Enigma GSM crypto-phone: FAQ

What will happen if I press the encrypt button?
After entering the phone number and hitting the encrypt key, the mobile phone will switch to the data channel and link to the person called. A check will be done on whether the counterpart has that same encryption system. If that is the case, the counterpart will transmit their public key, and the symmetrical key that is only valid for this particular call is generated within the cell phone and sent to the person called, where it will be decrypted using the called person's secret key. This secret key is saved on that person's net key card, invisible to all other users.
From that point onward, both cell phones will encrypt all sounds recorded with the symmetrical key and send the encrypted data stream to the other participant. The symmetrical key is only available for this one call. At the end of the call, the symmetrical key will be discarded and never used again. This renders the call secure in both directions.
The key transmission takes the system a short time, so a waiting period of a few seconds will be generated until the call is built up.
On ending the call, the encryption automatically ends.

Will the quality of an encrypted call deteriorate?
The additional compression method used in encrypting is more modern than that used in the GSM net, so sound quality will be better than in most "normal" mobile phones. In the case of unfavourable reception conditions, specially in more rural areas, receiving problems and occasional "breaks" may occur, exactly the same as with all other mobile phone calls.
In the case of a fast car ride, a safe link may break off more often than when stationery because the data channel requires a higher stability in the connection.

Can I make encrypted calls to my office and co-workers?
Yes. Apart from the mobile phone, we offer an office box (T-TeleSec LineCrypt I-+ for Euro-ISDN-connections), which is simply placed between the phone bus and the telephone, fax or modem. This function is the same as with the mobile. Such connections are all secure and based on the same cryptology.
Using a standard phone system, a call can be deciphered in the box and then linked via standard phone network to a co-worker within your phone system providing the LineCrypt device is linked into the telephone system. The box will then encrypt the original signal in the same way, so that the GSM link is secure.
For obvious reasons, we would advise you not to link a decrypted call to a normal mobile phone of a co-worker. Special care must be taken internally to ensure that no co-worker has activated an automatic re-route of his standard phone to his mobile phone, which would cause an unwanted security leak.

Questions on mobile communication network safety:
What about safety in mobile networks, specially in the GSM nets?
In Germany (and other countries), mobile phone calls are transmitted in encrypted form. That encryption is done by the "stream encryption method A5", which was developed in secret, but can nowadays be decrypted real time with a standard fast PC (Biryukow, Schamir, Wagner method). Thus, all calls sent and received by a mobile phone can be intercepted.
Eavesdropping becomes even easier using a so-called IMSI catcher. ("IMSI see below): Every activated mobile phone in receiving range will automatically log into the nearest (strongest) base station of the mobile network. The IMSI catcher simulates a base station to the participants close to it: It intercepts all calls and re-routes them (unnoticed by the participant) toward the "real" base station. At the same time, it will send the calls identified by the target's identification (IMEI) to the listening post via a separate connection.
Additionally, a simple order contained in the GSM standard suppresses encryption, making it possible to listen in on the call real time. The firm Rohde & Schwarz have already produced such a device under the name of "GA 901". On the grey market, handy devices of this kind are also offered by other retailers for mobile use at a price of several thousand Euros.
Using such a device can disturb the connection quality, as the frequencies used by the IMSI catcher are not in sync with the frequencies of the respective network. Thus, such devices have no operative permission by the Bundesamt für Post und Telekommunikation (BAPT, Federal Office for Post and Telecommunication). However, as this device can be classified as a measuring device in the broadest sense of the word, production and export are legal and, thus, the devices can be acquired by anyone.

What is an "IMSI"?
Each participant has a recognition number of up to 15 digits, IMSI (International Mobile Subscriber Identity), which is unique. It consists of a country code part, a network code and a subscriber code, and is assigned to the SIM card by the network .
Through an order from the base station, the mobile phone will send the IMSI instead of a TMSI (Temporal Mobile Subscriber Identity) in order to gain information on its number and identity. The mobile phone (or, more exactly, the user's SIM card) would be identifiable at any time.
In analogy, each mobile phone has a device code, IMEI (International Mobile Equipment Identity), also unique.

How does booking into the base station or the IMSI catcher work?
With the GSM method, developed areas are always provided by several so-called base stations to assure complete coverage of the area. A mid-size town will have 10 to 20 base stations, depending on the network operator, each of them utilizing a different frequency. The mobile phone will seek the station that is best accessible when turned on, then keep checking at regular intervals during the call.
In order to stabilize the connection even more, the base station will now transmit a frequency table with alternative frequencies of neighbouring base stations to the mobile phone. The phone steadily checks on those frequencies, so that it can switch quickly when needed, e.g. in case of a change in location or an interference in the working frequency. If one does not change locations during a call, the entire call will be accomplished on this one frequency.

