SlideShare a Scribd company logo

Secuvoice SNS - Christoff Erdman

Fox-IT
Fox-IT
BusinessTechnologyEducation
1 of 22
SecuVOICE SNS Mastering interoperability challenges with Secure Voice
SecuVOICE SNS Outline The Need for End-to-End Security in Secure Voice The Compatibility Challenge of End-to-End Security The SNS Standard: Secure Network-Independent Speech Communication SecuVOICE SNS – Mastering the Interoperability Challange
SecuVOICE SNS The Need for End-to-End Security threads to voice and SMS communication Interception on the air interface Passive: breaking A5/1 encryption Active: IMSI-Catcher (Dis-)lawful interception in the land transmission network Voice and SMS data are transmitted in clear text Call-ID spoofing Attacker transmits false caller ID Cheap and effective
SecuVOICE SNS The Need for End-to-End Security secure voice needs more than just encryption End-to-End encryption of voice and SMS data Protection against interception Certificate-based authentication of the users Protection against man-in-the-middle attacks Protection against Call-ID spoofing
SecuVOICE SNS The Interoperability Challenge of E2E Security the “mobile” island
SecuVOICE SNS The Interoperability Challenge of E2E Security secure mobile to landline communication SecuGATE LI 1
SecuVOICE The Interoperability Challenge secure enterprise voice communication TC Installation PSTN + SecuGATE LI 4 / LI 30 SecuGATE LI 1
SecuVOICE SNS The Interoperability Challenge of E2E Security manufacturer-independent TC Installation PSTN + SecuGATE LI 4 / LI 30 + SecuGATE LI 1
SecuVOICE SNS The Interoperability Challenge of E2E Security network-independent TC Installation PSTN + SecuGATE + LI 4 / LI 30 TETRA / PSTN SecuGATE LI 1
SecuVOICE SNS The Interoperability Challenge of E2E Security future proof IP / PSTN TC Installation PSTN + SecuGATE + LI 4 / LI 30 TETRA / PSTN SecuGATE LI 1
SecuVOICE SNS The SNS Standard: Secure Network-independent Speech communication Open standard published by the German Federal Office for Information Security (BSI) Defines a network-independent protocol for end-to- end secure voice and SMS communication Makes no assumptions on the underlying channel other than a minimum bit rate of ca. 7 kbit/s facilitates compatibility of manufacturer-independent solutions
SecuVOICE SNS The SNS standard is leading the way in interoperable secure communication. SNS protocol supports the definition of various national and proprietary modes Each mode defines: voice codec, crypto scheme and signalling plan Negotiation of the best possible mode at the beginning of each call Mandatory interoperability mode based on TETRA ACELP voice codec and “BOS Digital” crypto scheme
SecuVOICE SNS The SNS standard defines a mandatory interoperability mode based on “BOS Digital” Elliptic curve public key cryptography available only in Smart Cards (NXP SmartMX P5CT072) Certificate-based key management based on BOS public key infrastructure (BOS PKI) Authenticated ECDH key negotiation of a new traffic encryption key (TEK) for each new call Voice traffic encryption using symmetric key stream cipher based on AES-128 key stream generation performed inside the smart card Even the TEK never leaves the smart card
SecuVOICE SNS The SNS standard enables E2E secure communication over a variety of networks One of the mandatory interoperability modes allows E2E secure voice and SMS communication between SNS devices in PSTN and TETRA radio devices in German TETRA-BOS network BOS-Digital cryptography (voice encryption, SDS/SMS encryption and key management) Voice Codec: TETRA ACELP (ETSI EN 300 395-2) Voice signalling plan compatible with TETRA (via transparent PSTN/TETRA gateway)
SecuVOICE SNS The SNS standard implementation challenges Much like NATO-SCIP the implementation of the SNS-Standard imposes several challenges particularly when considering current mobile device platforms Design-In of BOS Smartcard Secusmart Security Card (4GB microSD Card with embedded BOS Smartcard) Integration of TETRA ACELP voice codec on application processor Implementation of SNS protocol stack for each mobile platform
SecuVOICE SNS SecuVOICE SNS secure mobile voice communications Secure encrypted conversations, authenticated conversation partners Unencrypted telephone calls also possible SecuGATE LI 1
SecuVOICE SNS SecuVOICE SNS secure SMS text messages Worldwide protection with end-to-end encryption, authenticated senders and recipients Unencrypted text messages also possible
SecuVOICE SNS SecuGATE SNS secure landline voice calls SecuGATE Hardware-encrypted conversations, LI 1 authenticated conversation partners SecuGATE TC Installation SecuGATE LI 4 / LI 30 LI 1 Unencrypted also possible telephone calls
SecuVOICE SNS SecuVOICE & SecuGATE as comfortable as always, more secure than ever. Usual user-friendliness Secure telephone conferences Excellent voice quality Quick call set-up Global accessibility (GSM networks)
SecuVOICE SNS SecuVOICE & SecuGATE compatible, interoperable and approved Approved for VS-NfD security level (Classified – for official use only) Internationally approved up to NATO Restricted security level Compatible with TETRA-BOS Compatible with SNS standard Supplying German federal authorities since 2009 Supplying German state authorities since 2010
SecuVOICE SNS Secusmart Security Card Secure microSD card with embedded Smartcard 4GB flash memory Embedded Smartcard Chip (NXP SmartMX P5CT072) BOS-Digital Cryptography Secure key storage (protected against unauthorized access) PKI co-processor High speed AES co-processor Energy saving design
SecuVOICE SNS Technical Background – Landline SecuGATE Crypto Gateways: SecuGATE LI 1 – for 1 ISDN S0 connection SecuGATE LI 4 – for up to 4 ISDN S0 connections SecuGATE LI 30 – for 1 ISDN S2M connection (up to 30 voice channels) Works with all commercial ISDN telephones and ISDN telephone systems

