Encryption

The GSMK CryptoPhone technology is based on published and well researched algorithms for both encryption and voice processing. The two algorithms used are AES and Twofish. These algorithms are generally considered the most secure and appropriate 'stream' ciphers available today. A 'stream' cipher is used by encoding a 'stream' of encrypted data, and combining that 'stream' with the data to be encrypted, which in the Cryptophone case is a data representation of the voice call.

All calls are encrypted with 256-bit keys using AES and Twofish running as counter mode stream ciphers. Using both AES and Twofish provides a much stronger design then using only one algorithm. For the highly unlikely case that a weakness is discovered in one of the algorithms, the use of the second algorithm provides still a sufficient margin of security. The use of the two very strong algorithms is a unique feature of the GSMK CryptoPhone that provides a "fall back" inside the crypto-system design. The design goal was to provide not only "tactical security" that lasts for a few months or years, but to design for security against future developments in cryptanalysis in the next decades.It uses very long keys, resulting in a product that provides peace of mind today and in the future.

The graphic to the right shows the encryption flow from key exchange to data encryption.

The animation below shows how the keys and algorithms are combined.

The process of encryption in Cryptophone product is as follows:

1. The key used for each call is generated using a 4096-bit 'Diffie-Hellman' shared secret exchange, 'hashing' the resulting 4096 bits to the 256 bit session key by means of SHA256. The random material required for the Diffie-Hellman exchange is generated by using the least significant bit from the microphone signal (not during calls of course) and enhancing this entropy with the 'Fortuna' algorithm. This scheme ensures that each encrypted call is performed with a completely new and random key. All key material is securely erased immediately after the call ends.

2. The SHA256 version of the key is used in three ways:
a) Used as input to the AES cipher, used with a counter, to ensure randomness in the 'stream' of data.
b) Used as input to the Twofish cipher, used with a counter, to ensure randomness in the 'stream' of data.
c) To prevent man-in-the-middle attacks, a six-letter hash is generated from the Diffie-Hellman result and displayed to the user. The user then reads three letters over the encrypted line to the communication partner and verifies the three letters the communication partner reads to him. If there were a discrepancy in the six letters, a man-in-the-middle attack has been detected.

3. The results of 2a and 2b are XOR'ed (combined at an individual bit level, where if the two bits are the same, the result is '0', if different, '1'). The result is that a compromise of only one of the ciphers will not compromise the encrypted conversation.

4. The now combined 'keystream' is once again XOR'ed with the data representation of the voice/data needed for the call, and send to the other party.

 

 

About Us |Contact Us | This page best viewed in Internet Explorer 7 or Mozilla Firefox 1.5 and above | ©2008 ESD Group