Secure telephone
Encyclopedia
A secure telephone is a telephone
that provides voice security
in the form of end-to-end encryption
for the telephone call, and in some cases also the mutual authentication
of the call parties, protecting them against a man-in-the-middle attack
. Concerns about massive growth of telephone tapping
incidents lead to growing demand for secure telephones.
The practical availability of secure telephones is restricted by several factors; notably politics, export issues
, incompatibility between different products (the devices on each side of the call have to talk the same protocol), and high (though recently decreasing) price of the devices.
family. However, this system has now been replaced by the Secure Terminal Equipment
(STE) and SCIP standards which defines specifications for the design of equipment to secure both data and voice. The SCIP standard was developed by the NSA
and the US DOD
to derive more interoperability
between secure communication equipment. A new family of standard secure phones has been created by based on Philip Zimmermann's VoIP encryption standard ZRTP
.
Examples include the Gizmo5
and Twinkle
. Both of the former work with offerings from the founder of PGP, Phil Zimmermann
, and his VoIP secure protocol, ZRTP
. ZRTP is implemented in Ripcord Networks
product SecurePC with up to NSA Suite B compliant Elliptic Curve math libraries.
ZRTP is also being made available for mobile GSM CSD as a new standard for non-VoIP secure calls.
Several manufacturers of hardware analog telephony adapter
s offer easy-to-use secure options.
s were used to secure voice
traffic during World War II
, but were often intercepted and decoded due to scrambling's inherent insecurity. The first true secure telephone was SIGSALY
, a massive device that weighed over 50 tons. NSA, formed after World War II, developed a series of secure telephones, including the STU I, STU II and STU-III
, as well as voice encryption devices for military telephones.
Other products of historical significance are PGPfone
and Nautilus
(designed as a non-backdoor
ed alternative to Clipper
, now officially discontinued, but still available on SourceForge
), SpeakFreely, and the security VoIP protocol wrapper Zfone
developed by the creator of PGP
.
Scrambling, generally using a form of voice inversion
, was available from electronic hobbyist kit suppliers and is common on FRS
radios. Analog scrambling is still used, as some telecommunications circuits, such as HF links and telephone lines in the developing world, are of very low quality.
Telephone
The telephone , colloquially referred to as a phone, is a telecommunications device that transmits and receives sounds, usually the human voice. Telephones are a point-to-point communication system whose most basic function is to allow two people separated by large distances to talk to each other...
that provides voice security
Secure voice
Secure voice is a term in cryptography for the encryption of voice communication over a range of communication types such as radio, telephone or IP.-History:...
in the form of end-to-end encryption
Encryption
In cryptography, encryption is the process of transforming information using an algorithm to make it unreadable to anyone except those possessing special knowledge, usually referred to as a key. The result of the process is encrypted information...
for the telephone call, and in some cases also the mutual authentication
Authentication
Authentication is the act of confirming the truth of an attribute of a datum or entity...
of the call parties, protecting them against a man-in-the-middle attack
Man-in-the-middle attack
In cryptography, the man-in-the-middle attack , bucket-brigade attack, or sometimes Janus attack, is a form of active eavesdropping in which the attacker makes independent connections with the victims and relays messages between them, making them believe that they are talking directly to each other...
. Concerns about massive growth of telephone tapping
Telephone tapping
Telephone tapping is the monitoring of telephone and Internet conversations by a third party, often by covert means. The wire tap received its name because, historically, the monitoring connection was an actual electrical tap on the telephone line...
incidents lead to growing demand for secure telephones.
The practical availability of secure telephones is restricted by several factors; notably politics, export issues
Export of cryptography
The export of cryptography in the United States is the transfer from the United States to another country of devices and technology related to cryptography....
, incompatibility between different products (the devices on each side of the call have to talk the same protocol), and high (though recently decreasing) price of the devices.
Well known products
The best-known product on the US government market is the STU-IIISTU-III
STU-III is a family of secure telephones introduced in 1987 by the NSA for use by the United States government, its contractors, and its allies. STU-III desk units look much like typical office telephones, plug into a standard telephone wall jack and can make calls to any ordinary phone user...
family. However, this system has now been replaced by the Secure Terminal Equipment
Secure Terminal Equipment
Secure Terminal Equipment is the U.S. Government's current , encrypted telephone communications system for wired or "landline" communications. STE is designed to use ISDN telephone lines which offer higher speeds of up to 128k bits per second and are all digital...