Recommended

Ict encryption agt_fabio_pietrosanti
Ict encryption agt_fabio_pietrosantiIct encryption agt_fabio_pietrosanti
Ict encryption agt_fabio_pietrosantiPrivateWave Italia SpA
 
PrivateGSM - Voice Encryption Technical Overview
PrivateGSM - Voice Encryption Technical OverviewPrivateGSM - Voice Encryption Technical Overview
PrivateGSM - Voice Encryption Technical OverviewPrivateWave Italia SpA
 
Technical Sheet - PrivateGSM VoIP - english
Technical Sheet - PrivateGSM VoIP - englishTechnical Sheet - PrivateGSM VoIP - english
Technical Sheet - PrivateGSM VoIP - englishPrivateWave Italia SpA
 
Security in bluetooth, cdma and umts
Security in bluetooth, cdma and umtsSecurity in bluetooth, cdma and umts
Security in bluetooth, cdma and umtsAnkit Gupta
 
Portable wireless MESH network node
Portable wireless MESH network nodePortable wireless MESH network node
Portable wireless MESH network nodeErin Qiu
 
Roxtec Cable & Pipe Transits - Telecoms
Roxtec Cable & Pipe Transits - TelecomsRoxtec Cable & Pipe Transits - Telecoms
Roxtec Cable & Pipe Transits - TelecomsThorne & Derrick International
 
Network and internet security
Network and internet securityNetwork and internet security
Network and internet securityKaviya452563
 
Unblocking Stollen Mobile Phones using SS7-MaP vulnerabilities
Unblocking Stollen Mobile Phones using SS7-MaP vulnerabilities Unblocking Stollen Mobile Phones using SS7-MaP vulnerabilities
Unblocking Stollen Mobile Phones using SS7-MaP vulnerabilities Siddharth Rao
 

Recommended

Ict encryption agt_fabio_pietrosanti
Ict encryption agt_fabio_pietrosantiIct encryption agt_fabio_pietrosanti
Ict encryption agt_fabio_pietrosantiPrivateWave Italia SpA
 
PrivateGSM - Voice Encryption Technical Overview
PrivateGSM - Voice Encryption Technical OverviewPrivateGSM - Voice Encryption Technical Overview
PrivateGSM - Voice Encryption Technical OverviewPrivateWave Italia SpA
 
Technical Sheet - PrivateGSM VoIP - english
Technical Sheet - PrivateGSM VoIP - englishTechnical Sheet - PrivateGSM VoIP - english
Technical Sheet - PrivateGSM VoIP - englishPrivateWave Italia SpA
 
