Samsung Galaxy Note. First Look
Today, large companies, especially corporate giants like Samsung, do not surprise users with extraordinary products...
|First look. Sony ST21i Tapioca Microsoft Windows Phone 7: Reasons for Failure First Look at Samsung Galaxy S3 as a 2012 Flagship|
Encrypted voice communication using SecureGSM on the Windows Mobile platform.
The aspects of personal information security are always of increased interest in every society. A priority of every person is to protect his private information and keep that information from dissemination. Consequently there is always a category of people who has interested in that confidential information. Within day to day life there are often gossips and rumors in circulation which may be troublesome but not critical for people who are influential in society (either commercially or politically). The dissemination of such confidential information can often be disastrous either in a direct or figurative sense. Therefore certain members of society are concerned about the preservation of confidentiality while others do their best to get the necessary information for whatever reason or use. It is certainly not a secret that the most vulnerable aspect of providing secrecy is the process of data transmission. Since this review focuses on the security of voice traffic transmitted via cellular communication and does not concern itself with systems of secret observation, we will take a look at the program which allows the preservation of confidentiality when talking on a cell phone, namely SecureGSM™ Pro.
Software product – SecureGSM™ Pro.
The manufacturer is SecureGSM, www.securegsm.com, the way of distribution is commercial ware. The price is $190. The distribution rights of the program in Russia and Ukraine belong to the company «NewPalper Inc.», www.securegsmrus.com.
The program encrypts voice with the use of a layered triple encryption mechanism based on the AES, Twofish and Serpent algorithms in real time, using a Diffie-Hellman 256 bit key. None of the applied algorithms is susceptible to decryption. As for being more specific about the effort needed to break this kind of encryption, well, the financial and temporal costs for decryption make this process practically not viable. I am not a specialist in the field of cryptography and cannot judge professionally the compliancy of those algorithms; however the fact that the creators have announced a competition in decoding of an encrypted conversation is indirect evidence of their resistance. As an award there were $10 000. Nevertheless, the prize for decoding was unclaimed.
The list of compatible devices is constantly increasing. Recently the support of HTC Prophet and Charmer was announced. In March a Smartphone version based on WM5.0 (devices similar to Qtek 8310) will be available. The complete list of supported devices is available on the manufacturer’s Web site.
For evaluation and testing purposes, a free “light” version is available from the manufacturers Web site, aptly named SecureGSM™ Evaluation. This “light” version is a fully functional product with a significantly reduced security mechanism,
To get access to the full-scale version it is necessary to login on the website and pay for the program. When distributing the program there are some limitations:
Installation of the program.
Installation of the program is via a standard ActiveSync setup or using a cab file directly on the device. The installation path is recommended to be in the non-volatile memory area of the device (Storage). Therefore, in a situation when forced to do a hard reset of the device, all that is required to restore the program to full functionality is to run the executable file via Explorer. At that moment, all settings, even the launch icon in the menu Programs are restored. Such a method of program recovery is part of the manufacturer’s intimate knowledge of the device and operating system and is the first time we have seen such functionality implemented in a Windows Mobile product.
At first launch a device identification file is created in the program folder which is sent to the manufacturer for licensing (activation). After checking the registration information the modified ID file and license file are sent to the user; it is necessary to copy those files to the program folder on the device. The license considers hardware features of the specific device. Transferring the program to another communicator is possible only with the consent of the manufacturer and can be made by revocation of the previous license and getting a new one.
In the lower part of the main window there is an option menu and quick access icons to various functionalities. Volume control of alert, microphone sensitivity, program access from the standard contacts list and automatic launch on communicator start-up are available from the general settings area of the program. When personal information managers (Pocket Informant, Agenda Fusion, SPB Diary, etc.) are installed, a direct dial with the SecureGSM program is present as one of the options.
The program uses the CSD protocol and therefore the corresponding service should be activated with the carrier. Generally this protocol is used for data or fax transmission. If there is an additional number when service activated, it is better to use it for calls in secure mode, though the carried out experiments have shown the possibility of calling to the primary number. The default device CSD settings are usually set at 9600 bps (v.32) which should be changed to 9600 (v.110). At that setting, the quality of voice communication noticeably improves. The rest of the icons in the lower part of the window allow making a voice call, getting into the messaging screen, opening the default contact list, sound settings and the online help.
Working with the program.
