Frequently Asked Questions
Questions on E2:
On the Enigma there are two buttons which are used to make a call.
The standard "Green" button is used to initiate normal non-crypto calls, and a Crypto-Button above the LCD which is used to make crypto calls. The standard "Green" button is used to answer all incoming calls.
After entering the phone number and pressing the crypto-button, the mobile phone will establish a link to the other party using a GSM data channel (similar to a fax call).
The Enigma on the other side will ring with a distinctive ringtone, and show "Crypto Incoming" on the display. When the call is answered, a number of initial checks are done internally in order to validate the system and keys of both your phone and the called party. These checks include ensuring the integrity of the other party's key by validating the digital signature which was issued by the Certification Authority, and validating any implicit or explicit restrictions such as Black Lists, White Lists CUG etc..
If these checks are successful then a session key is generated, encrypted and signed using public key algorithms, before being transmitted. The use of public key algorithms during key exchange ensures that only the intended Enigma is capable of deciphering the information. If any of these checks fail, the call is immediately halted and an appropriate message is displayed.
During key exchange process, which typically lasts about 7 seconds, progress tones can be heard in the earpiece of both phones - this serves as a further reminder that a secure call is being established.
The randomly generated session key will be used to initiate the voice ciphering process, and the conversation can commence. From this point onward, both cell phones will encrypt all speech before transmission, rendering the call secure in both directions.
At the end of the call, the session key is securely discarded never to be used again or discovered, and all power is removed from the crypto module, further ensuring that all data related to the call is destroyed.
If you require further or a more detailed explanation of the key exchange process, please do not hesitate in contacting us here.
The additional compression method used in encrypting is more modern than that used in the GSM, although there is additional bandwidth overhead required for such a call. The result is sound quality which is equivalent to a normal voice call. There is a slight increase in latency (delay) of about half a second, which is negligible and does not interfere with the conversation.
In the case of unfavourable reception conditions, specially in more rural areas, receiving problems and occasional "breaks" may occur, exactly the same as with all other mobile phone calls.
In the case of a fast car ride, a secure call may break off more often than when stationery because the data channel requires a higher stability in the connection.
Your GSM SIM Card subscription must be configured by your network operator to include "Circuit Switched Data" services (CSD). The specific type of data service required is very similar to that of a fax call i.e. As if the mobile phone were to send & receive faxes.
The detailed requirements are: "Bearer 26" with following options: Transparent mode, V110 intermediate rate, UDI (Unrestricted Digital Information) with data compression disallowed.
With some operators, a secondary "data telephone number" (MSISDN) maybe provided to facilitate this data service.
This capability must be activated for all roaming conditions.
Note that "Circuit Switched Data" is different, and often confused with GPRS data services (also known as "Packet Switched Data" services or "PSD"). The existence or absence of GPRS services has no effect on Enigma Crypto-Calls.
The above should be sufficient detail for network operator to understand how to configure the account for Enigma secure calls.
If you need more information, please contact us here.
Questions on mobile communication network safety:
EVERYONE SHOULD BE
Regarding safe communication, both sender and recipient are usually interested in:
- Message Integrity (truthful, intact and complete)
- Confidentiality (or Secrecy)
- Authenticity (knowledge and verification of the sender and the recipient)
The difficult task is protection from unwanted eavesdropping of telephone calls and text messages. Today interception of these communications systems is technically easy and is occurring with increasing frequency.
Public authorities (governments, military, secret services etc) have a special interest in confidential phone calls and text messages, as do economic enterprises. Both could be heavily damaged if confidential conversations are intercepted. Above all, listening-in on financial transactions and bugging coordination calls for negotiations using a mobile phone are extremely high risk for the parties being intercepted
In most countries, the "over-the-air" connection of a mobile phone to a base station uses very low level encryption. This encryption is done using the so-called A5 1/2/3 methods. These algorithms were developed in secret, so were never officially available to public scrutiny and subsequent trust. This encryption system has many weaknesses, including:
- The handset is authenticated, but the base station is not authenticated (see IMSI catcher below)
- The network is in control of the system and is free to (and often does) re-use keys for multiple phone calls
- The network is free to (and often does) turn off the encryption under high load conditions
- This encryption only exists on the over-the-air portion of the link: beyond the base station, the call is carried over a standard trunk and is as vulnerable as any other phone call.
The ciphers used by the GSM system can be decrypted in real time with a fast PC. The methods use are well publicised: A5/1, Biryukov, Shamir, Wagner, A5/2 (no longer used) and A5/3 (Kasumi), Dunkelman, Keller and Shamir. Thus, all calls sent and received by a mobile phone can be intercepted and must be regarded as insecure.