Security in bluetooth, cdma and umts
Security in bluetooth, cdma and umtsSecurity in bluetooth, cdma and umts
Security in bluetooth, cdma and umtsAnkit Gupta
 
Portable wireless MESH network node
Portable wireless MESH network nodePortable wireless MESH network node
Portable wireless MESH network nodeErin Qiu
 
Roxtec Cable & Pipe Transits - Telecoms
Roxtec Cable & Pipe Transits - TelecomsRoxtec Cable & Pipe Transits - Telecoms
Roxtec Cable & Pipe Transits - TelecomsThorne & Derrick International
 
Network and internet security
Network and internet securityNetwork and internet security
Network and internet securityKaviya452563
 
Unblocking Stollen Mobile Phones using SS7-MaP vulnerabilities
Unblocking Stollen Mobile Phones using SS7-MaP vulnerabilities Unblocking Stollen Mobile Phones using SS7-MaP vulnerabilities
Unblocking Stollen Mobile Phones using SS7-MaP vulnerabilities Siddharth Rao
 
LTE protocol exploits – IMSI catchers, blocking devices and location leaks - ...
LTE protocol exploits – IMSI catchers, blocking devices and location leaks - ...LTE protocol exploits – IMSI catchers, blocking devices and location leaks - ...
LTE protocol exploits – IMSI catchers, blocking devices and location leaks - ...EC-Council
 
The known unknowns of SS7 and beyond
The known unknowns of SS7 and beyondThe known unknowns of SS7 and beyond
The known unknowns of SS7 and beyondSiddharth Rao
 
2009: Voice Security And Privacy (Security Summit - Milan)
2009: Voice Security And Privacy (Security Summit - Milan)2009: Voice Security And Privacy (Security Summit - Milan)
2009: Voice Security And Privacy (Security Summit - Milan)Fabio Pietrosanti
 
FortiGate 1500D Series Delivers High-Performance Next-Generation Firewall
FortiGate 1500D Series Delivers High-Performance Next-Generation FirewallFortiGate 1500D Series Delivers High-Performance Next-Generation Firewall
FortiGate 1500D Series Delivers High-Performance Next-Generation FirewallShilaThak
 
Voice&Video Client Framework for Public Safety over LTE
Voice&Video Client Framework for Public Safety over LTEVoice&Video Client Framework for Public Safety over LTE
Voice&Video Client Framework for Public Safety over LTEMitchell Smith
 
Profinet security and safety update - Peter Brown
Profinet security and safety update - Peter BrownProfinet security and safety update - Peter Brown
Profinet security and safety update - Peter BrownPROFIBUS and PROFINET InternationaI - PI UK
 
FortressFone Overview 012915
FortressFone Overview 012915FortressFone Overview 012915
FortressFone Overview 012915Tom Malatesta
 
Signaling network vulnerabilities exposed, protection strategies for operator...
Signaling network vulnerabilities exposed, protection strategies for operator...Signaling network vulnerabilities exposed, protection strategies for operator...
Signaling network vulnerabilities exposed, protection strategies for operator...Xura
 
Ippbx for apartment
Ippbx for apartmentIppbx for apartment
Ippbx for apartmentKISHOREKUMAR V
 
During the Next Generation Network and Data Centre – Now and into the Future ...
During the Next Generation Network and Data Centre – Now and into the Future ...During the Next Generation Network and Data Centre – Now and into the Future ...
During the Next Generation Network and Data Centre – Now and into the Future ...Cisco Canada
 
Norton antivirus
Norton antivirusNorton antivirus
Norton antivirusPC Tech Support
 
Sec16 paper garcia
Sec16 paper garciaSec16 paper garcia
Sec16 paper garciaAndrey Apuhtin
 
LTE Masterclass: “Signaling network vulnerabilities and protection strategies...
LTE Masterclass: “Signaling network vulnerabilities and protection strategies...LTE Masterclass: “Signaling network vulnerabilities and protection strategies...
LTE Masterclass: “Signaling network vulnerabilities and protection strategies...Xura
 
Attack presentation
Attack presentationAttack presentation
Attack presentationFrikha Nour
 
SMB Communications - is VoIP secure?
SMB Communications - is VoIP secure?SMB Communications - is VoIP secure?
SMB Communications - is VoIP secure?Unified Communications Online
 
