UK start-up secures mobile voice calls
A UK start-up has developed a technique for protecting mobile voice calls
“Little has been done to secure voice data,” said Simon Bransfield-Garth, CEO of CellCrypt. “It’s the last form of unsecured data.”
Bransfield-Garth claims the technology is secure enough to be used in ‘Blackberry One’, the special smartphone that is said to be being developed for US president Barack Obama. It would just take too long to get the necessary certifications.
“There’s no reason why the technology we’ve developed couldn’t go through the process to get certification at that level, but it takes two to three years,” he said.
Instead the company is focusing on general government users and the senior levels of corporations.
“The initial market for this is in government but we’re seeing a strong growth in the corporate market as well. The CEO of Exxon has a secure voice phone, and we think our solution would also be appropriate for use in the oil business, drug discovery, legal, finance and transportation sector as well – anywhere there’s a potential threat of eavesdropping.”
Bransfield-Garth says that voice encryption for mobiles used to be done by digitising speech, encrypting it and then sending it as series of audio tones over circuit-switched data connections, which haven’t been implemented everywhere. Cellcrypt’s approach is to encrypt the digitised voice and send it as IP data over 3G and WiFi connections, reducing the latency involved and using a more widely implemented channel to carry the data on than before.
“This gives you two big benefits over existing solutions,” he said. “You don’t have long latencies – over a WiFi network it will be about 250ms and over 3G about 375ms – and it doesn’t care which country it is working in.”
Bransfield-Garth says his company’s technology relies on a combination of expertise in efficient encryption algorithms, to save the handset’s battery power, and network architectures, to manage the latency involved in sending encrypted speech over wireless networks. It uses standard cryptography algorithms to encrypt and authenticate the voice data, exchange keys and assure data integrity. Cellcrypt runs secure servers that help authenticate connections and establish secure routing, but which don’t take any part in the trust relationship that is created for each secure call.