Friday, January 17, 2014

Secfone beyond encrypted mobile communication - Key protection



A recent blog post on the impacts of Snowden's leaded documents on encryption softwares skyrocketed on this blog. Thanks folks!

However several questions came up concerning Secfone's solution let me answer them here. I try not to be too technical, so it will be understandable for non-infosec users too.

How Secfone protects encryption keys?

One of the fundamental issues in communication encryption is how the solution protects the encryption keys. If the keys are compromised, than the communication can easily be tapped. Encryption softwares can use only the device's (smartphone) store and CPU to store, generate, manage and use encryption keys. However these hardware elements are not designed to protect anything. This is one of the biggest weak-point of all encryption software.

Secfone uses TPM technology (Trusted Platform Module), a cryptochip integrated into a micro SD card (the card goes into the micro SD slot of the smartphone). This hardware piece is designed to generate, store, manage, use and PROTECT encryption keys. The cryptochip is designed to be very sensitive on purpose. That means the information can't be retrieved from the chip (it is not readable by design). If you try to hack the cryptochip - with an oscilloscope, or put it under an electro-microscope, try to freeze and remove it - it damages the chip and all the information it stores is lost immediately. This is the only proven technology today that can protect encryption keys (More on TPM technology: 5 functions of TPM you did not know about).

Interesting: One of an early version of cryptochips was hacked by Cristopher Tarnovsky in 2010. The hack required very high level of expertise and physical possession of the chip. This hack does not work anymore with the new hardwares.

What about stealing the encryption keys?

Good question. There are some companies that use cryptochip (they call it security card or trustchip, this is the very same thing) and put the keys into the chip at production. The keys are safe inside the cryptochip, it is no question, but can be compromised BEFORE they put it into the chip.

Secfone has its own method. Secfone does not put keys into the cryptochip, but uses cryptochip's functions to generate the keys for itself at production. What does it mean?

  1. Keys needed to decrypt the information that arrives to the device NEVER leave the safe storage of cryptochip.
  2. Keys can not be stolen from the factory or from a sysadmin.
  3. Nobody knows the keys (producer of the cryptocard, Secfone, the customer, nobody)

Interesting: Cryptochip is a military-grade technology under special export regulations. Strict legislation apply to keep information on who possesses the technology. It can not be exported to "sensitive" countries. 

Now the keys are safe. However, there are more layers of security in Secfone, I will write a post about them soon.

Thanks for reading. If you found this blog post interesting, please spread the word.

Wednesday, January 15, 2014

Snowden killed all iPhone encryptions

If you use encryption software on your iPhone and you paid for it, than you paid for illusion not for security. Thanks to Snowden and security researcher Jacob Appelbaum now the entire World knows the magic word DROPOUTJEEP and the meaning of it.

DROPOUTJEEP is a spyware program developed by NSA that runs on iPhone, and provides access to almost everything. It can intercept SMS messages, can read the contact lists, locate the iPhone based on cell tower data, and the best part is, it can turn on the camera and the microphone, and can listen to any conversation. It can even be deployed remotely.

According to leaked documents NSA claims 100% success rate on iOS devices. It is impossible to reach 100%, unless you have access to a backdoor. Of course Apple denies that it helped NSA to build iPhone's backdoor, but it does not change anything. It does not change the 100% success rate.

How DROPOUTJEEP impact encryption softwares on iPhone?

Now come the bad news. It is well known for the industry experts that purely software-based mobile encryption solutions can not secure any communication. Now things are going bad to worse. No encryption solution can protect your communication on iPhone. Not even hardware based solutions.

Since DROPOUTJEEP can manage the microphone of the iPhone, it listens to the conversation BEFORE any encryption takes place. Your software or hardware solution can even use military-grade 4096 bit encryption keys, it provides zero security if you use it on iPhone. If you use Gold Lock, Silent Circle, Zfone, Crypttalk, Cellcrypt, Kryptos, Secustar or any other encryption software on iPhone and you still need secure mobile communication, consider just deleting your app.

Time to reconsider what you think about encryption software and iPhone security.

Takeaway

The good news is you still can have secure mobile communication. Avoid iPhone and BlackBerry, use open source operating system. Choose cryptochip (hardware) based encrypted mobile communication solution with triple-level protection. Triple level protection keeps any unauthorized process to access your phone's microphone.

If you have found anything new in this blog post, please share it. Thank you :-)