Wifi hacking
Wifi hackingWifi hacking
Wifi hackingHarshit Varshney
 
Webinar how to prepare for the sunset of 2G and 3G cellular communications
Webinar how to prepare for the sunset of 2G and 3G cellular communicationsWebinar how to prepare for the sunset of 2G and 3G cellular communications
Webinar how to prepare for the sunset of 2G and 3G cellular communicationsWestermo Network Technologies
 
Shteinfinance
ShteinfinanceShteinfinance
ShteinfinanceValentina Pavlova
 
Cd213 percy-audiocodes
Cd213 percy-audiocodesCd213 percy-audiocodes
Cd213 percy-audiocodesTran Thanh
 
festival ICT 2013: Mobile Network Security: stato dell’arte e oltre
festival ICT 2013: Mobile Network Security: stato dell’arte e oltrefestival ICT 2013: Mobile Network Security: stato dell’arte e oltre
festival ICT 2013: Mobile Network Security: stato dell’arte e oltrefestival ICT 2016
 
Shteinfinance
ShteinfinanceShteinfinance
ShteinfinanceValentina Pavlova
 
Voice securityprotocol review
Voice securityprotocol reviewVoice securityprotocol review
Voice securityprotocol reviewFabio Pietrosanti
 

More Related Content

What's hot

LTE protocol exploits – IMSI catchers, blocking devices and location leaks - ...
LTE protocol exploits – IMSI catchers, blocking devices and location leaks - ...LTE protocol exploits – IMSI catchers, blocking devices and location leaks - ...
LTE protocol exploits – IMSI catchers, blocking devices and location leaks - ...EC-Council
 
The known unknowns of SS7 and beyond
The known unknowns of SS7 and beyondThe known unknowns of SS7 and beyond
The known unknowns of SS7 and beyondSiddharth Rao
 
2009: Voice Security And Privacy (Security Summit - Milan)
2009: Voice Security And Privacy (Security Summit - Milan)2009: Voice Security And Privacy (Security Summit - Milan)
2009: Voice Security And Privacy (Security Summit - Milan)Fabio Pietrosanti
 
FortiGate 1500D Series Delivers High-Performance Next-Generation Firewall
FortiGate 1500D Series Delivers High-Performance Next-Generation FirewallFortiGate 1500D Series Delivers High-Performance Next-Generation Firewall
FortiGate 1500D Series Delivers High-Performance Next-Generation FirewallShilaThak
 
Voice&Video Client Framework for Public Safety over LTE
Voice&Video Client Framework for Public Safety over LTEVoice&Video Client Framework for Public Safety over LTE
Voice&Video Client Framework for Public Safety over LTEMitchell Smith
 
FortressFone Overview 012915
FortressFone Overview 012915FortressFone Overview 012915
FortressFone Overview 012915Tom Malatesta
 
Signaling network vulnerabilities exposed, protection strategies for operator...
Signaling network vulnerabilities exposed, protection strategies for operator...Signaling network vulnerabilities exposed, protection strategies for operator...
Signaling network vulnerabilities exposed, protection strategies for operator...Xura
 
During the Next Generation Network and Data Centre – Now and into the Future ...
During the Next Generation Network and Data Centre – Now and into the Future ...During the Next Generation Network and Data Centre – Now and into the Future ...
During the Next Generation Network and Data Centre – Now and into the Future ...Cisco Canada
 
LTE Masterclass: “Signaling network vulnerabilities and protection strategies...
LTE Masterclass: “Signaling network vulnerabilities and protection strategies...LTE Masterclass: “Signaling network vulnerabilities and protection strategies...
LTE Masterclass: “Signaling network vulnerabilities and protection strategies...Xura
 
Attack presentation
Attack presentationAttack presentation
Attack presentationFrikha Nour
 
Webinar how to prepare for the sunset of 2G and 3G cellular communications
Webinar how to prepare for the sunset of 2G and 3G cellular communicationsWebinar how to prepare for the sunset of 2G and 3G cellular communications
Webinar how to prepare for the sunset of 2G and 3G cellular communicationsWestermo Network Technologies
 
Cd213 percy-audiocodes
Cd213 percy-audiocodesCd213 percy-audiocodes
Cd213 percy-audiocodesTran Thanh
 
festival ICT 2013: Mobile Network Security: stato dell’arte e oltre
festival ICT 2013: Mobile Network Security: stato dell’arte e oltrefestival ICT 2013: Mobile Network Security: stato dell’arte e oltre
festival ICT 2013: Mobile Network Security: stato dell’arte e oltrefestival ICT 2016
 

What's hot (20)

LTE protocol exploits – IMSI catchers, blocking devices and location leaks - ...
LTE protocol exploits – IMSI catchers, blocking devices and location leaks - ...LTE protocol exploits – IMSI catchers, blocking devices and location leaks - ...
LTE protocol exploits – IMSI catchers, blocking devices and location leaks - ...
 