How does the IMSI catcher log into a conversation?
For the purpose of listening in on mobile phone conversations, a portable transponder is taken near the mobile phone to be bugged, and a strong signal is generated whose frequency corresponds to one of the alternative frequencies mentioned above. The phone will recognize this "better" carrier and report it to the network. A channel change to this new frequency will immediately be carried out, rerouting the conversation to the transponder. The mobile to be listened in on will be recognized by its identification, and encryption is turned off utilizing a command contained in the GSM standard. Afterwards, all conversations taken with this mobile phone can be listened in on and recorded directly in place and/or via another connection.
At the same time, the IMSI catcher will reroute the connection to the base station via the old frequency. Neither the customer nor the network would be aware of this manipulation. The only possibility to recognize but not prevent this manipulation, would be by using a special "monitor mobile", which shows operation data (like working channel, time slot, timing advance etc.).
If the mobile is moved (car phone), the transponder must remain near the mobile to be listened in on. Such devices are, therefore, usually installed in cars that can follow the monitoring target inconspicuously.

Encryption keywords
What is cryptology?
Cryptology is the science of hiding and regaining secret messages, of the methods and means used to that purpose, the means of breaking secrets and the examination of the security methods used.

What is cryptography?
Cryptography is the practical application of encrypting and decrypting messages.

What is cryptoanalysis?
Cryptoanalysis is the art of getting at the content of secret data without knowledge of the keys and encryption methods. This process is called codebreaking or compromising by cryptologists. If an attack on a secret code does not hold up to analysis, the cryptogram is compromised or, more familiarly, it has been cracked.

What is a crypto-algorithm?
In order to hide a secret message, it takes a method (the simplest case would be a sealed letter) or a means (e.g. invisible ink). These historical procedures have today been replaced by mathematics. Mathematical functions that make secret messages unrecognizable or serve to regain the messages are called cryptographic algorithms.
Usually, two related functions are used, one to encrypt and one to decrypt. Modern cryptographic procedures lay their algorithms bare. Their safety is based solely on using keys. Without knowledge of the keys, no third party can read the message. Varying by algorithm, encryption and decryption can use the same key, or the keys could be different.

What is a cryptosystem?
An algorithm including clear texts, cyphered texts and keys is called a cryptosystem. An essential element in judging encryption safety is the complete publishing of the crypto-algorithm, since this is the only way for the informed to analyze the cryptosystem for "backdoors", which would make unpermitted decrypting possible or for "weak spots" that would render it corruptible.
In some countries (e.g. the USA), the only encryption procedures permitted are those that leave such "backdoors" open to the secret service. This is the reason why the Enigma mobile will not receive permission for use in the USA and several other countries.

What is steganographics?
In order to hide messages there are other procedures. Steganographics relies not on hiding secret messages, but on hiding the very existence of a message. Imagination knows no bounds here. Steganographics is a millenia-old art and has certainly used every thing imaginable at least once.

What encryption procedures exist?
There are numerous different procedures and methods.
Basically, there is a difference between symmetrical and asymmetrical procedures:

The symmetrical proceduren
In the case of the symmetrical procedure, sender and receiver use the same (secret) key.
Advantage: Fast proceedings, no key management necessary.
Disadvantage: Anyone possessing the key can decrypt.
A revealing or unnoticed loss of the key renders the encryption worthless. Also, safe transmission of the key to the communication partner causes problems, or even the danger of non-secrecy.
There are mobile and stationary phones on the market that contain a standardized secret key built into the devices. Each device can achieve encrypted communication with the other parties without problems. However, since all these devices use the same key, there is a danger of the encrypted message being intercepted and listened in on using an identical device.
The asymmetrical procedure
In the case of the asymmetrical procedure, there are pairs of exactly two keys for each registered participant. One is the so-called private key of its proprietor, which is to be kept secret at all times, only to be used by him or her and must not be passed on to any other person.
The second key is the so-called public key of its proprietor, which is available to all communication partners as if in a directory.
Encryption is done using the addressee's public key; decryption of the message sent is then only possible utilizing the addressee's private key. Even with knowledge of the public key, the private key cannot be calculated. This ascertains that only the receiver- and nobody else- can decrypt the message. As an encrypted message is illegible, and, therefore, cannot be manipulated, the receiver can be certain that the original message arrived. The uniqueness of the key pairs also leads to an easy yet unambiguous recognition of the communication partners.
Advantage: Extremely safe procedure, broad application, no direct key transmission between participants necessary when registered in the trust centre, additional safety due to unambiguous identification of the communication partner.
Disadvantage: Higher expense due to managing the public keys, lower decryption speed.

