SlideShare uma empresa Scribd logo

SlingSecure Mobile Voice Encryption

SlingSecure Mobile Encryption
SlingSecure Mobile Encryption

SlingSecure is the most secure encrypted messaging provider for Blackberry & Android mobile devices on the market. SlingSecure secure messaging was designed specifically for encrypting mobile-to-mobile, mobile-to-landline communication via Blackberry / Android smartphones. Our multiple security features and protocols ensure safe, anonymous and highly secure transmission between Blackberry & Android devices for users who may deal with sensitive information and anyone who wants their peace of mind. Features: Blackberry to Android Encryption Mobile to Landline Encryption Landline to Landline Encryption Private SMS Encryption Email Encryption Blackberry to Android. Visit us today at www.slingsecure.com

TecnologiaNegócios
1 de 38
Baixar para ler offline
SlingSecure Secure Network Convergence
Problem solving approach for secure network convergence Problem ✓ Operators do not give direct IP connection between devices on different networks ✓ Main limitations are •  Private IP address •  “Rolling” IP address for mobile •  NAT •  Firewalling, etc. ✓ User identity and activity log cannot be hidden (e.g. for VIP closed User Group) ✓ Standard SIP protocol not designed for mobile networks ✓ Need to interconnect system/devices with different or legacy transport protocols (e.g. proprietary systems)     VoIP   Server   VoIP   Server   VoIP   Server   Mobile   Terminal  1   Mobile  Terminal  2  
Problem solving approach for secure network convergence Solu%on     ✓ Interconnection for secure voice & data communication between •  IP devices •  3G - 4G & LTE mobile •  PSTN •  2G mobile XServ   Module   XServ   Module   ✓ Pass-Through End-to-end Communication ✓ SlingSecure Network allows •  Independent communication and signaling management •  Closed user group in mixed mobile and fixed environment •  Encrypted call signaling •  Protocol conversion and adaptation when required   XServ   Module   PSTN    to  IP   User  DB   PSTN  Device   Authen:ca:on  and     Key  Management   End-To-End Full Duplex Secure Signaling IP  Device  
X Serv Interconnection for secure voice & data communication between IP devices XServ   Module   XServ   Module   SlingSecure XServ   Module   SlingSecure Network allows protocol conversion and adaptation when required (e.g. PSTN to IP) PSTN    to  IP   User  DB   Terminals   Devices connected to X Serv • Mobile 2G/3G/4G/LTE/WiFi • PSTN devices PSTN  Device   Authen:ca:on  and     Key  Management   IP  Device  
Cross  Network  Communica%on  Server     ✓ End-to-end Secure Communication ✓ Encrypted call signaling ✓ HW authentication ✓ Key Management ✓ Pass trough data channels ✓ Mobile IP Follower ✓ Mobile Carrier NAT/Firewall bypass (No STUN server required) ✓ Cluster based, scalable architecture SlingSecure Network XServ   Module   XServ   Module   XServ   Module   User  DB   User  A   Authen:ca:on  and     Key  Management   XServ   End-To-End Full Duplex Secure Channels User  B  
XServ  Management   •  WEB Based (HTTPS) Interface •  Local Access –  Strong Authentication based on •  USB Secure Token •  Smart Card •  Remote   –  Strong Authentication based on •  PKI •  Symmetrical Keys (OTP) XServ   USEpro Device
XServ  Mul%ple  Organiza%ons   Authen:ca:on  and     Key  Management  (A)   Authen:ca:on  and     Key  Management  (B)   XServ  (A)   XServ  (B)   User  DB  (A)   USR  1   USR  2   Account  (A)   USR  3   USR  4   User  DB  (B)   USR  2   Inter-­‐Force   Key   USR  3   Inter-­‐Force   Key   USR  N   USR  1   USR  4   USR  N   Account  (B)   Organiza:on  (A)   Organiza:on  (B)  
Communica%on  Gateway   Multiple communication interfaces embedded into a flexible platform designed to deliver interconnection and security SlingSecure Gateway ✓  Physical conversion between heterogeneous channels (e.g. PSTN to IP) ✓  Logical adaptation between different protocols ✓  Multi-core, real time signal processing ✓  Hardware Encryption SlingSecure  Gateway   on demand UMTS   EDGE   GSM   Phone,  Line     &  Modems   USB  Host   USB  Device   Ethernet   SD  Storage   Fully Customizable
Devices  connected  to  XServ   SlingSecure Network allows both mobile and fixed devices to be interconnected and perform secure voice and data communications ✓  ✓  ✓  ✓  •  •  •  Mobile 3G/4G/LTE Mobile 2G WiFi ready terminals PSTN Devices Telephone Fax Modems 2.75G/3G WiFi 2G/3G/WiFi 2G Telephone Fax
SlingSecure  Secure  Phone  Stack   Available platforms ✓ Full Custom ✓ Semi Custom ✓ COTS (e.g. Motorola, Nokia, HTC HW)     Applications & Libraries for Secure Mobile Communication Authentication and Encryption Applica:on  Layer   Clear  Dialer   Crypto  Dialer   Call  List   Crypto  Call  List   Contacts   Crypto  Contacts   SMS   Crypto  SMS   Libraries   Crypto  Protocols     Graphic  Libs   Crypto  Engine  (xSE   (QT,  ...)   based)     OS  Independent  Wrapper   (Audio,  keypad,  PM,  Modem,  etc.  )     Telephony  API   microSE mSE   Hardware Secure Phone Stack (SPS) Software Fully Customizable
m  S  E  Ambiente  Micro  Seguro   All the xSE features in a MicroSD ASIC   ✓ HW crypto engine ✓ Standard and custom algorithms ✓ SD card interface (up to 450Mb/s) ✓ Integrated memory (up to 4 GB) ✓ Internal keys database ✓ Suitable for Mobile Applications SPI  o   BUS   NAND   Flash   mSE  
SlingSecure  Mobile  PlaDorms   SlingSecure range consists in 4 kinds of mobile platforms according to the required security level Hardware Security Software secure application on COTS terminals with microSD (eg. Nokia, Windows Mobile, etc.) Software secure application on COTS terminals (eg. Nokia, Windows Mobile, Android, etc.) C microSD on COTS Terminals COTS terminals A Software Secure Application Software secure phone stack on COTS terminals with microSD (eg. Android) D B Software Secure Phone Stack Software secure phone stack (OS and applications) on COTS terminals (eg. Motorola) Software Security
Secure  Voice  Call  Flow   Authen%ca%on   To launch the application and access to the secure dialer user must insert authentication password Secure  Dialer  Access   Nego%a%on   Symmetrical communication key is negotiated between the caller and the called user when secure voice call is set up or an incoming secure call is answered Before starting the secure voice call the following elements are also negotiated by the devices • Encryption/Decryption algorithm (multiple algorithm selection available) • Vocoder type, mode and rate • Secondary keys (e.g. used for sms) Incoming/Outcoming   Secure  Voice  Call   Nego%a%on   Voice   Secure voice call starts after negotiation phase successful completion Secure  Voice  Call  
Authen%ca%on   User Authentication •  User is asked to insert a password whenever the Secure Voice Application is launched •  Password can be asked only once or several times according to the user preferences •  Password can be changed at any time by the user •  Password is used to access the application and the key repository User  Password   Sha   256   Hashed  Password   Comparator   Keys are encrypted by means of a key derived by the User Password OK   Start  Secure  Dialer   Stored on the mobile phone Key Repository
Key  Repository   Two key secure repositories are stored on the mobile terminal (or on microSD) •  Manual Keys repository •  KMS - Key Management Server - Keys repository Key secure repositories contain symmetrical pre-shared keys to be used standalone or combined with other secrets to encrypt/decrypt communications (voice calls, sms, messaging, etc.). • Manual Keys •  Can be added, deleted or modified directly by the User using the Secure Voice Application menu •  Can be enabled according to the user preferences and/or KMS (Key Management Server) policies, if applicable • KMS - Key Management Server - Keys •  Can be generated only by the KMS •  Can be added remotely (e.g. via sms) by the KMS •  Cannot be cancelled or modified by the user
Keys  Security   Main fields •  KeyID (clear) •  Key Value (encrypted) Secondary fields •  expiration date (encrypted) •  usage (encrypted) •  label (clear) • RND key is generated at keys Repository creation time Keys  are  encrypted  by     means  of  a  key  derived     by  the  User  Password   • RND key is encrypted and stored on the mobile phone • Encrypted RND key is used in combination with the User Password to extract a key value from the encrypted keys Repository • When the cryptographic microSD card is present Keys are sent encrypted in the microSD card • Encrypted RND key is stored in the microSD • Keys are decrypted and used inside the microSD All  the  opera:on  in   the  green  area   are  performed  in   the  microSD,     if  present   Key  ID  (4  bytes)   Encrypted  Key  Value  (16  Bytes)   IN   In   Encrypted  RND  Key   AES   256   Out   SHA   256   AES   256   OUT   Key   User  Password   Key   microSD   Clear  Key  Value  (16  Bytes)  