The known unknowns of SS7 and beyond
The known unknowns of SS7 and beyondThe known unknowns of SS7 and beyond
The known unknowns of SS7 and beyond
 
2009: Voice Security And Privacy (Security Summit - Milan)
2009: Voice Security And Privacy (Security Summit - Milan)2009: Voice Security And Privacy (Security Summit - Milan)
2009: Voice Security And Privacy (Security Summit - Milan)
 
FortiGate 1500D Series Delivers High-Performance Next-Generation Firewall
FortiGate 1500D Series Delivers High-Performance Next-Generation FirewallFortiGate 1500D Series Delivers High-Performance Next-Generation Firewall
FortiGate 1500D Series Delivers High-Performance Next-Generation Firewall
 
Voice&Video Client Framework for Public Safety over LTE
Voice&Video Client Framework for Public Safety over LTEVoice&Video Client Framework for Public Safety over LTE
Voice&Video Client Framework for Public Safety over LTE
 
Profinet security and safety update - Peter Brown
Profinet security and safety update - Peter BrownProfinet security and safety update - Peter Brown
Profinet security and safety update - Peter Brown
 
FortressFone Overview 012915
FortressFone Overview 012915FortressFone Overview 012915
FortressFone Overview 012915
 
Signaling network vulnerabilities exposed, protection strategies for operator...
Signaling network vulnerabilities exposed, protection strategies for operator...Signaling network vulnerabilities exposed, protection strategies for operator...
Signaling network vulnerabilities exposed, protection strategies for operator...
 
Ippbx for apartment
Ippbx for apartmentIppbx for apartment
Ippbx for apartment
 
During the Next Generation Network and Data Centre – Now and into the Future ...
During the Next Generation Network and Data Centre – Now and into the Future ...During the Next Generation Network and Data Centre – Now and into the Future ...
During the Next Generation Network and Data Centre – Now and into the Future ...
 
Norton antivirus
Norton antivirusNorton antivirus
Norton antivirus
 
Sec16 paper garcia
Sec16 paper garciaSec16 paper garcia
Sec16 paper garcia
 
LTE Masterclass: “Signaling network vulnerabilities and protection strategies...
LTE Masterclass: “Signaling network vulnerabilities and protection strategies...LTE Masterclass: “Signaling network vulnerabilities and protection strategies...
LTE Masterclass: “Signaling network vulnerabilities and protection strategies...
 
Attack presentation
Attack presentationAttack presentation
Attack presentation
 
SMB Communications - is VoIP secure?
SMB Communications - is VoIP secure?SMB Communications - is VoIP secure?
SMB Communications - is VoIP secure?
 
Wifi hacking
Wifi hackingWifi hacking
Wifi hacking
 
Webinar how to prepare for the sunset of 2G and 3G cellular communications
Webinar how to prepare for the sunset of 2G and 3G cellular communicationsWebinar how to prepare for the sunset of 2G and 3G cellular communications
Webinar how to prepare for the sunset of 2G and 3G cellular communications
 
Shteinfinance
ShteinfinanceShteinfinance
Shteinfinance
 
Cd213 percy-audiocodes
Cd213 percy-audiocodesCd213 percy-audiocodes
Cd213 percy-audiocodes
 
festival ICT 2013: Mobile Network Security: stato dell’arte e oltre
festival ICT 2013: Mobile Network Security: stato dell’arte e oltrefestival ICT 2013: Mobile Network Security: stato dell’arte e oltre
festival ICT 2013: Mobile Network Security: stato dell’arte e oltre
 

Similar to Secuvoice SNS - Christoff Erdman

Voice securityprotocol review
Voice securityprotocol reviewVoice securityprotocol review
Voice securityprotocol reviewFabio Pietrosanti
 
2014 innovaphone different protocols for different things
2014 innovaphone different protocols for different things2014 innovaphone different protocols for different things
2014 innovaphone different protocols for different thingsVOIP2DAY
 
Why use NET in LYNC Deployment
Why use NET in LYNC DeploymentWhy use NET in LYNC Deployment
Why use NET in LYNC DeploymentScanSource, Inc.
 