(STE) and SCIP standards which defines specifications for the design of equipment to secure both data and voice. The SCIP standard was developed by the NSA
National Security Agency
The National Security Agency/Central Security Service is a cryptologic intelligence agency of the United States Department of Defense responsible for the collection and analysis of foreign communications and foreign signals intelligence, as well as protecting U.S...
and the US DOD
United States Department of Defense
The United States Department of Defense is the U.S...
to derive more interoperability
Interoperability
Interoperability is a property referring to the ability of diverse systems and organizations to work together . The term is often used in a technical systems engineering sense, or alternatively in a broad sense, taking into account social, political, and organizational factors that impact system to...
between secure communication equipment. A new family of standard secure phones has been created by based on Philip Zimmermann's VoIP encryption standard ZRTP
ZRTP
ZRTP is a cryptographic key-agreement protocol to negotiate the keys for encryption between two end points in a Voice over Internet Protocol phone telephony call based on the Real-time Transport Protocol. It uses Diffie-Hellman key exchange and the Secure Real-time Transport Protocol for...
.
VoIP and direct connection phones
As the popularity of VoIP grows, secure telephony is becoming more widely used. Many major hardware and software providers offer it as a standard feature at no extra cost.Examples include the Gizmo5
Gizmo5
Gizmo5 was a Voice over Internet Protocol communications network and a proprietary freeware soft phone for that network. On November 12, 2009, Google announced that it had acquired Gizmo5...
and Twinkle
Twinkle (software)
Twinkle is a free and open source software application for Voice over Internet Protocol voice communications in IP networks, such as the Internet. It is designed for GNU/Linux operating systems and uses the Qt toolkit for its graphical user interface. For call signaling it employs the Session...
. Both of the former work with offerings from the founder of PGP, Phil Zimmermann
Phil Zimmermann
Philip R. "Phil" Zimmermann Jr. is the creator of Pretty Good Privacy , the most widely used email encryption software in the world. He is also known for his work in VoIP encryption protocols, notably ZRTP and Zfone....
, and his VoIP secure protocol, ZRTP
ZRTP
ZRTP is a cryptographic key-agreement protocol to negotiate the keys for encryption between two end points in a Voice over Internet Protocol phone telephony call based on the Real-time Transport Protocol. It uses Diffie-Hellman key exchange and the Secure Real-time Transport Protocol for...
. ZRTP is implemented in Ripcord Networks
Ripcord Networks
Ripcord Networks is a voice and video cryptographic security company. Their worldwide headquarters is in San Mateo, California in the United States. The company offers secure solutions for voice and video calling and conferencing from PC software, desk phones, cellular/mobile phones, femtocell, and...
product SecurePC with up to NSA Suite B compliant Elliptic Curve math libraries.
ZRTP is also being made available for mobile GSM CSD as a new standard for non-VoIP secure calls.
Several manufacturers of hardware analog telephony adapter
Analog telephony adapter
An analog telephony adapter, or analog telephone adapter, is a device used to connect one or more standard analog telephones to a digital telephone system or a non-standard telephone system....
s offer easy-to-use secure options.
Historically significant products
ScramblerScrambler
In telecommunications, a scrambler is a device that transposes or inverts signals or otherwise encodes a message at the transmitter to make the message unintelligible at a receiver not equipped with an appropriately set descrambling device...
s were used to secure voice
Secure voice
Secure voice is a term in cryptography for the encryption of voice communication over a range of communication types such as radio, telephone or IP.-History:...
traffic during World War II
World War II
World War II, or the Second World War , was a global conflict lasting from 1939 to 1945, involving most of the world's nations—including all of the great powers—eventually forming two opposing military alliances: the Allies and the Axis...
, but were often intercepted and decoded due to scrambling's inherent insecurity. The first true secure telephone was SIGSALY
SIGSALY
In cryptography, SIGSALY was a secure speech system used in World War II for the highest-level Allied communications....
, a massive device that weighed over 50 tons. NSA, formed after World War II, developed a series of secure telephones, including the STU I, STU II and STU-III
STU-III
STU-III is a family of secure telephones introduced in 1987 by the NSA for use by the United States government, its contractors, and its allies. STU-III desk units look much like typical office telephones, plug into a standard telephone wall jack and can make calls to any ordinary phone user...
