by Frank Moss
How do you communicate privately? This is a problem that has plagued mankind for centuries and has entered a new era of need with the advent of texting, instant messaging and mobile phones. For all intents and purposes, all of that data is currently transmitted in the clear. Government servers get split feeds direct from the phone company. Texting is not even encrypted at all and law enforcement can get transcripts of messages. So how does the average person protect themselves and exercise their right to privacy?
Voice over Cellular Networks
There are a few options for voice encryption on the cell phone. All require a data channel, WiFi, 4G or LTE to operate. Most require a service commitment, like Silent Circle. Others are free, but require the same software on the other end or are hard to setup.
Whisper Systems is considered to be the state of the art that everyone points to and says “That is our bar”. No “If”s, “And”s or “But”s about it. The design team is lead by Moxie Marlinspike, who is considered the foremost security white hat hacker on this rock and a protocol security specialist.
- RedPhone. Android only. Encrypts phone calls, both parties need Red Phone installed. Open Source.
- Signal. iPhone. Encrypts phone calls, both parties need Signal installed. Open Source.
- It is unclear if Signal users can call RedPhone users reliably, but seamless interoperability is the impression expressed in the discussion groups.
- CellCrypt Enterprise. Android, Apple, RIM, Nokia. Encrypts Phone calls and text messages. Both parties need CellCrypt. $3200 per user.
- Silent Phone. subscription based @ $12 .00 per month. Both parties need a subscription and the app.
- Blackphone. $700/phone. uses regular cellular networks (worldphone or americas).
For voice communications all of these options leave a dependency on an operating data network and access to calling switches. Though this is a good step towards privacy, remember that your data usage will fly through the roof if you use this regularly; plan accordingly. If your phone has data usage warnings and limits built in (most android phones after version 3.0 do), set them up to warn and stop your traffic at nearly half your portion of the whole data package. This will help model your usage and leave room for others on your plan without incurring overage charges. If you, your significant other and a child all share the data package, your portion should be around 33%, (all things being equal), so your warning should be at 12% or 1.2GB of data usage and your limit should be around 14% or 1.4GB of data usage on a 10GB plan.
Text over SMS Networks
For written communication there are many apps to choose from and the technology is rather simple compared to low latency voice since the text can be encrypted before sending and low network latency is not a concern.
- TextSecure encrypts in an encrypt -> send -> store methodology so that everything is encrypted locally as well as in transmission. In addition to AES-256 for transmission encryption, and HMAC-SHA256 for integrity matching, TextSecure uses Curve25519 for payload and database encryption. This combination with the Axoloti cryptographic ratchet delivers you state of the art tech and you can view the source code.
Voice over Radio
Here the options are open to many alternatives. See the article Radio Comms for more information on the basics. For encrypted transmissions, you will need to use radios that can take encryption keys. The most open standard is the NXDN system which iCOM and other carriers make. FDMA is also available in Asian made radios. I am using iCOM as a reference standard here because they supply encrypted radios to the US Military.
- iCOM IC-F3161D can handle encrypted NXDN communication to other hand held portable radios without the use of a central repeater or station, but the $800 price tag might make the coffee go down the wrong pipe.
- BF-109 uses FDMA system for encryption and the price tag is lower at the $250.00 range.
There are other systems and manufacturers out there, like Motorola and their SECURENET line of non interoperating products, but they are not included since they are license heavy, infrastructure reliant and pricey.