Voice  Call  Key  nego%a%on   Symmetric keys used to encrypt/decrypt communications can be created in three different ways 1) Pre-Shared keys • two lists of pre-shared keys are available: •  manual •  KMS generated • One of the pre-shared keys the caller and the called user have in common, is selected at negotiation time to encrypt/decrypt the voice call 2) DH Diffie Hellman - Standard or Elliptic Curves based • A symmetrical session key is negotiated at call time • Standard DH version based on 4096 bit keys • Elliptic Curves DH version is based on 571 bit keys, Koblitz GF(2m) configuration • The final Session key is the hash of DH result 3) A combination of the first two modes • The final Session key is a combination of the two previous keys: SHA256(DH | SK) Note:    A  Family  Key  can  be  added  to  all  the  previous  mechanisms  in  order  to  create  (sub)groups  
Man  in  the  middle   To detect a potential man-in-the-middle attack two numerical authentication codes are generated from the SHA256 of the negotiated encryption key Codes appear on the device screen during the call At the start of the communication users should check such codes each other by voice MATCHing codes = NO INTRUDER interfering with the call codes DO NOT MATCH = man in the middle ATTACK IN ACTION
Secure  Voice  Call  Path   SECURE CHANNEL Symmetric Communication Key ANT MIC ANT MIC ADC Voc Enc Mod Mod Enc Voc ADC DAC Voc Dec Dem Dem Dec Voc DAC SPK SPK CLEAR CLEAR CRYPTO Application Domain CRYPTO CRYPTO CRYPTO Baseband Domain CRYPTO CRYPTO CLEAR CLEAR Application Domain
Applica%on  Voice  Processing   •  Access to microphone and speaker using the OS APIs •  Get 8KHz/16bit (128Kbit/s) Audio Samples from Mic •  Put 8KHz/16bit (128Kbit/s) Audio Samples to Speakers •  Compression of Audio Samples to a GSM/UMTS suitable rate using standard or custom Vocoders •  Encoding of microphone audio samples (from 128Kbit/s to ~5Kbit/s) •  Decoding of speaker audio samples (from ~5Kbit/s to 128Kbit/s) •  The vocoder can be exposed by the operating system or written in native language •  Voice Encryption/Decryption •  Encryption of encoded microphone audio samples •  Decryption of encoded speaker audio samples •  Cryptographic operations are performed by a dedicated HW or SW module
Voice  Processing  Components   Get Audio Samples Audio Samples Encoding Encoded Audio Samples Encryption Send Data Audio Libraries Standard or Custom Vocoders Crypto Library Telephony API Audio Drivers MicroSD/Mass Storage Drivers Baseband COM Audio Codec and Microphone Cryptographic MicroSD Baseband Processor Application Libraries Drivers Hardware Only for HW Crypto Engine (e.g. microSD) SlingSecure provided Operating System (e.g. by phone manufacturer) * This diagram describes only the voice path from the microphone to the radio transmission
SlingSecure Network FAX G3 IP XServ IP 3G Mobile i Pip WiF SlingSecure Gateway e Telephone IP IP Network WiFi Mobile IP SlingSecure Gateway
Secure  Network  Convergence  -­‐  Case  1   Secure Voice over IP (2.5G, 2.75G, 3G, 3.5G, 4G, LTE, WiFi) •  Encrypted Signaling managed by XServ Pipecom Server •  Encrypted End-To-End voice packets managed by the IP Terminals (HW encryption) VoIP   Device  1   X  Serv   Encrypted   Signaling   Encrypted  voice  packets     over  End-­‐To-­‐End   pass  through  Channel   Encrypted   Signaling   VoIP   Device  2  
BlackBerry communication services •  Secure Voice over IP •  Secure eMail •  Secure Messenger Complete scalable system allowing integrators and operators to deliver secure voice, messaging and email services over the BlackBerry platform using End-To-End HW based encryption. Encrypted   Signaling   HW  token  to  guarantee  high  speed   and  strong  security     (2048  bit  key  length  or  higher)   Proprietary  service  server   Independent  Secure  Client   architecture   Security   X  Serv   Encrypted   Signaling   End-­‐To-­‐End   HW  Encryp:on   Available  4Q  2010  
Land-­‐Line  to  Mobile   Telephone System Elements: •  Analog Telephone •  SlingSecure Gateway to convert PSTN to IP •  2.5G/3G/4G/LTE Mobile Phone (including mSE) Secure Voice Call between standard PSTN telephones and Mobile phones SlingSecure Gateway Encrypted Signaling XServ   Encrypted Signaling Hardware Encryption performed by • SlingSecure Gateway on PSTN side • mSE on Mobile Phone side • Custom encryption algorithm (optional) End-To-End HW Encryption Mobile
Secure  Fax  over  IP   System Elements: •  Standard G3 FAX •  SlingSecure Gateway to convert PSTN to IP Secure Data Call between standard PSTN FAX Hardware Encryption performed by the SlingSecure Gateway Standard G3 FAX SlingSecure Gateway Encrypted Signaling •  Custom Encryption Algorithm Two FAX mode settings: •  Direct Line •  Store and Forward XServ   Encrypted Signaling End-To-End HW Encryption Standard G3 FAX SlingSecure Gateway
Satellite  Worldwide  Connec%on   Satellite   Internet   k   Sat  Lin VoIP  Server   IP  over  Sat   Car  System   Ground     Station   WiFi   WiFi   Portable  System   Marine  System  
CSD  Proxy   ZONE 2 ZONE 1 CSD to IP Conversion VoIP Server GSM Area - CSD (No UMTS, No IP) IP Network IP   GSM  -­‐  CSD   Secure  Gateway   CSD  Proxy  
Secure  Conference  Call   SlingSecure Network IP IP XServ 3G Pipe WiFi Mobile 3G Mobile Telephone IP IP Secure Media Conference IP Network Temporary Keys Unique Conference Number SlingSecure Gateway
Customiza%ons  (I)   Customization level & criteria are selected according to the mobile platform Customization should be performed by the customer independently and without any knowledge or interference from SlingSecure Mobile terminals without cryptographic microSD • As the cryptographic library is an external module written in C/C++, customer can modify or add methods starting from a functional template provided by SlingSecure • Customer can compile and overload the cryptographic library independently • A simulation environment is provided together with required HW and SW tools Cross Compiled Overloading   Ansi C Function C++ Wrapper Simula:on   Custom Compila:on   Testing Loop ANSI C functions Customize AES Custom DH EC KEY Mng RNG
Customiza%ons  (II)   Customization options for or microSD based mobile platforms 1) Smart Card based microSD (standard solution) • Custom combination of standard algorithms can be implemented • Cryptographic functions are exported as java card libraries • SlingSecure can provide the basic applet and support to add/overload internal custom functions on “open” smart card based microSD provided by the Customer 2) Custom microSD (available on request) • Micro controller based microSD card for deeper algorithm customizations - SlingSecure provided • Same approach as for software library with ANSI C code executed inside the microSD 3) Software Library • Custom algorithms are implemented as software library • Basic cryptographic operations are kept inside smart card based or micro controller based microSD
File  Server  Authen%ca%on   ✓  ✓  ✓  User Authentication to access Dmz File Server Radius-Tacacs + Ldap verifies user account and policies by the domain controller The domain server grants the authentication for the workstations to access Dmz File Server
Keys  and  Cer%ficates  (I)   ✓ User groups in different VLAN are managed by dedicated switches ✓ Traffic policies managed by the security gateway ✓ Access managed by means of •  Secure Token (EAL5+ smartcard based) or •  Symmetric Key based OTP device or •  Certificates Cer:ficates   USEpro Device    
Keys  and  Cer%ficates  (II)  
Remote  Management  over  VPN   ✓  VPN managed by Clavister products •  SG 3000 •  SG 4000 ✓  QoS and Bandwidth Management
IDP/IPS  Scanning  
SlingSecure products are backed up by the support of the engineering and design team for ü  Cost effectiveness ü  Smooth system integration ü  Timely solution delivery The high level service & support for all SlingSecure View products allows the Customer to reach the desired result with the best cost to performance ratio
SlingSecure International info@slingsecure.com

