It is the age of Voice-over-IP solutions. Majority of telecommunication carriers across the world are providing or preparing for the mass deployment of VOIP services. This clearly shows that IP Telephony has a bright future ahead. However, widespread deployment of IP telephony has brought with itself additional challenges and risks of security violations. There have been instances of eavesdropping and other violations which have created an urgency to find out a solution to these security holes. Secure-voiP addresses the security challenges of VOIP by providing the following:

Authorization
Authentication
Transport Layer Security (TLS)
Double Layer Media Encryption


Security

Secure-voiP is using Dual-layer protection, of both Symmetric and Asymmetric encryption.

First level covers the security based on Transport Layer Security Protocol.
Second level makes use of inherent security mechanism available in the media communication protocol.
The entire security architecture is built with the sole purpose of addressing the following needs:

Authentication – Both parties in communication should be able to authenticate and identify themselves appropriately.
Confidential – Communication should be secure and confidential between the parties.
Integrity- Communication should not undergo change in the midway. Party A should hear what Party B wants to convey.
Forward Secrecy – It is expected that security keys used for a particular call are exchanged frequently so that they cannot be used for any future call.
Technique

Secure-voiP makes use of the following technique:

Before call is established, Secure-voiP identifies itself with the server. It is an SSL HTTP communication with 2048 bits length key. RSA algorithm is used for generation of Keys. These 2048 bits length keys are used at the time of authentication. Server provides its certificate to Client for ensuring that all future communications are encrypted. 256 Bit length session key is generated between Secure-voiP client and Server for encryption using Symmetric ciphers. This session key is replaced for each phone call.

Once the session key has been exchanged between Client and server, all future communications are encrypted. There are no fixed credentials for the Client. These credentials are generated for each phone call to ensure that Server and Client can not get compromised. There is a secret generated by server which is shared with client over HTTPS. This secret is used by Client for generating credentials on the fly which in turn are used for making the VOIP Calls.

Unless and until the client has authenticated itself with the server, it cannot exchange secret for generating credentials and without these credentials, calls cannot be established. These credentials are valid for a particular call. Once the call is done, these secret and credentials are disposed by the server. All VOIP signalling messages and voice packets are encrypted using symmetric cipher agreed during the TLS Handshake. It uses AES 256 bits symmetric cipher for voice packets encryption.
The encrypted data is further encrypted using SRTP security mechanism. Key Management protocol is used for generating the session keys. Encrypted voice packets are further decrypted by AES symmetric encryption algorithm. Thus voice packets undergo dual layer encryption.

Secure-voiP provides confidentiality for voice packets by encryption of the respective payloads; integrity for the voice and signalling packets, together with replay protection; periodic refreshing of the session keys, which limits the amount of cipher text produced by a fixed key, available for an adversary to cryptanalyze; a secure session key derivation with a pseudo-random function at both ends; the usage of salting keys to protect against pre-computation attacks. Secure-voiP achieves high throughput and low packet expansion by using fast stream ciphers for encryption, an implicit index for synchronization, and universal hash functions for message authentication.


Features

Easy to use. No major configuration required for the client. Just install and start making Secure VOIP calls.
High Audio Quality
Almost zero echo during calls.
Low Latency
No fixed credentials. Credentials automatically generated and provided by server for every call Secured HTTP Connection with 2048 bits length key.
RSA 2048 bits Key used for authentication
Automatic Generation of AES keys
Key derivation function which is applied to generate the session keys
256 bits session keys which are periodically updated
Dual-layer voice encryption
ZRTP used for key management in SRTP
256 bits AES key for encryption of voice
RC4 encrypted invisible text message from sender to receiver for providing sender's SIP URL
AES 256 encrypted SIP IM message from receiver to sender for sharing receiver's SIP URL
Ability to work beyond majority of NAT’s and firewalls. It works seamlessly in WiFi, GPRS and 3G environment providing communication between mobile devices behind NAT’s.

Supported Models

Nokia E51(215.06) TIM brand - fw 100.34.20 - 29/09/2007 Symbian OS v9.2, S60 3rd Ed. FP1
Nokia E51 (01) - fw 200.34.36 - 24/04/2008 Symbian OS v9.2, S60 3rd Ed. FP1
Nokia E62 Symbian OS v9.2, S60 3rd Ed. FP1
Nokia E66 Symbian OS v9.2, S60 3rd Ed. FP1
Nokia E71 Symbian OS v9.2, S60 3rd Ed. FP1
Nokia E90 Communicator Symbian OS v9.2, S60 3rd Ed. FP1
Nokia N76 Symbian OS v9.2, S60 3rd Ed. FP1
Nokia N81 Symbian OS v9.2, S60 3rd Ed. FP1
Nokia N81 8GB Symbian OS v9.2, S60 3rd Ed. FP1
Nokia N82 Symbian OS v9.2, S60 3rd Ed. FP1
Nokia N93i Symbian OS v9.3, S60 3rd Ed. FP2
Nokia N95 Symbian OS v9.2, S60 3rd Ed. FP1
Nokia N95 8GB Symbian OS v9.2, S60 3rd Ed. FP1
Nokia N95-3 NAM Symbian OS v9.2, S60 3rd Ed. FP1
Nokia 6110 Navigator Symbian OS v9.2, S60 3rd Ed. FP1
Nokia 6120 classic Symbian OS v9.2, S60 3rd Ed. FP1
Nokia 6121 classic Symbian OS v9.2, S60 3rd Ed. FP1
Nokia 6290 classic Symbian OS v9.2, S60 3rd Ed. FP1
Nokia 5700_XpressMusic

Description:

Spyphone is the technological and professional solution for cell phone tapping with unlimited coverage.

It is possible to listen to the environmental audio generated by the phone call in a desguised way, get a copy of all sent and received SMS (text messages), and also to make a remote tapping of the two sides of the incoming and outcoming cell phone conversations. This tool will allow to have the total control of a target with unlimited coverage.

This system offers world coverage since it is operated by all worldwide GSM providers and in all bands.



This device allows 7 different ways of monitoring service.

1 - Environmetal tapping.

2 - Cell phone tapping.

3 - Monitoring of SMS forwarding and reception.

4 - Incoming and outcoming call alert via SMS.

5 - Geographic localization through the cell phone network. (only available in some places).

6 - Turnoff and turned-on cell phone notification. Change of SIM card.

7 - Remote control of activation and deactivation through SMS commands.



To use this system, it is necessary to have two cell phones:

1 - Spyphone: it is the modified GSM cell phone that we sell.

2 - The customized cell phone: it is the device you use to monitor the Spyphone. Any cell phone can work for this system (not included).



Price: you can adquire this product in two different ways:

1 - Only the software: if you have some of the following compatible Nokia: 3230, 3250, 5320, 5500, 5700, 6110, 6120, 6121, 6124, 6124 c, 6210 navigator, 6220, 6260, 6290, 6620, 6630, 6670, 6680, 6681, 6682, 6710 navigator, 6720 classic, 7610, E50, E51, E55, E60, E61, E61i, E62, E63, E65, E66, E70, E71, E75, E90, N70, N71, N72, N73, N75, N76, N77, N78, N79, N80, N81, N82, N85, N86, N90, N91, N92, N93, N93i, N95(8GB), N96, N97
New spyphone software compatible models:
SAMSUNG - I7110, INNOV8, G810, i450, i520, i550, i560, L870
LG - JOY, KT610, KT615
2 - The system plus the cell phone.