Cryptophone: End to End Encryption for Voice Calls

Cryptophone
I’ve known for some time that there are special mobile and fixed line phones out there which can encrypt calls from end to end. I recently met Dr. Björn Rupp, CEO of GSMK, a company developing such phones. While probably not of much interest for the average person, there are a lot of people out there from politicians, police, top level managers, etc. who want to be sure their call is not intercepted. Not by the government, not by a secret service, not by tech savvy reporters or nosy mobile phone company employees. All these people can get access to normal mobile calls as the only interface over which the call is encrypted is between the mobile phone and the base station (GSM) or the radio network controller (UMTS). Over all other interfaces, the call is sent without any encryption and core networks even contain standardized interfaces for law enforcement agencies to tap into calls.

The phones developed by GSMK encrypt calls end to end by establishing a data connection between the two ends instead of a normal voice call and then use a strong encryption algorithm to ensure eavesdroppers have no chance. Dr. Rupp’s business card is also the first one I’ve ever seen which contains his PGP key ID and fingerprint. Also, they’ve published the source code of their encryption algorithm on their website, so no security through obscurity. Cool stuff, I am impressed!

3G Licensens Of T-Mobile U.S. Are Incompatible With The Rest Of The World Today

UMTS is operated on the 2.1 GHz band (or UMTS operating band I) pretty much everywhere around the globe. The U.S., however, is a special case. There, the band is already occupied for other uses. Thus, operators are using the 1900 MHz band both for 2G and 3G wireless (UMTS operating band II) and in addition the 850 MHz band (operating band V), again both for 2G and 3G. It looks like T-Mobile ran a bit out of luck when it came to 3G as they had to resort to a frequency band which is not used by anyone else so far.

During FCC frequency auctions last year, T-Mobile received frequencies in the what seems to be the new 1700/2100 MHz band (UMTS operating band IV). Here’s a report from Unstrung that describes this detail. The 1700 MHz part is used for the uplink while the 2100 MHz part of the spectrum is used for the downlink (network to mobile). I guess this is a bit confusing because speculations have been going on if T-Mobile will be compatible with UMTS devices sold in the rest of the world in the areas where they deploy 2100 MHz. Well no, they are not because the 2100 MHz part is just the downlink part of their spectrum. The uplink is on 1700 MHz and not on 1920-1980 MHz as for UMTS operating band I devices.

3gfrequencybands_2
Here’s the table of UMTS operating bands from the standards (3GPP TS 25.101). Take a look on line 4. The frequency ranges match with those in the Unstrung report about the auction I linked to above.

Therefore be careful! Some people are saying that T-Mobile U.S. uses 2100 MHz but it is slightly off the European band. Well, that’s not accurate. The 2100 MHz portion is inside the frequency range used in the rest of the world. The uplink however, is totally off mark.

I am not sure if T-Mobile U.S. will be happy with these frequencies both long and short term. Not even the latest and greatest data cards supporting multiple UMTS bands like the Globtrotter from Option supports band IV today. Also, I wonder if the band will be used in other regions of the world in the future. If not, T-Mobile might have a big problem with 3G handset vendors as the market for band IV devices will be quite small. Also, the use of yet another frequency range for 3G in the U.S. will fracture the market even more.

MEX 2007 – The Different Mobile User Experience Conference

Mex
The 3GSM Congress 2007 is over but the year continues to provide interesting meeting and discussion opportunities in real life for people working in the mobile industry. London is not only attractive for it’s monthly Mobile Monday gatherings but also for Symbian’s Smartphone Show and the Mobile User Experience Conference (MEX) which will take place on the 2nd and 3rd of May at the Wallacespace near Covent Garden.

It seems this conference is different for a number of reasons. Firstly, the conference has a 10 point ‘manifesto’ which deals with the current state of the mobile user experience and how the organizers around Marek Pawlowski think it can be improved. No beating around the bush, they come right to the point. The manifesto was then given out to potential speakers of the conference for them to choose one of these topics to kick off discussion from their point of view during the conference.

The speaker lineup is very interesting indeed as well. Christian Lindholm for example, one of my favorite ‘mobile’ personalities, formerly director at Nokia and serving as a VP at the mobile division of Yahoo for some time will lead a session on how mobiles and applications should adapt to changing physical environments of the mobile user. Among others, the speaker lineup also includes Cliff Crosbie, Director of Retail Marketing at Nokia, Al Russell, head of Mobile Internet & Content services at Vodafone, Mathew Menz, Head of Interaction Design of Motorola and Antti Ohrling, co-founder of Bylk.

The venue itself is also quite interesting. Instead of a standard conference place, the organizers have selected Wallacespace, which, judging from the pictures on their web space, is quite comfortable and very much different from normal conference places. I am quite thrilled about the whole lineup so if my daytime job allows, I’ll attend.