Recomendados

Voice encryption for gsm using arduino
Voice encryption for gsm using arduinoVoice encryption for gsm using arduino
Voice encryption for gsm using arduinoiruldaworld
 
PrivateGSM - Voice Encryption Technical Overview
PrivateGSM - Voice Encryption Technical OverviewPrivateGSM - Voice Encryption Technical Overview
PrivateGSM - Voice Encryption Technical OverviewPrivateWave Italia SpA
 
Encrypted Voice Communications
Encrypted Voice CommunicationsEncrypted Voice Communications
Encrypted Voice Communicationssbwahid
 
Labmeeting - 20150211 - Novel End-to-End Voice Encryption Method in GSM System
Labmeeting - 20150211 - Novel End-to-End Voice Encryption Method in GSM SystemLabmeeting - 20150211 - Novel End-to-End Voice Encryption Method in GSM System
Labmeeting - 20150211 - Novel End-to-End Voice Encryption Method in GSM SystemSyuan Wang
 
Ict encryption agt_fabio_pietrosanti
Ict encryption agt_fabio_pietrosantiIct encryption agt_fabio_pietrosanti
Ict encryption agt_fabio_pietrosantiPrivateWave Italia SpA
 
Defcon 22-fatih-ozavci-vo ip-wars-attack-of-the-cisco-phones
Defcon 22-fatih-ozavci-vo ip-wars-attack-of-the-cisco-phonesDefcon 22-fatih-ozavci-vo ip-wars-attack-of-the-cisco-phones
Defcon 22-fatih-ozavci-vo ip-wars-attack-of-the-cisco-phonesPriyanka Aash
 
Technical Sheet - PrivateGSM VoIP - english
Technical Sheet - PrivateGSM VoIP - englishTechnical Sheet - PrivateGSM VoIP - english
Technical Sheet - PrivateGSM VoIP - englishPrivateWave Italia SpA
 
VoIP security: Implementation and Protocol Problems
VoIP security: Implementation and Protocol ProblemsVoIP security: Implementation and Protocol Problems
VoIP security: Implementation and Protocol Problemsseanhn
 

Recomendados

Voice encryption for gsm using arduino
Voice encryption for gsm using arduinoVoice encryption for gsm using arduino
Voice encryption for gsm using arduinoiruldaworld
 
PrivateGSM - Voice Encryption Technical Overview
PrivateGSM - Voice Encryption Technical OverviewPrivateGSM - Voice Encryption Technical Overview
PrivateGSM - Voice Encryption Technical OverviewPrivateWave Italia SpA
 
Encrypted Voice Communications
Encrypted Voice CommunicationsEncrypted Voice Communications
Encrypted Voice Communicationssbwahid
 
Labmeeting - 20150211 - Novel End-to-End Voice Encryption Method in GSM System
Labmeeting - 20150211 - Novel End-to-End Voice Encryption Method in GSM SystemLabmeeting - 20150211 - Novel End-to-End Voice Encryption Method in GSM System
Labmeeting - 20150211 - Novel End-to-End Voice Encryption Method in GSM SystemSyuan Wang
 
Ict encryption agt_fabio_pietrosanti
Ict encryption agt_fabio_pietrosantiIct encryption agt_fabio_pietrosanti
Ict encryption agt_fabio_pietrosantiPrivateWave Italia SpA
 
Defcon 22-fatih-ozavci-vo ip-wars-attack-of-the-cisco-phones
Defcon 22-fatih-ozavci-vo ip-wars-attack-of-the-cisco-phonesDefcon 22-fatih-ozavci-vo ip-wars-attack-of-the-cisco-phones
Defcon 22-fatih-ozavci-vo ip-wars-attack-of-the-cisco-phonesPriyanka Aash
 
Technical Sheet - PrivateGSM VoIP - english
Technical Sheet - PrivateGSM VoIP - englishTechnical Sheet - PrivateGSM VoIP - english
Technical Sheet - PrivateGSM VoIP - englishPrivateWave Italia SpA
 
VoIP security: Implementation and Protocol Problems
VoIP security: Implementation and Protocol ProblemsVoIP security: Implementation and Protocol Problems
VoIP security: Implementation and Protocol Problemsseanhn
 
Hardware Hacking Chronicles: IoT Hacking for Offence and Defence
Hardware Hacking Chronicles: IoT Hacking for Offence and DefenceHardware Hacking Chronicles: IoT Hacking for Offence and Defence
Hardware Hacking Chronicles: IoT Hacking for Offence and DefenceFatih Ozavci
 
Wavedigitech presentation-2013
Wavedigitech presentation-2013Wavedigitech presentation-2013
Wavedigitech presentation-2013Wave Digitech
 
Difference bw android4.2 to android 4.3
Difference bw android4.2 to android 4.3Difference bw android4.2 to android 4.3
Difference bw android4.2 to android 4.3Wave Digitech
 
Introduction to VoIP Security
Introduction to VoIP SecurityIntroduction to VoIP Security
Introduction to VoIP Securityn|u - The Open Security Community
 