How To Successfully Implement IP Video
How To Successfully Implement IP VideoHow To Successfully Implement IP Video
How To Successfully Implement IP VideoVideoguy
 
Shahnshah Sarker 072802556
Shahnshah Sarker 072802556Shahnshah Sarker 072802556
Shahnshah Sarker 072802556mashiur
 
I psec cisco
I psec ciscoI psec cisco
I psec ciscoDeepak296
 
Ims architecture white_paper
Ims architecture white_paperIms architecture white_paper
Ims architecture white_paperPrashant Sengar
 
Ims architecture white_paper
Ims architecture white_paperIms architecture white_paper
Ims architecture white_paperDivyansh Gupta
 
Ims architecture white_paper
Ims architecture white_paperIms architecture white_paper
Ims architecture white_paperHema Makani
 
Cisco 2900 series router, more benefits, high performance
Cisco 2900 series router, more benefits, high performanceCisco 2900 series router, more benefits, high performance
Cisco 2900 series router, more benefits, high performanceIT Tech
 
Making networks secure with multi-layer encryption
Making networks secure with multi-layer encryptionMaking networks secure with multi-layer encryption
Making networks secure with multi-layer encryptionADVA
 
college assignment on Applications of ipsec
college assignment on Applications of ipsec college assignment on Applications of ipsec
college assignment on Applications of ipsec bigchill29
 
Design of Transparent Distributed IMS Network: Security Challenges Risk and S...
Design of Transparent Distributed IMS Network: Security Challenges Risk and S...Design of Transparent Distributed IMS Network: Security Challenges Risk and S...
Design of Transparent Distributed IMS Network: Security Challenges Risk and S...ijngnjournal
 
Case study about voip
Case study about voipCase study about voip
Case study about voipelmudthir
 

Similar to Secuvoice SNS - Christoff Erdman (20)

Shteinfinance
ShteinfinanceShteinfinance
Shteinfinance
 
Voice securityprotocol review
Voice securityprotocol reviewVoice securityprotocol review
Voice securityprotocol review
 
2014 innovaphone different protocols for different things
2014 innovaphone different protocols for different things2014 innovaphone different protocols for different things
2014 innovaphone different protocols for different things
 
Why use NET in LYNC Deployment
Why use NET in LYNC DeploymentWhy use NET in LYNC Deployment
Why use NET in LYNC Deployment
 
How To Successfully Implement IP Video
How To Successfully Implement IP VideoHow To Successfully Implement IP Video
How To Successfully Implement IP Video
 
Shahnshah Sarker 072802556
Shahnshah Sarker 072802556Shahnshah Sarker 072802556
Shahnshah Sarker 072802556
 
ECE 6570 Class01
ECE 6570 Class01ECE 6570 Class01
ECE 6570 Class01
 
I psec cisco
I psec ciscoI psec cisco
I psec cisco
 
Ims architecture white_paper
Ims architecture white_paperIms architecture white_paper
Ims architecture white_paper
 
Ims architecture white_paper
Ims architecture white_paperIms architecture white_paper
Ims architecture white_paper
 
Ims architecture white_paper
Ims architecture white_paperIms architecture white_paper
Ims architecture white_paper
 
Linkedin
LinkedinLinkedin
Linkedin
 
Cisco 2900 series router, more benefits, high performance
Cisco 2900 series router, more benefits, high performanceCisco 2900 series router, more benefits, high performance
Cisco 2900 series router, more benefits, high performance
 
Making networks secure with multi-layer encryption
Making networks secure with multi-layer encryptionMaking networks secure with multi-layer encryption
Making networks secure with multi-layer encryption
 
Download
DownloadDownload
Download
 
Download
DownloadDownload
Download
 
college assignment on Applications of ipsec
college assignment on Applications of ipsec college assignment on Applications of ipsec
college assignment on Applications of ipsec
 
Voip
VoipVoip
Voip
 
Design of Transparent Distributed IMS Network: Security Challenges Risk and S...
Design of Transparent Distributed IMS Network: Security Challenges Risk and S...Design of Transparent Distributed IMS Network: Security Challenges Risk and S...
Design of Transparent Distributed IMS Network: Security Challenges Risk and S...
 