IMSI Catcher: Eavesdropping becomes even easier using a so-called "IMSI catcher". Every activated mobile phone in receiving range will automatically log into the nearest (strongest) base station of the mobile network. The IMSI catcher simulates a base station to the participants close by. The catcher intercepts all calls and re-routes them (unbeknown to the participant) toward the "real" base station. At the same time, it will send the calls identified by the target's identification (IMEI) to the hacker via a separate connection.
At the IEEE "Secure Mobile Communications Conference" in Sept 2005, it was announced that the cost of the equipment required to simulate a base station, intercept a conversation while relaying it to the intended callee, had dropped to under £5000. By 2011 this had reduced to less than £1000. This ability is now not confined to the budgets of governments and large organisations - Almost anyone could be listening.
Additionally and as mentioned above, a simple instruction contained in the GSM standard protocols allows the encryption to be switched off, making it possible to listen to the call in real time. On the grey market, devices of this kind are offered by retailers for mobile use at a price of a few thousand Euros.
Using such a device can interfere with the connection quality, as the frequencies used by the IMSI catcher are not in sync with the frequencies of the respective network. Thus, such devices have no operative permission by the authorities . However, as this device can be classified as a measuring device in the broadest sense of the word, production and export are legal and thereore the devices can be acquired quite easily by anyone.
Each and every GSM telephone has a unique identification number of up to 15 digits, this is the IMSI (International Mobile Subscriber Identity). It consists of a country code part, a network code and a subscriber code, and is assigned to the SIM card by the network operator.
By means of an instruction from a base station, the mobile phone will send the IMSI instead of a TMSI (Temporary Mobile Subscriber Identity) in order to gain information on its number and identity. The mobile phone (or more specifically, the user's SIM card) would be identifiable at any time.
In analogy, each mobile phone has a device code, IMEI (International Mobile Equipment Identity), which is also globally unique.
On a GSM network, network coverage in a particular region is achieved by installation of base stations with overlapping ranges to ensure complete coverage of the area. A mid-size town will have 10 to 20 base stations, depending on the network operator, each of them utilizing a different frequency. The mobile phone will seek the station that is best accessible when turned on, then keep checking at regular intervals during the call.
In order to stabilize the connection even more, the base station transmits a frequency table with alternative frequencies of neighbouring base stations to the mobile phone. The phone steadily checks the signal strength being received at each of those frequencies, which ultimately allow switching quickly when needed, e.g. in case of a change in location or an interference in the working frequency. If one does not change locations during a call, the entire call will be accomplished on this one frequency.
For the purpose of listening in on mobile phone conversations, a portable transponder is taken near the target mobile (i.e. the phone to be bugged), and a strong signal is generated whose frequency corresponds to one of the alternative frequencies mentioned above. The phone will recognize this stronger signal and report it to the network. A channel change to this new frequency will immediately be carried out, rerouting the conversation inadvertently to the rogue transponder. The target mobile will be recognized by its identification, and encryption is turned off utilizing the appropriate GSM instruction. At this point, all conversations taken with this mobile phone can be listened to and recorded directly in situ and/or via another connection.
At the same time, the IMSI catcher will reroute the connection to the base station via the old frequency. Neither the customer nor the network would be aware of this manipulation. The only possibility to recognize (but not prevent) this manipulation, would be by using a special "monitor mobile", which shows operational data (eg working channel, time slot, timing advance etc.).
If the mobile is moved (car phone), the transponder must remain near the target mobile. Such devices are, therefore, usually installed in cars or vans that can follow the target inconspicuously.
Common Criteria certification of a communication and encryption device means that users can rely on an assured level of security, for any product they are about to purchase. It is a sign of confidence - rather like the quality kite-mark seen on consumer products.
The Tripleton Enigma E2 secure mobile phone uses Common Criteria Certified cryptographic sytems and components.These are evaluated to Common Criteria level EAL5+
More on the Common Criteria
Cryptology is the science and art of making and breaking codes and ciphers.
Cryptography is the practical application of encrypting and decrypting messages.
Cryptoanalysis is the art of getting at the content of secret data without knowledge of the keys and encryption methods used. The cryptologists call this process code-breaking or compromising. If an attack on a secret code does not hold up to analysis, the cryptogram is compromised or more familiarly, it has been cracked.
In order to hide a secret message, it takes a method (the simplest case would be a sealed letter) or a means (e.g. invisible ink). These historical procedures have today been replaced by mathematics. Mathematical functions that make secret messages unrecognizable or serve to regain the messages are called cryptographic algorithms.
Usually, two related functions are used, one to encrypt and one to decrypt. Modern cryptographic procedures do not rely on their algorithms as the basis of security - instead their safety is based solely on the use of keys. Without knowledge of the keys, a third party cannot decode the message. Depending on the algorithm being used, encryption and decryption could use the same key (symmetric), or the keys could be different (asymmetric).