*astTECS IP PBX
*astTECS IP PBX*astTECS IP PBX
*astTECS IP PBX*astTECS
 
VoIP Wars: Destroying Jar Jar Lync (Unfiltered version)
VoIP Wars: Destroying Jar Jar Lync (Unfiltered version)VoIP Wars: Destroying Jar Jar Lync (Unfiltered version)
VoIP Wars: Destroying Jar Jar Lync (Unfiltered version)Fatih Ozavci
 
How To Successfully Implement IP Video
How To Successfully Implement IP VideoHow To Successfully Implement IP Video
How To Successfully Implement IP VideoVideoguy
 
Voice Over IP Overview w/Secuirty
Voice Over IP Overview w/SecuirtyVoice Over IP Overview w/Secuirty
Voice Over IP Overview w/SecuirtyChristopher Duffy
 
I tel mobile dialer
I tel mobile dialerI tel mobile dialer
I tel mobile dialersmriti2703
 
I N T E R O P09 Suhas Desai Secure Your Vo I P Network With Open Source
I N T E R O P09 Suhas Desai Secure Your Vo I P Network With Open SourceI N T E R O P09 Suhas Desai Secure Your Vo I P Network With Open Source
I N T E R O P09 Suhas Desai Secure Your Vo I P Network With Open SourceSuhas Desai
 
FortressFone Technologies Leave Behind 01282015
FortressFone Technologies Leave Behind 01282015FortressFone Technologies Leave Behind 01282015
FortressFone Technologies Leave Behind 01282015Tom Malatesta
 
Meletis Belsis - Voip security
Meletis Belsis - Voip securityMeletis Belsis - Voip security
Meletis Belsis - Voip securityMeletis Belsis MPhil/MRes/BSc
 
DEF CON 27 - CAMPBELL / MURRAY - gsm we can hear everyone now
DEF CON 27 - CAMPBELL / MURRAY - gsm we can hear everyone nowDEF CON 27 - CAMPBELL / MURRAY - gsm we can hear everyone now
DEF CON 27 - CAMPBELL / MURRAY - gsm we can hear everyone nowFelipe Prado
 
Workshop on Wireless Security
Workshop on Wireless SecurityWorkshop on Wireless Security
Workshop on Wireless Securityamiable_indian
 
HEAnets' Video Conferencing Service
HEAnets' Video Conferencing ServiceHEAnets' Video Conferencing Service
HEAnets' Video Conferencing ServiceVideoguy
 
VoIP Security
VoIP SecurityVoIP Security
VoIP SecurityDayanand Prabhakar
 
Positive Hack Days. Gurzov. VOIP - Reduce Your Expenses, Increase Your Income...
Positive Hack Days. Gurzov. VOIP - Reduce Your Expenses, Increase Your Income...Positive Hack Days. Gurzov. VOIP - Reduce Your Expenses, Increase Your Income...
Positive Hack Days. Gurzov. VOIP - Reduce Your Expenses, Increase Your Income...Positive Hack Days
 
Polycom soundpoint ip301 data sheet
Polycom soundpoint ip301 data sheetPolycom soundpoint ip301 data sheet
Polycom soundpoint ip301 data sheetbest4systems
 
Forti gate 90d
Forti gate 90dForti gate 90d
Forti gate 90dhape01
 
DSS - ITSEC Conference - Cellcrypt - Making secure voice calls - Riga Nov2011
DSS - ITSEC Conference - Cellcrypt - Making secure voice calls - Riga Nov2011DSS - ITSEC Conference - Cellcrypt - Making secure voice calls - Riga Nov2011
DSS - ITSEC Conference - Cellcrypt - Making secure voice calls - Riga Nov2011Andris Soroka
 
Jrsys secure mobile solutions 2014
Jrsys secure mobile solutions 2014 Jrsys secure mobile solutions 2014
Jrsys secure mobile solutions 2014 James Wu
 
VOICE BASED SECURITY SYSTEM
VOICE BASED SECURITY SYSTEMVOICE BASED SECURITY SYSTEM
VOICE BASED SECURITY SYSTEMNikhil Ravi
 

Mais conteúdo relacionado

Mais procurados

Hardware Hacking Chronicles: IoT Hacking for Offence and Defence
Hardware Hacking Chronicles: IoT Hacking for Offence and DefenceHardware Hacking Chronicles: IoT Hacking for Offence and Defence
Hardware Hacking Chronicles: IoT Hacking for Offence and DefenceFatih Ozavci
 
Wavedigitech presentation-2013
Wavedigitech presentation-2013Wavedigitech presentation-2013
Wavedigitech presentation-2013Wave Digitech
 
Difference bw android4.2 to android 4.3
Difference bw android4.2 to android 4.3Difference bw android4.2 to android 4.3
Difference bw android4.2 to android 4.3Wave Digitech
 
*astTECS IP PBX
*astTECS IP PBX*astTECS IP PBX
*astTECS IP PBX*astTECS
 
VoIP Wars: Destroying Jar Jar Lync (Unfiltered version)
VoIP Wars: Destroying Jar Jar Lync (Unfiltered version)VoIP Wars: Destroying Jar Jar Lync (Unfiltered version)
VoIP Wars: Destroying Jar Jar Lync (Unfiltered version)Fatih Ozavci
 
How To Successfully Implement IP Video
How To Successfully Implement IP VideoHow To Successfully Implement IP Video
How To Successfully Implement IP VideoVideoguy
 
Voice Over IP Overview w/Secuirty
Voice Over IP Overview w/SecuirtyVoice Over IP Overview w/Secuirty
Voice Over IP Overview w/SecuirtyChristopher Duffy
 
I tel mobile dialer
I tel mobile dialerI tel mobile dialer
I tel mobile dialersmriti2703
 
I N T E R O P09 Suhas Desai Secure Your Vo I P Network With Open Source
I N T E R O P09 Suhas Desai Secure Your Vo I P Network With Open SourceI N T E R O P09 Suhas Desai Secure Your Vo I P Network With Open Source
I N T E R O P09 Suhas Desai Secure Your Vo I P Network With Open SourceSuhas Desai
 
FortressFone Technologies Leave Behind 01282015
FortressFone Technologies Leave Behind 01282015FortressFone Technologies Leave Behind 01282015
FortressFone Technologies Leave Behind 01282015Tom Malatesta
 
DEF CON 27 - CAMPBELL / MURRAY - gsm we can hear everyone now
DEF CON 27 - CAMPBELL / MURRAY - gsm we can hear everyone nowDEF CON 27 - CAMPBELL / MURRAY - gsm we can hear everyone now
DEF CON 27 - CAMPBELL / MURRAY - gsm we can hear everyone nowFelipe Prado
 
Workshop on Wireless Security
Workshop on Wireless SecurityWorkshop on Wireless Security
Workshop on Wireless Securityamiable_indian
 
HEAnets' Video Conferencing Service
HEAnets' Video Conferencing ServiceHEAnets' Video Conferencing Service
HEAnets' Video Conferencing ServiceVideoguy
 
Positive Hack Days. Gurzov. VOIP - Reduce Your Expenses, Increase Your Income...
Positive Hack Days. Gurzov. VOIP - Reduce Your Expenses, Increase Your Income...Positive Hack Days. Gurzov. VOIP - Reduce Your Expenses, Increase Your Income...
Positive Hack Days. Gurzov. VOIP - Reduce Your Expenses, Increase Your Income...Positive Hack Days
 