Case study about voip
Case study about voipCase study about voip
Case study about voip
 

Recently uploaded

FULL ENJOY Call Girls In Majnu Ka Tilla, Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Majnu Ka Tilla, Delhi Contact Us 8377877756FULL ENJOY Call Girls In Majnu Ka Tilla, Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Majnu Ka Tilla, Delhi Contact Us 8377877756dollysharma2066
 
BAGALUR CALL GIRL IN 98274*61493 ❤CALL GIRLS IN ESCORT SERVICE❤CALL GIRL
BAGALUR CALL GIRL IN 98274*61493 ❤CALL GIRLS IN ESCORT SERVICE❤CALL GIRLBAGALUR CALL GIRL IN 98274*61493 ❤CALL GIRLS IN ESCORT SERVICE❤CALL GIRL
BAGALUR CALL GIRL IN 98274*61493 ❤CALL GIRLS IN ESCORT SERVICE❤CALL GIRLkapoorjyoti4444
 
Call Girls Zirakpur👧 Book Now📱7837612180 📞👉Call Girl Service In Zirakpur No A...
Call Girls Zirakpur👧 Book Now📱7837612180 📞👉Call Girl Service In Zirakpur No A...Call Girls Zirakpur👧 Book Now📱7837612180 📞👉Call Girl Service In Zirakpur No A...
Call Girls Zirakpur👧 Book Now📱7837612180 📞👉Call Girl Service In Zirakpur No A...Sheetaleventcompany
 
Katrina Personal Brand Project and portfolio 1
Katrina Personal Brand Project and portfolio 1Katrina Personal Brand Project and portfolio 1
Katrina Personal Brand Project and portfolio 1kcpayne
 
Phases of Negotiation .pptx
Phases of Negotiation .pptx Phases of Negotiation .pptx
Phases of Negotiation .pptxnandhinijagan9867
 
Eluru Call Girls Service ☎ ️93326-06886 ❤️‍🔥 Enjoy 24/7 Escort Service
Eluru Call Girls Service ☎ ️93326-06886 ❤️‍🔥 Enjoy 24/7 Escort ServiceEluru Call Girls Service ☎ ️93326-06886 ❤️‍🔥 Enjoy 24/7 Escort Service
Eluru Call Girls Service ☎ ️93326-06886 ❤️‍🔥 Enjoy 24/7 Escort ServiceDamini Dixit
 
Organizational Transformation Lead with Culture
Organizational Transformation Lead with CultureOrganizational Transformation Lead with Culture
Organizational Transformation Lead with CultureSeta Wicaksana
 
Call Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service Bangalore
Call Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service BangaloreCall Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service Bangalore
Call Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service Bangaloreamitlee9823
 
Malegaon Call Girls Service ☎ ️82500–77686 ☎️ Enjoy 24/7 Escort Service
Malegaon Call Girls Service ☎ ️82500–77686 ☎️ Enjoy 24/7 Escort ServiceMalegaon Call Girls Service ☎ ️82500–77686 ☎️ Enjoy 24/7 Escort Service
Malegaon Call Girls Service ☎ ️82500–77686 ☎️ Enjoy 24/7 Escort ServiceDamini Dixit
 
Call Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service Available
Call Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service AvailableCall Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service Available
Call Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service AvailableSeo
 
Nelamangala Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...
Nelamangala Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...Nelamangala Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...
Nelamangala Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...amitlee9823
 
SEO Case Study: How I Increased SEO Traffic & Ranking by 50-60% in 6 Months
SEO Case Study: How I Increased SEO Traffic & Ranking by 50-60% in 6 MonthsSEO Case Study: How I Increased SEO Traffic & Ranking by 50-60% in 6 Months
SEO Case Study: How I Increased SEO Traffic & Ranking by 50-60% in 6 MonthsIndeedSEO
 
Falcon Invoice Discounting: Empowering Your Business Growth
Falcon Invoice Discounting: Empowering Your Business GrowthFalcon Invoice Discounting: Empowering Your Business Growth
Falcon Invoice Discounting: Empowering Your Business GrowthFalcon investment
 