Not the dumb little cousin of the Internet

Every now and then I see a presentation or read a piece on something and I think "yeah, he/she’s so right". It happened to me again this evening when I found "Mobile the 7th mass media is to internet like TV is to radio" by Tomi T. Ahonen over at Communities Dominate Brands. I you haven’t seen it so far take a look, it’s a real eye opener on why the mobile Internet does not only include all benefits of print media, audio and video recordings, the TV and the Internet but far surpasses them due to it’s unique capabilities.

He goes on to explain that developers should not aim at improving and creating new services to make the mobile Internet experience resemble the desktop Internet as close as possible. The is because the mobile is "Not the dumb little cousin of the Internet" as Tomi puts it. Instead, he argues that developers should use the mobile’s advantages such as it’s close relationship to it’s user, it’s unique identity, that it’s always on and always carried, that it has instant payment possibilities and it’s instantaneous support of the users creative impulses as guides and opportunities to create new services. Truly a masterpiece!

It’s good to see some companies have already understood this concept as mobile’s such as the Nokia’s NSeries phones, Sony Ericsson UIQ phones and others are great platforms to base such ideas on. The best phones, however, are no good if operators hide inside their walled gardens. But some of them have already understood and are embracing the future rather than to fight against it. Shining examples in recent months are Three with their free international roaming, German MVNOs offering prepaid mobile Internet access for a fair price to the masses, and operators such as One in Austria who have started selling high volume wireless Internet access for fair prices as well.

“European” 3G Phones Now Also Usable In South Korea

Until recently, European travelers to South Korea could not use their mobile phones due to incompatible wireless standards. Recently, however, KTF and SK Telecom have chosen to change standards and are now deploying UMTS/HSDPA networks (see here and here).

To use these networks with "European" UMTS phones, two other things need to be in place. First, these networks must be deployed in the 2.1 GHz frequency band, which is the band supported by European UMTS phones. Second, the home operator must have a roaming agreement with at least one of the operators that are deploying HSDPA networks.

Looks like all three things came together for a colleague of mine who traveled to South Korea recently. He’s a subscriber with T-Mobile Germany and was able to use KTF’s UMTS/HSDPA network without any trouble with his Nokia E-60 3G phone. Funnily enough, T-Mobile lists KTF still as CDMA network in their roaming data base.

Similarly in Japan, foreign visitors from Europe can now also use their 3G phones since NTT-DoCoMo and Softbank (former Vodafone K.K.) both operate UMTS/HSDPA networks in the 2.1 GHz band. Not many places on earth now anymore with a wireless network in range where a GSM/UMTS phone can not be used. For a world wide overview of GSM/UMTS coverage, take a look here.

Deep Inside the Network: Wifi Authentication with EAP-SIM

In a previous post, I’ve been looking at how authentication is performed in WPA enabled Wifi networks. A growing number of GSM and UMTS devices now also include Wifi as an alternative access technology and if cellular operators decide to run Wifi hotspots, a convenient way must be found to authenticate these hybrid devices there as well. A number of different solutions exist but most of them require the user to input information. To remove this user interaction, an authentication method now known as EAP-SIM was recently specified in RFC 4186. With EAP-SIM, user interaction is no longer required when the device registers to the Wifi network, as all required authentication information is taken from the SIM card. Here is how it works:

Small_eap_sim_authentication
EAP-SIM uses the same authentication framework as described for WPA personal and enterprise authentication. The figure on the left shows the messages exchanged between the mobile station and the authentication server via an EAP-SIM capable access point during authentication. After the Wifi open system authentication and association, the access point starts the EAP procedure by sending an EAP Identity Request to which the mobile device has to respond to with an EAP Identity Response message. The identity returned to the network in this message is composed of a identity type identifier, the IMSI (International Mobile Subscriber Identity), which is taken from the SIM card, and an operator specific postfix. Alternatively, the mobile device can also send a temporary identity (pseudonym) which has been agreed with the network during a pervious authentication procedure. The pseudonym is similar to the TMSI (Temporary Mobile Subscriber Identity) used in GSM networks but has a different format and is used to hide the subscriber’s real identity from eavesdroppers.

In the next step, the network sends an EAP SIM Start request which contains a list of different versions of supported EAP SIM authentication algorithms. The client device selects one of the algorithms it supports and sends an EAP SIM Start response message back to the network. This message also contains a random number which is used for a number of subsequent calculations on the network side in combination with a secret (the Kc) which is shared between the mobile device and the network. This way the network is also able to authenticate itself to the client.
At this point the authentication server in the network uses the subscriber’s IMSI to request authentication triplets from the GSM/UMTS Home Location Register (HLR) / Authentication Center (AuC) (cp. e.g. Chapter 1.6.4 of my book). Two or three GSM random values and GSM ciphering keys returned by the HLR are then used to generate EAP SIM authentication keys, EAP SIM encryption keys and other values required for the EAP-SIM authentication process. These are sent in encrypted form together with the two or three GSM random values in plain text to the client device in an EAP SIM Challenge request to the mobile device.