Polycom soundpoint ip301 data sheet
Polycom soundpoint ip301 data sheetPolycom soundpoint ip301 data sheet
Polycom soundpoint ip301 data sheetbest4systems
 
Forti gate 90d
Forti gate 90dForti gate 90d
Forti gate 90dhape01
 

Mais procurados (19)

Hardware Hacking Chronicles: IoT Hacking for Offence and Defence
Hardware Hacking Chronicles: IoT Hacking for Offence and DefenceHardware Hacking Chronicles: IoT Hacking for Offence and Defence
Hardware Hacking Chronicles: IoT Hacking for Offence and Defence
 
Wavedigitech presentation-2013
Wavedigitech presentation-2013Wavedigitech presentation-2013
Wavedigitech presentation-2013
 
Difference bw android4.2 to android 4.3
Difference bw android4.2 to android 4.3Difference bw android4.2 to android 4.3
Difference bw android4.2 to android 4.3
 
Introduction to VoIP Security
Introduction to VoIP SecurityIntroduction to VoIP Security
Introduction to VoIP Security
 
*astTECS IP PBX
*astTECS IP PBX*astTECS IP PBX
*astTECS IP PBX
 
VoIP Wars: Destroying Jar Jar Lync (Unfiltered version)
VoIP Wars: Destroying Jar Jar Lync (Unfiltered version)VoIP Wars: Destroying Jar Jar Lync (Unfiltered version)
VoIP Wars: Destroying Jar Jar Lync (Unfiltered version)
 
How To Successfully Implement IP Video
How To Successfully Implement IP VideoHow To Successfully Implement IP Video
How To Successfully Implement IP Video
 
Voice Over IP Overview w/Secuirty
Voice Over IP Overview w/SecuirtyVoice Over IP Overview w/Secuirty
Voice Over IP Overview w/Secuirty
 
I tel mobile dialer
I tel mobile dialerI tel mobile dialer
I tel mobile dialer
 
I N T E R O P09 Suhas Desai Secure Your Vo I P Network With Open Source
I N T E R O P09 Suhas Desai Secure Your Vo I P Network With Open SourceI N T E R O P09 Suhas Desai Secure Your Vo I P Network With Open Source
I N T E R O P09 Suhas Desai Secure Your Vo I P Network With Open Source
 
FortressFone Technologies Leave Behind 01282015
FortressFone Technologies Leave Behind 01282015FortressFone Technologies Leave Behind 01282015
FortressFone Technologies Leave Behind 01282015
 
Meletis Belsis - Voip security
Meletis Belsis - Voip securityMeletis Belsis - Voip security
Meletis Belsis - Voip security
 
DEF CON 27 - CAMPBELL / MURRAY - gsm we can hear everyone now
DEF CON 27 - CAMPBELL / MURRAY - gsm we can hear everyone nowDEF CON 27 - CAMPBELL / MURRAY - gsm we can hear everyone now
DEF CON 27 - CAMPBELL / MURRAY - gsm we can hear everyone now
 
Workshop on Wireless Security
Workshop on Wireless SecurityWorkshop on Wireless Security
Workshop on Wireless Security
 
HEAnets' Video Conferencing Service
HEAnets' Video Conferencing ServiceHEAnets' Video Conferencing Service
HEAnets' Video Conferencing Service
 
VoIP Security
VoIP SecurityVoIP Security
VoIP Security
 
Positive Hack Days. Gurzov. VOIP - Reduce Your Expenses, Increase Your Income...
Positive Hack Days. Gurzov. VOIP - Reduce Your Expenses, Increase Your Income...Positive Hack Days. Gurzov. VOIP - Reduce Your Expenses, Increase Your Income...
Positive Hack Days. Gurzov. VOIP - Reduce Your Expenses, Increase Your Income...
 
Polycom soundpoint ip301 data sheet
Polycom soundpoint ip301 data sheetPolycom soundpoint ip301 data sheet
Polycom soundpoint ip301 data sheet
 
Forti gate 90d
Forti gate 90dForti gate 90d
Forti gate 90d
 

Destaque

DSS - ITSEC Conference - Cellcrypt - Making secure voice calls - Riga Nov2011
DSS - ITSEC Conference - Cellcrypt - Making secure voice calls - Riga Nov2011DSS - ITSEC Conference - Cellcrypt - Making secure voice calls - Riga Nov2011
DSS - ITSEC Conference - Cellcrypt - Making secure voice calls - Riga Nov2011Andris Soroka
 
Jrsys secure mobile solutions 2014
Jrsys secure mobile solutions 2014 Jrsys secure mobile solutions 2014
Jrsys secure mobile solutions 2014 James Wu
 
VOICE BASED SECURITY SYSTEM
VOICE BASED SECURITY SYSTEMVOICE BASED SECURITY SYSTEM
VOICE BASED SECURITY SYSTEMNikhil Ravi
 

Destaque (6)

DSS - ITSEC Conference - Cellcrypt - Making secure voice calls - Riga Nov2011
DSS - ITSEC Conference - Cellcrypt - Making secure voice calls - Riga Nov2011DSS - ITSEC Conference - Cellcrypt - Making secure voice calls - Riga Nov2011
DSS - ITSEC Conference - Cellcrypt - Making secure voice calls - Riga Nov2011
 
Jrsys secure mobile solutions 2014
Jrsys secure mobile solutions 2014 Jrsys secure mobile solutions 2014
Jrsys secure mobile solutions 2014
 
VOICE BASED SECURITY SYSTEM
VOICE BASED SECURITY SYSTEMVOICE BASED SECURITY SYSTEM
VOICE BASED SECURITY SYSTEM
 
RSA algorithm
RSA algorithmRSA algorithm
RSA algorithm
 
Rsa Algorithm
Rsa AlgorithmRsa Algorithm
Rsa Algorithm
 
RSA ALGORITHM
RSA ALGORITHMRSA ALGORITHM
RSA ALGORITHM
 

Semelhante a SlingSecure Mobile Voice Encryption

Improved authentication & key agreement protocol using elliptic curve cryptog...
Improved authentication & key agreement protocol using elliptic curve cryptog...Improved authentication & key agreement protocol using elliptic curve cryptog...
Improved authentication & key agreement protocol using elliptic curve cryptog...CAS
 
Cryptomach_En
Cryptomach_EnCryptomach_En
Cryptomach_Ende77
 
Samsung. Blockchain Keystore SDK and Use Cases
Samsung. Blockchain Keystore SDK and Use CasesSamsung. Blockchain Keystore SDK and Use Cases
Samsung. Blockchain Keystore SDK and Use CasesLennartF
 
Smart Card and Strong Cryptography for instant security
Smart Card and Strong Cryptography for instant securitySmart Card and Strong Cryptography for instant security
Smart Card and Strong Cryptography for instant securityOKsystem
 
CipherWire Networks - SafeNet KeySecure
CipherWire Networks - SafeNet KeySecureCipherWire Networks - SafeNet KeySecure
CipherWire Networks - SafeNet KeySecurecnnetwork
 
Confidential compute with hyperledger fabric .v17
Confidential compute with hyperledger fabric .v17Confidential compute with hyperledger fabric .v17
Confidential compute with hyperledger fabric .v17LennartF
 
Network security-primer-9544
Network security-primer-9544Network security-primer-9544
Network security-primer-9544Hfz Mushtaq
 
