Sunday, November 24, 2013

Cryptohip, security card or trustchip

As mobile communication encryption is getting more and more important, several companies announce their solutions build around micro SD security cards. You get this special micro SD card (security card, cryptocard or trust chip, several names for the very same hardware piece), put it into your smart phone's micro SD slot, and your communication is secured. Or not?

With this new development a myth arose, namely that all micro SD security card based solution provides eavesdrop-proof mobile communication. These systems are more secure than purely software based solutions, that's no question. However using a micro SD security card in a mobile encryption solution does not guarantee eavesdrop-proof communication.

Anyone who thinks it over comes to this conclusion. What happens if a smart phone has a micro SD card with an integrated trust chip or security chip in its micro SD card slot, but a spy ware running on the phone reaches the phone's microphone during calls? The spyware records the conversation, and the conversation is tapped before it even gets to the trust chip. Or what if the trust chip uses standard public key (PKI) encryption, and sends out keys needed to encrypt messages? Well, it is a big help for anyone who tries to crack into the system. Knowing the encryption key significantly reduces the time to figure out the decryption key, therefore to get the message.

Encrypted mobile communication solution has to be chosen based on technical implementation of the encryption system, not based on marketing buzzwords. 100% percent security can be reached only with triple level protection, when a hardware - micro SD cryptocard - protects the encryption keys, a software - an app running on the smart phone - protects against malware and spyware, and a unique encryption solution, that provides eavesdrop-proof communication.

If a company does not take this into consideration, choosing a wrong solution will hurt badly sooner or later.


  1. That is really good and very inforamtive blog. Thanks for sharing it with us and keep posting such blogs with us