Why Encrypt?

Why would anyone eavesdrop on my calls?

Phone call interception is not some magic trick which only happens in Hollywood spy movies. It actually happens in the real world, too, posing serious threat to any individual or company in the form of:

disclosure of a trade secret and loss of competitive advantage
disclosure of a bid for a tender
blackmailing based on captured sensitive data

With ever growing competition in the markets, the value of information is increasing, and their misuse and exploitation can lead to grave consequences.

To mitigate these threats, CryptoCult offers you the following solution:

call encryption – no one will be able to intercept your calls
text messages and e-mail encryption
encrypted data storage – even if your phone gets lost or stolen, your data will remain safe

Using encryption not only prevents your sensitive data from being misused, it also saves your time. The time you would normally spend on the road can now be used for developing your business or spending your time with your loved ones.

Is it true that anyone can intercept my calls and messages?

Unfortunately, the answer is yes. The ability to intercept mobile communication is not limited to governmental organizations like the police and the secret services anymore. Developments in technology over the recent years have lead to a steep decrease of prices of interception equipment. At the DEF CON 18 conference in 2010, Chris Paget has demonstrated that an IMSI catcher, a device for GSM interception, can be built at the cost of USD 1500.^[1]

Thus, without exaggeration, it can be said that almost anyone can afford to intercept mobile communication.

And how about my e-mails?

E-mail messages passing through the Internet are not safe either. Like any postman or even a nosy parker going through mailboxes can read what is written on a postcard, any server through which an e-mail message passes can analyze, record or even modify the contents of the message. Mail service providers can also do the same thing. Actually, they often do so, and we can only hope that the only purpose of this is to present context-related advertising.

What else should I know about call interception?

There are several ways to obtain access to voice calls and text messages flowing through a GSM network. Do not expect old-fashioned bugs hidden in phone handles. Today, much more sophisticated and cunning methods are used.

Interception done by the mobile network carrier

From a technical point of view, this is the simplest method of interception. Data do flow unencrypted in the mobile network carrier's core network and the carrier has full access to them. Court ordered wiretapping is usually carried out this way. Unfortunately, there is always the possibility of an unauthorized wiretapping being done e.g. by a carrier's rogue employee.

Active interception of radio transmission

Mobile communication can be intercepted even without access to the carrier's core network. Radio transmission between a cell phone and the carrier's Base Transceiver Station (BTS) is encrypted but there are several vulnerabilities which allow for an easy attack.

In the older 2G networks, the BTS does not authenticate itself to the phone. This enables the attacker to set up a rogue BTS impersonating a carrier's BTS, the so-called IMSI catcher. When a phone connects to such rogue BTS, the attacker can force the phone to disable encryption of the radio transmission, bypassing the cipher (which normally protects the data) and obtaining easy access to the transmitted data. This kind of attack, because it involves active tampering with communication, is at least theoretically detectable.

Passive interception of radio transmission

Unfortunately, it is even possible to intercept the communication without actively entering it. Modern devices are capable of passively recording the communication, breaking the A5/1 cipher, and decrypting the data. This interception method is particularly dangerous because it is virtually unnoticeable. A live demonstration of this interception method has been presented by researchers Karsten Nohl and Sylvain Munaut in 2011 at the 27C3 conference.^[2]

In modern 3G networks, a more secure cipher and mutual authentication of the phone and BTS are used. However, to preserve backward compatibility, phones must be capable of communicating over the older 2G network, and the attacker can force them to do so. Then, any of the aforementioned attacks against the 2G network can be used.

External links

[1] https://www.defcon.org/html/links/dc-archives/dc-18-archive.html#Paget

[2] https://www.youtube.com/watch?v=ZrbatnnRxFc, the demonstration itself begins at the 34:45 timestamp.