically Neutral Technology

23. The present docum ent cannot be used, m odified, published or copied in any m atter or m eans without
prior consent of Privatewave Italia Spa.
• In 2002, Verint, the Israelian company providing lawful interception product to
Netherland KPN operator infiltrated trough backdoors in installed interception
systems.
• Abused of backdoors in technical support system to eavesdrop Netherland politicians
• The Israelian Verint did the same in USA on AT&T and the scandal was
discovered by CIA
23
Backdoors example?

24. The present docum ent cannot be used, m odified, published or copied in any m atter or m eans without
prior consent of Privatewave Italia Spa.
In 2005 a backdoor put in Ericsson
AXE telephony switch of
Vodafone Greece allowed spying
The prime minister, the chief of
secret services, a lot of activists
has been intercepted
All phone calls were diverted to a
bunch of prepaid anonymous
SIM cards
Costas Tsalikidis has been found
dead head of Security of the
Mobile Telco was found
“suicided”
Backdoors example?

25. The present docum ent cannot be used, m odified, published or copied in any m atter or m eans without
prior consent of Privatewave Italia Spa.
• Protection from Backdoors
 Open Source codes are publicly available
No single country influence in implementing technology
No change can be done without notice
Encryption code can be inspected independently and autonomously
 Standard Encryption Technologies are designed in international
bodies by multiple subjects (research, industry, indivuduals).
No single country influence in designing technology
 Standard Encryption Technologies are publicly reviewed and
analyzed No
encryption weakness
25
Politically neutral technology

26. The present docum ent cannot be used, m odified, published or copied in any m atter or m eans without
prior consent of Privatewave Italia Spa.
Voice Security Standards
Verifiable encryption technologies

27. The present docum ent cannot be used, m odified, published or copied in any m atter or m eans without
prior consent of Privatewave Italia Spa.
ZRTP Security Standard
• End-to-end encryption with man-in-the-middle protection
• Invented by a group of famous international cryptographers
leaded by Philip Zimmermann in 2006
• Standardized by Internet Engineering Task Force (IETF)
• Protocol with encryption algorithms recognized by most
important international security bodies
• Human authentication –No Automatic authentication
process
27

28. The present docum ent cannot be used, m odified, published or copied in any m atter or m eans without
prior consent of Privatewave Italia Spa.
ZRTP Security Guarantee
• ZRTP use encryption algorithms recognized scientifically by
 ECC Brain pool - Germany
 Standards for efficient cryptography group (SECG) – International
 ECC Interoperability Forum – International
 National Institute of Standard (NIST) – USA
• Implemented in secure open source code
• ZRTP use encryption algorithms certified for TOP SECRET
within NSA and NATO environment
28

29. The present docum ent cannot be used, m odified, published or copied in any m atter or m eans without
prior consent of Privatewave Italia Spa.
ZRTP Encryption Tech Summary
• Symmetric algorithm: AES-256 (CTR)
• Asymmetric algorithm: ECDH-384 (P-384)
• Strength equivalence: RSA 7680
• Perfect Forward Secrecy (PFS): In the unfortunate “loss”
event of your phone, no one will be able to access your
keys even if used in the past
• OpenSource Secure Codes
29

30. The present docum ent cannot be used, m odified, published or copied in any m atter or m eans without
prior consent of Privatewave Italia Spa.
SRTP Security Standard
• End-to-site encryption with digital certificate verification
• Exactly same security architecture of HTTPS
• Based on Digital Certificates and PKI
• Standardized by Internet Engineering Task Force (IETF)
• Diffused among major business VoIP desk phones
manufacturer
• Snom, Cisco, Asterisk, Avaya, etc
• De Facto Enterprise Secure Telephony Standard
30

31. The present docum ent cannot be used, m odified, published or copied in any m atter or m eans without
prior consent of Privatewave Italia Spa.
SRTP Encryption Tech Summary
• Symmetric algorithm: AES-128 (CTR)
• Asymmetric algorithm: TLS with x509v3
• Strength equivalence: RSA 2048
• Perfect Forward Secrecy (PFS): In the unfortunate “loss”
event of your phone, no one will be able to access your
keys even if used in the past
• OpenSource Secure Codes
31

32. The present docum ent cannot be used, m odified, published or copied in any m atter or m eans without
prior consent of Privatewave Italia Spa.
Voice Encryption Technology Summary
Politically Neutrality of PrivateGSM Security
Technologies
32
Tech Open
Source
Public
Specificatio
n
Standard Peer
Reviewed
Security
Model
Level
ZRTP YES YES YES YES END-TO-END TOP-
SECRET
SRT
P
YES YES YES YES END-TO-SITE SECRET

33. The present docum ent cannot be used, m odified, published or copied in any m atter or m eans without
prior consent of Privatewave Italia Spa.
Mobile voice encryption
A revolutionary approach in voice encryption industry
Question?
fabio.pietrosanti@privatewave.com