An algorithm, including clear texts; ciphered texts and keys, is called a crypto-system. An essential element in judging encryption safety is the complete publishing of the crypto-algorithm, since this is the only way for the informed to analyze the crypto-system for backdoors or escrow keys, which would make unpermitted decrypting possible or for "weak spots" that would render it corruptible.
In modern cryptographic terms, a key is a randomly generated character chain that can be transmitted electronically. In general, the longer the chain, the safer the key.
As in the real world, a key grants or denies access to a space. A crypto key is essentially the same, except the space is "message space" or "data space". Daily life teaches us how secure is the system of lock and key, however, in the real world, there are actually no key/lock systems which are absolutely secure. One very good way to improve security would be to ensure that the padlock and key are used only once, after which they are discarded and exchanged for a new pair. This is common practice in cryptographic systems, and is used in Enigma products.
An Escrow key is a key which is held in trust by a "disinterested" third party and covered by well defined terms and conditions. An example could be that a governmental authority of a particular region or organisation requires copies of the keys used in "un-compromisable" crypto-systems within their jurisdiction.
Just like in real life, partners that make a deal (for example the purchase of a new home) will want to be able to legally prove this. In order to ascertain proof, a trustworthy third party is needed, typically a notary. The notary checks the party's identity, documents the legal act and protects that act from falsification - keeping the transaction "safe". In the world of electronic communication, the equivalent of the notary is The Trust Centre.
When compared to a symmetrical procedure, asymmetrical methods have one significant advantage in that no direct key transmission between participants is necessary. However, steps need to be taken to ascertain the identity and legitimacy of the key owner. This can be achieved by conducting a personal check, but it is achieved far more effectively by the method of "certification" of the person by a trusted authority who have conducted the required security checks. If the person holds "a certificate", all that needs to be done is to check the authenticity and integrity of that certificate.
This same process can be used to check other objects such as software versions, CA-Lists etc.
Questions on encryption procedures:
In symmetrical encryption, the encryption (sending) and decryption (receiving) processes use the same (secret) key.
- Advantages: Fast and efficient on CPU and memory resources. No key management necessary.
- Disadvantages: Anyone who has the key can decrypt, modify or replace messages in the stream.
A revealing or unnoticed loss of the key renders the encryption worthless. Also, safe transmission of the key to the communication partner causes problems, or even the danger of compromise.
There are mobile and stationary phones on the market that contain a standardised secret key built into the device. Each device can achieve encrypted communication with the other parties without problems. However, since all these devices use the same key, there is a danger of the encrypted message being intercepted and listened to using an identical device.
Due to the inherent speed and efficiency, the symmetric method is often used to stream ciphers, but elaborate mechanisms are incorporated to generate and protect the key being used.
In the case of the asymmetrical procedure, the keys required to encode and decode the data are different. Consequently, asymmetric keys exist in pairs of exactly two keys for each registered participant. One is the so-called private key, which is to be kept secret at all times and is known only to the owner, only to be used by him or her and must not be passed on to any other person. The second key is the so-called public key, which is made available to all communication partners. It is generally of no consequence if this public key is known to anybody - it could even be published on a public internet site if so desired.
Due to the mathematics involved, the private key cannot be derived from the public key, nor vice-versa.
This mechanism brings with it some very useful features: Let us consider two communicating parties - Bob and Mary:
Confidentiality - It is possible for Bob to encrypt a message using Mary's public key which only Mary can decrypt because decryption requires her secret key. This is ideal for keeping content secret since only the intended recipient (and nobody else) can decrypt the message.
Authenticity - Alternatively, Bob can encrypt a message using his own secret key which, anybody (who has his public key) can decrypt - but they would be comfortable in the knowledge that only Bob could have created such a message - i.e. that it is authentic. This, when used in conjunction with a hashing algorithm, is the principle of a digital signature.
- Advantages: Extremely safe procedure, large number of applications. No direct key transmission between participants necessary when registered in the trust centre. Additional safety due to unambiguous identification and authentication of the communication partner.
- Disadvantages: Slower and more resource hungry. More expensive due to the management of the public keys.
The best of both worlds is achieved if both symmetric and asymmetric procedures are combined: A symmetrical one-time key is generated, valid only for the current communication, and safely transmitted to the partner using the asymmetrical procedure. During this initial stage, the users can authenticate each other before proceeding further. The encryption of the primary data (the "stream") is then done using the symmetrical key which is known only to those two parties.
- Advantages: This approach yields the high speed necessary for real-time encryption, but keeps the advantages of the asymmetrical method. Avoids the disadvantages of the symmetrical method used in isolation.
- Disadvantages: More complex to implement.
This system is used by Enigma. The Enigma E2 achieves full bi-directional authentication with the secret keys held securely, never leaving the safe environment of the Netkey/TCOS card.