SIMcrypto
An application embedded on the phones SIM card, SIMcrypto enables a single phone and more importantly a single SIM to have multiple unique International Mobile Subscriber Identities (IMSI), up to four phone numbers and combines the features of a standard GSM SIM card with certain functionality traditionally found on a Common Access Card (CAC card). Additionally, SIMcrypto leverages a patent pending process for authenticating devices and connecting secure calls.
SIM crypto may be deployed with or without SiRRAN’s MobileCrypto software. However for complete security we recommend utilizing these solutions together to enhance security.
Here is how the solution works:
ENTER PIN:
When you turn on the MobileCrypto cellular device with SIMcrypto the user is required to enter a four-digit security PIN code to unlock the phone.
This enables the phone to work as an unsecure device only.
Note: Only the un-secure IMSI is being pasted to the PSTN network at this time, unless the device has access to a fixed or deployed GSMnet infrastructure.
ENTER PASSPHRASE:
To open the secure capabilities of the phone and to gain access to secure, SMS and contacts the user is required to enter a 10 to 16 digit passphrase. This phrase must have upper-and lowercase letters as well as numbers and specialty characters.
Once a Passphrase has been entered successfully the user will have access to the secure data and have the ability to initiate a secure call. The secure capability will lock after 3 minutes and will require the user to reenter the passphrase for secure access.
ENTER DESIRED SECURE PHONE NUMBER/CONTACT:
Secure calls leverage 9600 bit/s Circuit Switched Data (CSD). To place a call, choose “Contacts” in the MobileCrypto phone, select a contact and initiate call or enter a secure phone number.
Note: The Telco provider must support CSD calls. GSMnet units have an optional software based v.150 modem to enable CSD calls.
SIMcrypto CALL ROUTING:
Secure Numbers have a unique IMSI that is managed by SiRRAN’s core infrastructure. This IMSI is always reported to all other Telecom Roaming Partners as being located within the GSMnet core. This forces calls from SiRRAN’s roaming partners to be directed to SiRRAN’s Core. Once the call reaches the Core a 4096 bit key is passed from the “caller” handset to the Core, authenticating the users and device.
A return key (4096-bit) is sent from the Core to the “caller” handset. Once authenticated the SIMcrypto application, as a background task, “calls-back” the phone. Switching the call origination from the device to the core.
The Core then initiates the link to the “receiving” handset by passing a 4096-bit encrypted key for authentication. The handset receives the key and returns an authentication key (4096-bit) back to the core.
Note: At all times during this process the links from both devices and the call are being protected by two active 256-bit ciphers (AES and TwoFish).
At this point the callers will hear a ditt-dutt ditt-dutt sound that signals to that the ‘key setup’ procedure for the secure connection is in progress. Key setup may take from 3 to 30 seconds, but typically 6 seconds, depending on line quality.
Once key setup is completed the callers will hear a »Ping« sound and the caller can start talking. In order to verify the authenticity of the key, each caller is required to read the three letters under »you say« and »partner says« to confirm the SECURE link.
The green SECURE indicator is only visible when a secure call is established.
Note: Reading the three letters and verifying what your partner says is meant to protect you against so-called ‘man-in-the-middle attacks’ on the secret session key. The session key is different for each call, as no key material is re-used between calls. The letters are mathematically derived from the unique secret key that is generated for each call. By reading and verifying them with your partner, you make sure that you are indeed communicating using the same key.
MAN-IN-THE-MIDDLE PROTECTION
During a SECURE call all communications is routed through the GSMnet Core. The Core acts as the “Man-in-the-middle” watching for unusual packet activity which would indicate an attempt by unauthorized individuals or groups to become a Man-in-the-middle”.
For more information regarding SIMcrypto, MobileCrypto and SiRRAN’s GSMnet technology please contact info@sirran.com.