Cell Phone Encryption? 42
Black Diamond asks: "I know I'm not up to speed on cell phone encryption, but I was wondering, are there any cell phones that let you handle the encryption from your end of things? Something along the lines of a phone you hook up to your computer to input specific encryption keys for specific contacts, as well as a private key for yourself. Is such a thing plausible, or should you trust the standard encryption that comes on some cell phones nowadays?"
Similar to PGPfone... (Score:4, Informative)
There are both binaries and source code available here: http://www.pgpi.org/products/pgpfone/
Windows and Mac only, and it's a very crude app... It would be nice for someone to develop something more robust and with better features.
Re:Similar to PGPfone... (Score:1, Informative)
for Unix + PC) and Nautilus secure
phone. All free & Free.
PGPfone can do modem-to-modem.
Put them on your pocket PC
and cable that to your regular
cell phone.
Problem is the other end needs the
same setup.
legal phone tapping (Score:3)
There has to be way of 'wire tapping' any comms system according to various laws around the world so the 'good guys' can listen to the 'bad guys' (court orders etc needed).
The has been alot of stuff on the UK on this (cf ukcrypto list), the cryptos used and how it was weakened to enable 'legal' phone tapping to occur.
Re:legal phone tapping (Score:3, Interesting)
Strictly speaking, LEA's could still "tap", encryption would just make it more difficult to make sense of the captured voice stream (in the case of a voice intercept, that is). And even with "user encryption", you could still service "pen register" and "trap and trace" warrants (basically timestamped records of who called who).
Furthermore, though I can't find the reference now, I remember reading that carriers are permitted to offer "unrever
GSM phones encrypt anyway (Score:3, Informative)
That is one of the big advantages of digital cellular modes over older, analog cellular modes - the ease of adding encryption.
However, if you want to throw another layer on top of this, it gets more difficult - since digital phones take the audio signal and vocode it, you cannot just scramble your voice and feed it in - the vocoder won't know what to do with it and won't encode it properly. You would have to inject your signal after the vocoder but before the Viterbi/Trellis coding.
Re:GSM phones encrypt anyway (Score:1, Informative)
No they don't. The GSM protocol supports the capability, but it isn't necessarily turned on. At least one of the UK operators does not use it.
The algorithms are also dated, and it has been demonstrated that can be readily compromised, in real time, using off the shelf hardware available today.
BB
Re:GSM phones encrypt anyway - NOT (Score:5, Interesting)
(a) Both GSM and CDMA encryption are flawed and can be broken.
(b) It doesn't matter if the encryption is bad, all GSM phones listen for a single bit from the tower they're communicating with that tells it if it should encrypt or not. It is trivial for anyone with the resources to eavesdrop on a digital phone call to setup their own fake tower to tell your phone to turn encryption off.
(c) so what if mobile phones encrypt, phone lines that they connect to don't.
never trust commercial "encryption" to be anything more than the magic decoder ring from your cerial box wrapped in a DMCA wrapper calling anyone that points out that its made of cheap injection molded plastic an information terrorist.
Re:GSM phones encrypt anyway - NOT (Score:5, Informative)
It would depend upon whom this guy wishes to protect his conversations against - J. Random Carbonunit or Special Agent TLA.
If the former, than the encryption used in GSM is enough - few people have the gear to modulate and demodulate a GSM signal with proper time slotting, time of flight correction, etc. Making a GSM signal is HARD - I build gear that does it.
If the latter, then they won't screw around picking the signal off the air - they will throw a CALEA intercept on his phone when it hits the PTSN. Then the only thing that can protect him would be VERY strong encryption seperate from the phone - which as I said in my first posting is difficult due to the nature of digital phones.
Lastly, if he is trying to protect himself from Special Agent TLA, encrypting his signal like this won't help - it will just raise a big red flag saying "Look At Me! I Am Hiding SomeThing!". He would be far better served making an innocuous word code and using that.
...with the resources... (Score:2, Informative)
Unless you enjoy designing custom analog/digital hardware, there is just no way you're going to override the single byte in a stream that selects clear encoding, and then just listen to a clear channel conversation. The "man in the middle" attack is your only hope for using off the shelf toys. You'll need proper amps., a sharply directional antenna, and GSM phone-test-set that will exchange two-way pcm data with suff
Re:...with the resources... (Score:1)
I was saying quite the contrary - it WASN'T trivial.
Re:...with the resources... (Score:1)
Sorry about the lack of clarity. I needed to make better use of the <Ironic Tone></Ironic Tone> tags. Though the speed of light hard drive analogy seemed accurate, I wanted to outline some of the hurdles involved to illustrate the point that this is not a cellular FM radio using frequency inversion or something else for which a cool black box and a scanner will make for trivial snooping. This is $20k+ worth of toys and a significant engineering investment.