Track 5 session 2 - st dev con 2016 - security iot best practices
Track 5 session 2 - st dev con 2016 - security iot best practicesTrack 5 session 2 - st dev con 2016 - security iot best practices
Track 5 session 2 - st dev con 2016 - security iot best practicesST_World
 
Information Security Lesson 6 - Web Security - Eric Vanderburg
Information Security Lesson 6 - Web Security - Eric VanderburgInformation Security Lesson 6 - Web Security - Eric Vanderburg
Information Security Lesson 6 - Web Security - Eric VanderburgEric Vanderburg
 
Ip sec talk
Ip sec talkIp sec talk
Ip sec talkanoean
 
ch22.ppt
ch22.pptch22.ppt
ch22.pptImXaib
 
Come gestire l'encryption dei dati con SKLM
Come gestire l'encryption dei dati con SKLMCome gestire l'encryption dei dati con SKLM
Come gestire l'encryption dei dati con SKLMLuigi Perrone
 
Secure channels main deck
Secure channels main deckSecure channels main deck
Secure channels main deckRichard Blech
 
IBM Spectrum Scale Secure- Secure Data in Motion and Rest
IBM Spectrum Scale Secure- Secure Data in Motion and RestIBM Spectrum Scale Secure- Secure Data in Motion and Rest
IBM Spectrum Scale Secure- Secure Data in Motion and RestSandeep Patil
 
"Mobile security: iOS", Yaroslav Vorontsov, DataArt
"Mobile security: iOS", Yaroslav Vorontsov, DataArt"Mobile security: iOS", Yaroslav Vorontsov, DataArt
"Mobile security: iOS", Yaroslav Vorontsov, DataArtDataArt
 
ssl-tls-ipsec-vpn.pptx
ssl-tls-ipsec-vpn.pptxssl-tls-ipsec-vpn.pptx
ssl-tls-ipsec-vpn.pptxjithu26327
 

Semelhante a SlingSecure Mobile Voice Encryption (20)

System 6000
System 6000System 6000
System 6000
 
SlingSecure USB Eng
SlingSecure USB EngSlingSecure USB Eng
SlingSecure USB Eng
 
Improved authentication & key agreement protocol using elliptic curve cryptog...
Improved authentication & key agreement protocol using elliptic curve cryptog...Improved authentication & key agreement protocol using elliptic curve cryptog...
Improved authentication & key agreement protocol using elliptic curve cryptog...
 
Cryptomach_En
Cryptomach_EnCryptomach_En
Cryptomach_En
 
Samsung. Blockchain Keystore SDK and Use Cases
Samsung. Blockchain Keystore SDK and Use CasesSamsung. Blockchain Keystore SDK and Use Cases
Samsung. Blockchain Keystore SDK and Use Cases
 
Ip sec
Ip secIp sec
Ip sec
 
Encryption
EncryptionEncryption
Encryption
 
Smart Card and Strong Cryptography for instant security
Smart Card and Strong Cryptography for instant securitySmart Card and Strong Cryptography for instant security
Smart Card and Strong Cryptography for instant security
 
CipherWire Networks - SafeNet KeySecure
CipherWire Networks - SafeNet KeySecureCipherWire Networks - SafeNet KeySecure
CipherWire Networks - SafeNet KeySecure
 
Confidential compute with hyperledger fabric .v17
Confidential compute with hyperledger fabric .v17Confidential compute with hyperledger fabric .v17
Confidential compute with hyperledger fabric .v17
 
Network security-primer-9544
Network security-primer-9544Network security-primer-9544
Network security-primer-9544
 
Track 5 session 2 - st dev con 2016 - security iot best practices
Track 5 session 2 - st dev con 2016 - security iot best practicesTrack 5 session 2 - st dev con 2016 - security iot best practices
Track 5 session 2 - st dev con 2016 - security iot best practices
 
Information Security Lesson 6 - Web Security - Eric Vanderburg
Information Security Lesson 6 - Web Security - Eric VanderburgInformation Security Lesson 6 - Web Security - Eric Vanderburg
Information Security Lesson 6 - Web Security - Eric Vanderburg
 
Ip sec talk
Ip sec talkIp sec talk
Ip sec talk
 
ch22.ppt
ch22.pptch22.ppt
ch22.ppt
 
Come gestire l'encryption dei dati con SKLM
Come gestire l'encryption dei dati con SKLMCome gestire l'encryption dei dati con SKLM
Come gestire l'encryption dei dati con SKLM
 
Secure channels main deck
Secure channels main deckSecure channels main deck
Secure channels main deck
 
IBM Spectrum Scale Secure- Secure Data in Motion and Rest
IBM Spectrum Scale Secure- Secure Data in Motion and RestIBM Spectrum Scale Secure- Secure Data in Motion and Rest
IBM Spectrum Scale Secure- Secure Data in Motion and Rest
 
"Mobile security: iOS", Yaroslav Vorontsov, DataArt
"Mobile security: iOS", Yaroslav Vorontsov, DataArt"Mobile security: iOS", Yaroslav Vorontsov, DataArt
"Mobile security: iOS", Yaroslav Vorontsov, DataArt
 
ssl-tls-ipsec-vpn.pptx
ssl-tls-ipsec-vpn.pptxssl-tls-ipsec-vpn.pptx
ssl-tls-ipsec-vpn.pptx
 

Último

SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESSALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESmohitsingh558521
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxLoriGlavin3
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity PlanDatabarracks
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxNavinnSomaal
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionDilum Bandara
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfLoriGlavin3
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxLoriGlavin3
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 

Último (20)

SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESSALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity Plan
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An Introduction
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdf
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 