For a secure call it is necessary for the program to be installed on both terminals. The telephone number can be dialed directly from the keypad or activated from the address book. If the software is not installed, or the CSD channel is unavailable, an alert is shown on the display, stating that the call cannot be established. In the case when the program is installed on both terminals, the process of establishing a connection consists of several stages. After receiving an incoming call alert, a negotiation stage is completed followed by an exchange of dynamic keys. Finally a picture containing a geometrical figure and a digital code is shown in the displays of both devices. This picture is always generated dynamically in real time. We arranged several communication sessions in secure mode – every time the picture and the digital code was different from the previous call but they were always the same in both devices. Before enabling secure mode the only requirement is to confirm with the interlocutor that the information presented is identical on both devices. As long as the information on this screen is identical on both devices, it is safe to proceed with communications.
The logic behind this algorithm is to ensure that an unknown party cannot get “in the middle” to listen in on the conversation – the interlocutor is always known. Possible voice distortions when using the CSD protocol should be anticipated beforehand – and in that case I suggest a few practice sessions before carrying on with secret negotiations.
There is an extra and unique way of communicating within the program – the capability of short message exchange in secure mode. This functionality helps protect against the use of directional microphones and device fitted bugs. Switching to the message exchange window is simply a matter of clicking the corresponding icon. Earlier this possibility has never yet existed in a software product. One can judge the convenience of this functionality simply through an attempt to reproduce, by voice, a simple key such as, for example: IASHER-HDTRIEU-HDTERIOTR-SHDGFGERT- SGKJHIS.
General remarks and conclusions.
The quality of communication is quite satisfactory. The voice of interlocutor is heard clearly; noise and echo are minimized. A quite natural attribute when working with the program is the use of a headset – it is more convenient to talk and to exchange messages with its assistance. In the conlusion of the review I will venture to make some remarks not concerning the description of the program. Probably law experts will consider important making their remarks.
According to the legislation of Russian Federation (Belarus), programs assigned for personal use do not require certification. Moreover, only domestic products, which this program is not, to are subject of certification. The manufacturer office is located in Melbourne, Australia. This program also does not come up against the demands of SORM – an operator is obliged to provide unimpeded access of special services to its equipment. This, of course is only applicable and specific to the Russian Federation and ex-Soviet countries only. According to the statement of specialists in the case of the necessity of the filtering of subscribers, using such programs does not cause any technical complicacy on the part of the operator.
To specify the position of an operator in the aspect of limiting the use of CSD channels, a corresponding question was formulated. I would like to emphasize that the question was put to Minsk operator Velcom; those who would like to identify the position of their own cellular communication operators can do so independently. The content of the inquiry and answer are below.
And the answer.
The communication services (including the service Data transmission) can be deactivated by the operator in the cases provided by the regulations of the contract concluding between you and JV LC «MCS». The company has the right to block the access to GSM network for the client in the following cases:
In all other cases regarding the contract, the rendering of communication services of GSM standard JV LC «MCS» follows the legislation of the Republic of Belarus.
Best regards, Department of client servicing, Velcom
The program was tested on the communicator Qtek S110 provided by the company Vobis. The full-scale version of the program (SecureGSM™ Pro) is available from the manufacturer.
Published - 09 June 2006
Have something to add?! Write us... email@example.com
[ 31-07 16:21 ]Sir Jony Ive: Apple Isn't In It For The Money
[ 31-07 13:34 ]Video: Nokia Designer Interviews
[ 31-07 13:10 ]RIM To Layoff 3,000 More Employees
[ 30-07 20:59 ]Video: iPhone 5 Housing Shown Off
[ 30-07 19:12 ]Android Fortunes Decline In U.S.
[ 25-07 16:18 ]Why Apple Is Suing Samsung?
[ 25-07 15:53 ]A Few Choice Quotes About Apple ... By Samsung
[ 23-07 20:25 ]Russian iOS Hacker Calls It A Day
[ 23-07 17:40 ]Video: It's Still Not Out, But Galaxy Note 10.1 Gets An Ad
[ 19-07 19:10 ]Another Loss For Nokia: $1 Billion Down In Q2
[ 19-07 16:57 ]iPhone 5 To Feature Nano-SIM Cards
[ 18-07 14:20 ]What The iPad Could Have Looked Like ...
[ 13-07 12:34 ]Infographic: The (Hypothetical) Sale Of RIM
[ 13-07 11:10 ]Video: iPhone Hacker Makes In-App Purchases Free
[ 12-07 19:50 ]iPhone 5 Images Leak Again
[ 12-07 17:51 ]Android Takes 50%+ Of U.S. And Europe
[ 11-07 16:02 ]Apple Involved In 60% Of Patent Suits
[ 11-07 13:14 ]Video: Kindle Fire Gets A Jelly Bean