How do you define trivial? (Score:2)
It would be easier to follow you with a parabolic microphone.
My recommendation to you is to tighten your tinfoil hat.
Re:GSM phones encrypt anyway - NOT (Score:1)
beautifully worded! *applause*
Re:GSM phones encrypt anyway - NOT (Score:1)
I'm not sure which CDMA encryption you are talking about, but using a phone like this [qualcomm.com] would make breaking its encryption a hard feat to accomplish.
Re:GSM phones encrypt anyway (Score:1)
> GSM (and PCS) phones encrypt the traffic anyway
Of course, but the encryption is in between your handset and the BTS (the base station). Then the traffic is in clear, until they are again aired by another BTS (or, if they reach another phone line which doesn't encrypt, it is in plain all the way).
So the phone company, if they wished, or bribed, or forced by legal authorities, can tap your call. And moreover, GSM uses A5/1 encryption which is broken anyway.
What is actually needed is peer to peer encr
data encryption?? (Score:3, Informative)
Are you asking about encrypting the data stored on your fone? or encrypting the data transfer between your fone and your service provider?
If it is a Pocket PC
http://www.pointsec.com/core/default.asp
http://
However good encryption/decryption take up lots of CPU power, so I dont know how feasible it is to ecrypt all the data on your cell phone.
Some thoughts from a ham (Score:2)
One thing you could do, if you can use your cell phone as a modem (I think most digital phones can do this at fairly high speed) the
Re:Some thoughts from a ham (Score:4, Informative)
Nobody's been able to demonstrate real-time listening capabilities (yet).
But it is a well-known fact that the law enforcement guys have taps at the cellular switches, so they just plug into the call before it goes to hardwire -- they don't even bother trying to listen out of the air, and why should they? It's a lot easier to listen at the switch
Now, as for GSM, its encryption is definitely crackable in realtime... In fact, there have been industrial espionage problems across the English channel because of this
Re:Some thoughts from a ham (Score:2)
Where do you get this stuff? CDMA is 2G tech to allow multiple subscribers to share a frequency. Rather than multiplexing by timeslots (TDMA), each mobile subscriber transmits a code so the tower can distinguish between different calls on that frequency.
It has nothing to do with security. It is one solution to the problem of having more subscrib
Re:Some thoughts from a ham (Score:1)
And I don't know what the fuck you're talking about, but CDMA has nothing to do with either 2G 2.5G or 3G. Those have to do with data capabilities. That is all. Would you also
Re:Some thoughts from a ham (Score:3, Insightful)
With today's bleeding edge technology: I was just looking at the sprint wireless site, and found this pdf on one of the laptop modem cards.
http://www1.sprintpcs.com/media/Assets/Eq u ipment/H andsets/pdf/yisocf2031.pdf
It claims to have a total baud of 230.4 bps
recieve at 153.6 and sent at 76.8
Although this is the maximum baud, and the speed is changeable.
(so theortically you get, but in reality...)
These plans start at $100/mo with 300 MB data, or $120
Re:Some thoughts from a ham (Score:2)
Re:Some thoughts from a ham (Score:2)
Low-tech method (Score:4, Funny)
Siemens S35i (Score:2)
-psy
Gotta love format losses.... (Score:2)
It is possible, and it is real (Score:5, Informative)
Of course, lack of standard make these chips non-interoperable (not encryption/decryption but key management). Once it becomes popular standards need to emerge.
cheap answer (Score:3, Funny)
Re:cheap answer (Score:1)
Flamebait? (Score:1)
Just like half of Slashdot User's sigs say, Instead of being lazy and modding me down, post an intelligent response.
Sectra Tiger (Score:1)
Secure CDMA Phone (Score:1, Informative)
Motorola (Score:4, Informative)
From what I understand, phones with this devices are aproved by NSA for secret transmittions.
Doing a google seach I came up with this:
http://www.cellular.co.za/phones/generaldynamic
R+S does encryption, but also IMSI catcher (Score:1)
Rhode+Schwarz [rohde-schwarz.com] offers GSM mobiles with encryption and PCMCIA cards for GSM mobiles. Ironically, it manufactures also so-called IMSI catchers, which allows secret services and other "authorities" to intercept any GSM mobile.
By the way, GSM is encrypted by default, but the providers can switch that off at any time without notification
Try contacting this company (Score:1)
Try this company (Score:1)
http://www.transcrypt.com/
practically speaking... (Score:1)
What about the other end, you say?