SlingSecure Mobile Voice Encryption

  • 2. Problem solving approach for secure network convergence Problem ✓ Operators do not give direct IP connection between devices on different networks ✓ Main limitations are •  Private IP address •  “Rolling” IP address for mobile •  NAT •  Firewalling, etc. ✓ User identity and activity log cannot be hidden (e.g. for VIP closed User Group) ✓ Standard SIP protocol not designed for mobile networks ✓ Need to interconnect system/devices with different or legacy transport protocols (e.g. proprietary systems)     VoIP   Server   VoIP   Server   VoIP   Server   Mobile   Terminal  1   Mobile  Terminal  2  
  • 3. Problem solving approach for secure network convergence Solu%on     ✓ Interconnection for secure voice & data communication between •  IP devices •  3G - 4G & LTE mobile •  PSTN •  2G mobile XServ   Module   XServ   Module   ✓ Pass-Through End-to-end Communication ✓ SlingSecure Network allows •  Independent communication and signaling management •  Closed user group in mixed mobile and fixed environment •  Encrypted call signaling •  Protocol conversion and adaptation when required   XServ   Module   PSTN    to  IP   User  DB   PSTN  Device   Authen:ca:on  and     Key  Management   End-To-End Full Duplex Secure Signaling IP  Device  
  • 4. X Serv Interconnection for secure voice & data communication between IP devices XServ   Module   XServ   Module   SlingSecure XServ   Module   SlingSecure Network allows protocol conversion and adaptation when required (e.g. PSTN to IP) PSTN    to  IP   User  DB   Terminals   Devices connected to X Serv • Mobile 2G/3G/4G/LTE/WiFi • PSTN devices PSTN  Device   Authen:ca:on  and     Key  Management   IP  Device  
  • 5. Cross  Network  Communica%on  Server     ✓ End-to-end Secure Communication ✓ Encrypted call signaling ✓ HW authentication ✓ Key Management ✓ Pass trough data channels ✓ Mobile IP Follower ✓ Mobile Carrier NAT/Firewall bypass (No STUN server required) ✓ Cluster based, scalable architecture SlingSecure Network XServ   Module   XServ   Module   XServ   Module   User  DB   User  A   Authen:ca:on  and     Key  Management   XServ   End-To-End Full Duplex Secure Channels User  B  
  • 6. XServ  Management   •  WEB Based (HTTPS) Interface •  Local Access –  Strong Authentication based on •  USB Secure Token •  Smart Card •  Remote   –  Strong Authentication based on •  PKI •  Symmetrical Keys (OTP) XServ   USEpro Device
  • 7. XServ  Mul%ple  Organiza%ons   Authen:ca:on  and     Key  Management  (A)   Authen:ca:on  and     Key  Management  (B)   XServ  (A)   XServ  (B)   User  DB  (A)   USR  1   USR  2   Account  (A)   USR  3   USR  4   User  DB  (B)   USR  2   Inter-­‐Force   Key   USR  3   Inter-­‐Force   Key   USR  N   USR  1   USR  4   USR  N   Account  (B)   Organiza:on  (A)   Organiza:on  (B)  
  • 8. Communica%on  Gateway   Multiple communication interfaces embedded into a flexible platform designed to deliver interconnection and security SlingSecure Gateway ✓  Physical conversion between heterogeneous channels (e.g. PSTN to IP) ✓  Logical adaptation between different protocols ✓  Multi-core, real time signal processing ✓  Hardware Encryption SlingSecure  Gateway   on demand UMTS   EDGE   GSM   Phone,  Line     &  Modems   USB  Host   USB  Device   Ethernet   SD  Storage   Fully Customizable
  • 9. Devices  connected  to  XServ   SlingSecure Network allows both mobile and fixed devices to be interconnected and perform secure voice and data communications ✓  ✓  ✓  ✓  •  •  •  Mobile 3G/4G/LTE Mobile 2G WiFi ready terminals PSTN Devices Telephone Fax Modems 2.75G/3G WiFi 2G/3G/WiFi 2G Telephone Fax
  • 10. SlingSecure  Secure  Phone  Stack   Available platforms ✓ Full Custom ✓ Semi Custom ✓ COTS (e.g. Motorola, Nokia, HTC HW)     Applications & Libraries for Secure Mobile Communication Authentication and Encryption Applica:on  Layer   Clear  Dialer   Crypto  Dialer   Call  List   Crypto  Call  List   Contacts   Crypto  Contacts   SMS   Crypto  SMS   Libraries   Crypto  Protocols     Graphic  Libs   Crypto  Engine  (xSE   (QT,  ...)   based)     OS  Independent  Wrapper   (Audio,  keypad,  PM,  Modem,  etc.  )     Telephony  API   microSE mSE   Hardware Secure Phone Stack (SPS) Software Fully Customizable
  • 11. m  S  E  Ambiente  Micro  Seguro   All the xSE features in a MicroSD ASIC   ✓ HW crypto engine ✓ Standard and custom algorithms ✓ SD card interface (up to 450Mb/s) ✓ Integrated memory (up to 4 GB) ✓ Internal keys database ✓ Suitable for Mobile Applications SPI  o   BUS   NAND   Flash   mSE  
  • 12. SlingSecure  Mobile  PlaDorms   SlingSecure range consists in 4 kinds of mobile platforms according to the required security level Hardware Security Software secure application on COTS terminals with microSD (eg. Nokia, Windows Mobile, etc.) Software secure application on COTS terminals (eg. Nokia, Windows Mobile, Android, etc.) C microSD on COTS Terminals COTS terminals A Software Secure Application Software secure phone stack on COTS terminals with microSD (eg. Android) D B Software Secure Phone Stack Software secure phone stack (OS and applications) on COTS terminals (eg. Motorola) Software Security
  • 13. Secure  Voice  Call  Flow   Authen%ca%on   To launch the application and access to the secure dialer user must insert authentication password Secure  Dialer  Access   Nego%a%on   Symmetrical communication key is negotiated between the caller and the called user when secure voice call is set up or an incoming secure call is answered Before starting the secure voice call the following elements are also negotiated by the devices • Encryption/Decryption algorithm (multiple algorithm selection available) • Vocoder type, mode and rate • Secondary keys (e.g. used for sms) Incoming/Outcoming   Secure  Voice  Call   Nego%a%on   Voice   Secure voice call starts after negotiation phase successful completion Secure  Voice  Call  
  • 14. Authen%ca%on   User Authentication •  User is asked to insert a password whenever the Secure Voice Application is launched •  Password can be asked only once or several times according to the user preferences •  Password can be changed at any time by the user •  Password is used to access the application and the key repository User  Password   Sha   256   Hashed  Password   Comparator   Keys are encrypted by means of a key derived by the User Password OK   Start  Secure  Dialer   Stored on the mobile phone Key Repository
  • 15. Key  Repository   Two key secure repositories are stored on the mobile terminal (or on microSD) •  Manual Keys repository •  KMS - Key Management Server - Keys repository Key secure repositories contain symmetrical pre-shared keys to be used standalone or combined with other secrets to encrypt/decrypt communications (voice calls, sms, messaging, etc.). • Manual Keys •  Can be added, deleted or modified directly by the User using the Secure Voice Application menu •  Can be enabled according to the user preferences and/or KMS (Key Management Server) policies, if applicable • KMS - Key Management Server - Keys •  Can be generated only by the KMS •  Can be added remotely (e.g. via sms) by the KMS •  Cannot be cancelled or modified by the user
  • 16. Keys  Security   Main fields •  KeyID (clear) •  Key Value (encrypted) Secondary fields •  expiration date (encrypted) •  usage (encrypted) •  label (clear) • RND key is generated at keys Repository creation time Keys  are  encrypted  by     means  of  a  key  derived     by  the  User  Password   • RND key is encrypted and stored on the mobile phone • Encrypted RND key is used in combination with the User Password to extract a key value from the encrypted keys Repository • When the cryptographic microSD card is present Keys are sent encrypted in the microSD card • Encrypted RND key is stored in the microSD • Keys are decrypted and used inside the microSD All  the  opera:on  in   the  green  area   are  performed  in   the  microSD,     if  present   Key  ID  (4  bytes)   Encrypted  Key  Value  (16  Bytes)   IN   In   Encrypted  RND  Key   AES   256   Out   SHA   256   AES   256   OUT   Key   User  Password   Key   microSD   Clear  Key  Value  (16  Bytes)  