The combination of symmetrical and asymmetrical (also known as hybrid procedure)
The best of both worlds is achieved if both procedures are combined: A symmetrical one-time key is generated, valid only for the current communication, and safely transmitted to the partner using the asymmetrical procedure. Encryption of the data exchange is then done utilizing the symmetrical key known only to those two parties.
This approach guarantees the high speed necessary for real-time encryption and avoids the disadvantages of the symmetrical procedure while keeping the asymmetrical procedure's advantage.

What is a "key"?
Cryptologically speaking, a key is a randomly generated character chain that can be transmitted electronically. The longer the character chain is, the safer the key will be.
As in the real world, a key grants or denies access to a space (message space). Daily life teaches us how safe the combination of key and lock is. There are "actually" no safe key/lock-combinations in the real world. The only safe procedure wouldbe like a padlock and key only used once, then exchanged for a new pair and the old pair is discarded.

Who should be interested in encryption?
Usually, both sender and receiver are interested in the message being transmitted truthfully, confidentially and authentically.
Thus, there have always been procedures for the encryption of written messages. Software for this purpose is available and utilized as required.
A more difficult task is protection from unwanted evesdropping of phone calls and interception of faxes, since such interceptions are technically easy nowadays and, unfortunately, increasingly carried out.
Public authorities (governments, military, secret services...) have a special interest in confidential phone calls and faxes, as well as economic enterprises that could be heavily damaged if confidential conversations are intercepted. Above all, listening in on telephonically arranged financial transactions and bugging coordination calls for negotiations have a high damage potential for the person being listened in on. (Compare cryptocontroversy) (Cryptocontroversy)

What is the purpose of a trust centre?
Just like in real life, partners that make a deal (e.g. a home acquisition) will want to be able to legally prove this. In order to ascertain proof of this, a trustworthy third party is needed, e.g. a notary.
The notary checks the party's identity, documents the legal act and protects that act from falsification, and keeps it safe. In the world of electronic communication, the notary's equivalent is the trust centre.
One significant advantage of asymmetrical over symmetrical procedures is that no direct key transmission between participants is necessary. However, steps need to be taken to ascertain the identity of the key owner.
That link can easily be established via a personal check and this is accomplished far more effectively by certification from the authorities that grant access to a participant's public key, like in a directory, after a secure identity check.
Further tasks of that authority can directly be derived from this. It administers the keys for closed user groups and a list of all valid public keys, as well as the invalid ones that have been phased out, e.g. after theft or loss of a mobile phone (black and white list handling).

What is the cryptocontroversy?
Each citizen has a right of self-determination in respect to his messages and their confidentiality. Thanks to modern electronics, however, it is becoming ever easier to intercept electronically sent documents, faxes and calls. In the case of written transmission, the necessary confidentiality can easily be accomplished using encryption software. With somewhat higher expense, language phone calls and fax traffic can be made secure using encryption devices.
On the other hand, this enables criminals, especially in organized crime, to utilize such procedures. That, in turn, hinders the security authorities in their task to fight crime. The justified interest of citizens and economy in confidential communication is opposed by the necessity to protect the citizens from crime and subversive action.
There are, therefore, countries that outlaw encryption completely, or that permit it only if a "backdoor" is built in for the appropriate authorities. In other countries, all keys have to be deposed with national authorities and can be used in prosecution.
Obviously, law breakers can easily bypass such restrictions, therefore, the German Federal Government has explicitely foregone any such restrictions.

In what ways could a government put limitations on encryption methods?
There are three possibilities:
· Utilizing encryption procedures is generally outlawed or subject to a licence requirement.
· The only algorithms and procedures for encryption permitted are those that have a weak spot known to security authorities ("backdoor").
· Encryption is permitted if the keys used or parts of those keys are deposed with authorities that grant access to the security authorities in case of a prosecution.
The Federal Republic of Germany has explicitely foregone any such restrictions.
What do data protectors say on using encryption methods?
The data protection registrars of Germany and its Länder have strongly opposed forbidding users from encrypting their message content in a resolution.
The possibility for any citizen to encrypt their communication with appropriate measures from unwanted access is a traditional constitutional right.
Regulating encryption seems hardly possible from a technical standpoint, as national measures of the kind would be easily bypassable and very hard to control, especially in international data traffic.

i