The mobile device then uses the GSM random values received in the message and forwards them to the SIM card. The SIM card then generates the GSM Signed Response and GSM ciphering keys which used afterwards to decipher the EAP SIM parameters received. If those values are identical to the values used by the network, the mobile device is able to send a correct response message which is then verified on the network side. If verification was successful an EAP Success message is returned and the client is admitted to the network.

Small_eap_entities
The second figure on the left shows the different devices and protocols used during authentication. On the left side the mobile client sends its EAP messages via the EAPOL protocol. For the messaging between the access point and the authentication server, the RADIUS protocol can be used. The authentication sever finally communicates with the HLR/AuC via the SS-7 circuit switched signaling network and the Mobile Application Part (MAP).

Currently, only few Wifi hotspot networks run by cellular operators support EAP-SIM authentication. One that does already, however, seems to be the hotspot network run by Swiss Mobile, as they announce it as part of the network name and also sell EAP-SIM compatible combo GPRS/UMTS/Wifi cards.

There Are Those Operators Living In Denial and Those Embracing Their Customers

I’d like to finish my day with a positive story so here we go: In Austria, there are quite a few mobile operators embracing their customers instead of keeping them from using the mobile Internet with unaffordable or even non existent rates. Today, ONE has announced the launch of H.U.I (which would translate into "wow" in English) which stands for "Höllenschnelles Ultra-einfaches Internet" ("devilishly fast ultra simple Internet").

H.U.I comes in three packages: 250 MB a month for 10 euros, 1 GB for 20 euros or 20 GB for 50 euros. The HSDPA PCMCIA card or USB modem is free for the 1GB and 20 GB offer and 99 euros for the smallest package with a 24 month contract. No activation charge, no additional fees, no additional voice package required, no additional taxes. Once the included data volume is exceeded, the maximum speed is reduced to 56 kbit/s. Great, so no more accidental charges when overstepping an invisible boundary. In case the boundary is hit, customers can pay 5 euros to move the boundary by the amount of the initial offer. If the users oversteps the 1 GB boundary for example, 5 euros unlock another gigabyte. Very good! Takes the fear out of the equation.

I don’t really know what else to say, the offer speaks for itself. Wow!

German Media Keeps Asking About EU Data Roaming Prices

Back in November, I was delighted to read that "Der Spiegel", one of Germany’s high profile political magazines reported that EU commissioner for information society and media Viviane Reding is also looking into pricing for data roaming in Europe. Now, "Focus", another high profile political magazine published an article in which Ms. Reding is reported to say that she is very worried about the extremely high prices for SMS and data services ("Ich bin sehr besorgt über die sehr hohen Preise"). "Tagesschau", a popular German TV new show followed suite.

I’d really welcome some action to get realistic and affordable data roaming prices. In the U.S. for example people roam from east coast to west coast never thinking about roaming costs. European travelers on the other hand are constantly impacted by high roaming fees and thus limit their communication when in other parts of Europe to the absolute minimum. Most people’s communication behavior at home and abroad is thus completely different. It’s not only a lifestyle question but a major competitive disadvantage as well.

How is the media treating this topic in other EU countries? Please leave a comment. Thanks!

How To Read This Blog On The Go

With an Internet tablet or a powerful mobile web browser running on devices like the Nokia N- or E-Series phones, this blog can be read on the go pretty much like on an ordinary PC. Many people, however, use less powerful browsers which need content adaptation. Additionally, network coverage while traveling can vary greatly and sometimes browsing while on a train or in the car is difficult. There are other ways, however, to read this and other blogs on the go:

  • A mobile RSS feed reader: Similar to feed reader programs on the PC, users can make a list of their favorite blog feeds. The program then downloads the content of the feeds which can then be viewed off line. This is my favorite way of reading blogs both on the PC and on the mobile. Several mobile feed reader applications are available and my favorite is Resco News for S60.
  • Opera Mini: If mobile phone processing power or high mobile Internet prices are an issue, Opera Mini is the solution. It’s a Java applet, runs on many phones, and uses a server on the net to format web pages for easy viewing on a small display. Pages are also compressed to save money and to reduce download times.
  • Google Mobile: Offers a service which reformats pages for mobile viewing.
  • Winksite: Among other things, Winksite can take RSS feeds to create mobile websites. This blog for example can be read with almost any mobile browser via http://winksite.com/msauter/wireless. For people with phones that include a 2D barcode reader application, I’ve supplied a code on the side bar which contains the URL of the mobile version of this blog.