  • 17. Voice  Call  Key  nego%a%on   Symmetric keys used to encrypt/decrypt communications can be created in three different ways 1) Pre-Shared keys • two lists of pre-shared keys are available: •  manual •  KMS generated • One of the pre-shared keys the caller and the called user have in common, is selected at negotiation time to encrypt/decrypt the voice call 2) DH Diffie Hellman - Standard or Elliptic Curves based • A symmetrical session key is negotiated at call time • Standard DH version based on 4096 bit keys • Elliptic Curves DH version is based on 571 bit keys, Koblitz GF(2m) configuration • The final Session key is the hash of DH result 3) A combination of the first two modes • The final Session key is a combination of the two previous keys: SHA256(DH | SK) Note:    A  Family  Key  can  be  added  to  all  the  previous  mechanisms  in  order  to  create  (sub)groups  
  • 18. Man  in  the  middle   To detect a potential man-in-the-middle attack two numerical authentication codes are generated from the SHA256 of the negotiated encryption key Codes appear on the device screen during the call At the start of the communication users should check such codes each other by voice MATCHing codes = NO INTRUDER interfering with the call codes DO NOT MATCH = man in the middle ATTACK IN ACTION
  • 19. Secure  Voice  Call  Path   SECURE CHANNEL Symmetric Communication Key ANT MIC ANT MIC ADC Voc Enc Mod Mod Enc Voc ADC DAC Voc Dec Dem Dem Dec Voc DAC SPK SPK CLEAR CLEAR CRYPTO Application Domain CRYPTO CRYPTO CRYPTO Baseband Domain CRYPTO CRYPTO CLEAR CLEAR Application Domain
  • 20. Applica%on  Voice  Processing   •  Access to microphone and speaker using the OS APIs •  Get 8KHz/16bit (128Kbit/s) Audio Samples from Mic •  Put 8KHz/16bit (128Kbit/s) Audio Samples to Speakers •  Compression of Audio Samples to a GSM/UMTS suitable rate using standard or custom Vocoders •  Encoding of microphone audio samples (from 128Kbit/s to ~5Kbit/s) •  Decoding of speaker audio samples (from ~5Kbit/s to 128Kbit/s) •  The vocoder can be exposed by the operating system or written in native language •  Voice Encryption/Decryption •  Encryption of encoded microphone audio samples •  Decryption of encoded speaker audio samples •  Cryptographic operations are performed by a dedicated HW or SW module
  • 21. Voice  Processing  Components   Get Audio Samples Audio Samples Encoding Encoded Audio Samples Encryption Send Data Audio Libraries Standard or Custom Vocoders Crypto Library Telephony API Audio Drivers MicroSD/Mass Storage Drivers Baseband COM Audio Codec and Microphone Cryptographic MicroSD Baseband Processor Application Libraries Drivers Hardware Only for HW Crypto Engine (e.g. microSD) SlingSecure provided Operating System (e.g. by phone manufacturer) * This diagram describes only the voice path from the microphone to the radio transmission
  • 22. SlingSecure Network FAX G3 IP XServ IP 3G Mobile i Pip WiF SlingSecure Gateway e Telephone IP IP Network WiFi Mobile IP SlingSecure Gateway
  • 23. Secure  Network  Convergence  -­‐  Case  1   Secure Voice over IP (2.5G, 2.75G, 3G, 3.5G, 4G, LTE, WiFi) •  Encrypted Signaling managed by XServ Pipecom Server •  Encrypted End-To-End voice packets managed by the IP Terminals (HW encryption) VoIP   Device  1   X  Serv   Encrypted   Signaling   Encrypted  voice  packets     over  End-­‐To-­‐End   pass  through  Channel   Encrypted   Signaling   VoIP   Device  2  
  • 24. BlackBerry communication services •  Secure Voice over IP •  Secure eMail •  Secure Messenger Complete scalable system allowing integrators and operators to deliver secure voice, messaging and email services over the BlackBerry platform using End-To-End HW based encryption. Encrypted   Signaling   HW  token  to  guarantee  high  speed   and  strong  security     (2048  bit  key  length  or  higher)   Proprietary  service  server   Independent  Secure  Client   architecture   Security   X  Serv   Encrypted   Signaling   End-­‐To-­‐End   HW  Encryp:on   Available  4Q  2010  
  • 25. Land-­‐Line  to  Mobile   Telephone System Elements: •  Analog Telephone •  SlingSecure Gateway to convert PSTN to IP •  2.5G/3G/4G/LTE Mobile Phone (including mSE) Secure Voice Call between standard PSTN telephones and Mobile phones SlingSecure Gateway Encrypted Signaling XServ   Encrypted Signaling Hardware Encryption performed by • SlingSecure Gateway on PSTN side • mSE on Mobile Phone side • Custom encryption algorithm (optional) End-To-End HW Encryption Mobile
  • 26. Secure  Fax  over  IP   System Elements: •  Standard G3 FAX •  SlingSecure Gateway to convert PSTN to IP Secure Data Call between standard PSTN FAX Hardware Encryption performed by the SlingSecure Gateway Standard G3 FAX SlingSecure Gateway Encrypted Signaling •  Custom Encryption Algorithm Two FAX mode settings: •  Direct Line •  Store and Forward XServ   Encrypted Signaling End-To-End HW Encryption Standard G3 FAX SlingSecure Gateway
  • 27. Satellite  Worldwide  Connec%on   Satellite   Internet   k   Sat  Lin VoIP  Server   IP  over  Sat   Car  System   Ground     Station   WiFi   WiFi   Portable  System   Marine  System  
  • 28. CSD  Proxy   ZONE 2 ZONE 1 CSD to IP Conversion VoIP Server GSM Area - CSD (No UMTS, No IP) IP Network IP   GSM  -­‐  CSD   Secure  Gateway   CSD  Proxy  
  • 29. Secure  Conference  Call   SlingSecure Network IP IP XServ 3G Pipe WiFi Mobile 3G Mobile Telephone IP IP Secure Media Conference IP Network Temporary Keys Unique Conference Number SlingSecure Gateway
  • 30. Customiza%ons  (I)   Customization level & criteria are selected according to the mobile platform Customization should be performed by the customer independently and without any knowledge or interference from SlingSecure Mobile terminals without cryptographic microSD • As the cryptographic library is an external module written in C/C++, customer can modify or add methods starting from a functional template provided by SlingSecure • Customer can compile and overload the cryptographic library independently • A simulation environment is provided together with required HW and SW tools Cross Compiled Overloading   Ansi C Function C++ Wrapper Simula:on   Custom Compila:on   Testing Loop ANSI C functions Customize AES Custom DH EC KEY Mng RNG
  • 31. Customiza%ons  (II)   Customization options for or microSD based mobile platforms 1) Smart Card based microSD (standard solution) • Custom combination of standard algorithms can be implemented • Cryptographic functions are exported as java card libraries • SlingSecure can provide the basic applet and support to add/overload internal custom functions on “open” smart card based microSD provided by the Customer 2) Custom microSD (available on request) • Micro controller based microSD card for deeper algorithm customizations - SlingSecure provided • Same approach as for software library with ANSI C code executed inside the microSD 3) Software Library • Custom algorithms are implemented as software library • Basic cryptographic operations are kept inside smart card based or micro controller based microSD
  • 32. File  Server  Authen%ca%on   ✓  ✓  ✓  User Authentication to access Dmz File Server Radius-Tacacs + Ldap verifies user account and policies by the domain controller The domain server grants the authentication for the workstations to access Dmz File Server
  • 33. Keys  and  Cer%ficates  (I)   ✓ User groups in different VLAN are managed by dedicated switches ✓ Traffic policies managed by the security gateway ✓ Access managed by means of •  Secure Token (EAL5+ smartcard based) or •  Symmetric Key based OTP device or •  Certificates Cer:ficates   USEpro Device    
  • 35. Remote  Management  over  VPN   ✓  VPN managed by Clavister products •  SG 3000 •  SG 4000 ✓  QoS and Bandwidth Management
  • 37. SlingSecure products are backed up by the support of the engineering and design team for ü  Cost effectiveness ü  Smooth system integration ü  Timely solution delivery The high level service & support for all SlingSecure View products allows the Customer to reach the desired result with the best cost to performance ratio