, as well as voice encryption devices for military telephones.
Other products of historical significance are PGPfone
PGPfone
PGPfone was a secure voice telephony system developed by Philip Zimmermann in 1995. The PGPfone protocol had little in common with Zimmermann's popular PGP email encryption package, except for the use of the name. It used ephemeral Diffie-Hellman protocol to establish a session key, which was...
and Nautilus
Nautilus (secure telephone)
Nautilus is a program which allows two parties to securely communicate using modems or TCP/IP. It runs from a command line and is available for the Linux and Windows operating systems...
(designed as a non-backdoor
Key escrow
Key escrow is an arrangement in which the keys needed to decrypt encrypted data are held in escrow so that, under certain circumstances, an authorized third party may gain access to those keys...
ed alternative to Clipper
Clipper chip
The Clipper chip was a chipset that was developed and promoted by the U.S. National Security Agency as an encryption device to be adopted by telecommunications companies for voice transmission...
, now officially discontinued, but still available on SourceForge
SourceForge
SourceForge Enterprise Edition is a collaborative revision control and software development management system. It provides a front-end to a range of software development lifecycle services and integrates with a number of free software / open source software applications .While originally itself...
), SpeakFreely, and the security VoIP protocol wrapper Zfone
Zfone
Zfone is software for secure voice communication over the Internet , using the ZRTP protocol. It is created by Phil Zimmermann, the creator of the PGP encryption software. Zfone works on top of existing SIP- and RTP-programs, but should work with any SIP- and RTP-compliant VoIP-program.Zfone turns...
developed by the creator of PGP
Pretty Good Privacy
Pretty Good Privacy is a data encryption and decryption computer program that provides cryptographic privacy and authentication for data communication. PGP is often used for signing, encrypting and decrypting texts, E-mails, files, directories and whole disk partitions to increase the security...
.
Scrambling, generally using a form of voice inversion
Voice inversion
Voice Inversion scrambling is an analog method of obscuring the content of a transmission. It sometimes used in public service radio, automobile racing, cordless telephones and the Family Radio Service. Without a descrambler, the transmission makes the speaker sound like "Donald Duck"...
, was available from electronic hobbyist kit suppliers and is common on FRS
Family Radio Service
The Family Radio Service is an improved walkie talkie radio system authorized in the United States since 1996. This personal radio service uses channelized frequencies in the ultra high frequency band. It does not suffer the interference effects found on citizens' band at 27 MHz, or the...
radios. Analog scrambling is still used, as some telecommunications circuits, such as HF links and telephone lines in the developing world, are of very low quality.
See also
- Mobile phone trackingMobile phone trackingMobile phone tracking refers to the attaining of the current position of a mobile phone, stationary or moving. Localization may occur either via multilateration of radio signals between radio towers of the network and the phone, or simply via GPS...
- SRTPSRTPIn Communications:* Secure Real-time Transport Protocol, security profile for Real-time Transport Protocol* Service Request Transport Protocol GE-Fanuc Automation Protocol for Programmable logic controller use.* Student Research Training Program...
- SCIP
- TETRATetrathumb|right|250px|Pristella tetra — [[Pristella maxillaris]].thumb|right|250px|Golden Pristella tetra, a [[morph |morph]] of [[Pristella maxillaris]].thumb|right|250px|[[Silvertip tetra]] — Hasemania nana....
- A5/1A5/1A5/1 is a stream cipher used to provide over-the-air communication privacy in the GSM cellular telephone standard. It was initially kept secret, but became public knowledge through leaks and reverse engineering. A number of serious weaknesses in the cipher have been identified.-History and...
- ZRTPZRTPZRTP is a cryptographic key-agreement protocol to negotiate the keys for encryption between two end points in a Voice over Internet Protocol phone telephony call based on the Real-time Transport Protocol. It uses Diffie-Hellman key exchange and the Secure Real-time Transport Protocol for...
- Crypto phoneCrypto phoneCrypto phones are mobile telephones that provide security against eavesdropping and electronic surveillance.The interception of telecommunications has become a major industry. Most of the world's intelligence agencies and many private organisations intercept telephone communications to obtain...
- Secure voiceSecure voiceSecure voice is a term in cryptography for the encryption of voice communication over a range of communication types such as radio, telephone or IP.-History:...