Business Model Canvas (BMC)- A new venture concept
Business Model Canvas (BMC)- A new venture conceptBusiness Model Canvas (BMC)- A new venture concept
Business Model Canvas (BMC)- A new venture conceptP&CO
 
Call Girls In Noida 959961⊹3876 Independent Escort Service Noida
Call Girls In Noida 959961⊹3876 Independent Escort Service NoidaCall Girls In Noida 959961⊹3876 Independent Escort Service Noida
Call Girls In Noida 959961⊹3876 Independent Escort Service Noidadlhescort
 
Mysore Call Girls 8617370543 WhatsApp Number 24x7 Best Services
Mysore Call Girls 8617370543 WhatsApp Number 24x7 Best ServicesMysore Call Girls 8617370543 WhatsApp Number 24x7 Best Services
Mysore Call Girls 8617370543 WhatsApp Number 24x7 Best ServicesDipal Arora
 
The Abortion pills for sale in Qatar@Doha [+27737758557] []Deira Dubai Kuwait
The Abortion pills for sale in Qatar@Doha [+27737758557] []Deira Dubai KuwaitThe Abortion pills for sale in Qatar@Doha [+27737758557] []Deira Dubai Kuwait
The Abortion pills for sale in Qatar@Doha [+27737758557] []Deira Dubai Kuwaitdaisycvs
 
Falcon Invoice Discounting: The best investment platform in india for investors
Falcon Invoice Discounting: The best investment platform in india for investorsFalcon Invoice Discounting: The best investment platform in india for investors
Falcon Invoice Discounting: The best investment platform in india for investorsFalcon Invoice Discounting
 

Recently uploaded (20)

FULL ENJOY Call Girls In Majnu Ka Tilla, Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Majnu Ka Tilla, Delhi Contact Us 8377877756FULL ENJOY Call Girls In Majnu Ka Tilla, Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Majnu Ka Tilla, Delhi Contact Us 8377877756
 
Falcon Invoice Discounting platform in india
Falcon Invoice Discounting platform in indiaFalcon Invoice Discounting platform in india
Falcon Invoice Discounting platform in india
 
BAGALUR CALL GIRL IN 98274*61493 ❤CALL GIRLS IN ESCORT SERVICE❤CALL GIRL
BAGALUR CALL GIRL IN 98274*61493 ❤CALL GIRLS IN ESCORT SERVICE❤CALL GIRLBAGALUR CALL GIRL IN 98274*61493 ❤CALL GIRLS IN ESCORT SERVICE❤CALL GIRL
BAGALUR CALL GIRL IN 98274*61493 ❤CALL GIRLS IN ESCORT SERVICE❤CALL GIRL
 
Call Girls Zirakpur👧 Book Now📱7837612180 📞👉Call Girl Service In Zirakpur No A...
Call Girls Zirakpur👧 Book Now📱7837612180 📞👉Call Girl Service In Zirakpur No A...Call Girls Zirakpur👧 Book Now📱7837612180 📞👉Call Girl Service In Zirakpur No A...
Call Girls Zirakpur👧 Book Now📱7837612180 📞👉Call Girl Service In Zirakpur No A...
 
Katrina Personal Brand Project and portfolio 1
Katrina Personal Brand Project and portfolio 1Katrina Personal Brand Project and portfolio 1
Katrina Personal Brand Project and portfolio 1
 
Phases of Negotiation .pptx
Phases of Negotiation .pptx Phases of Negotiation .pptx
Phases of Negotiation .pptx
 
Eluru Call Girls Service ☎ ️93326-06886 ❤️‍🔥 Enjoy 24/7 Escort Service
Eluru Call Girls Service ☎ ️93326-06886 ❤️‍🔥 Enjoy 24/7 Escort ServiceEluru Call Girls Service ☎ ️93326-06886 ❤️‍🔥 Enjoy 24/7 Escort Service
Eluru Call Girls Service ☎ ️93326-06886 ❤️‍🔥 Enjoy 24/7 Escort Service
 
Organizational Transformation Lead with Culture
Organizational Transformation Lead with CultureOrganizational Transformation Lead with Culture
Organizational Transformation Lead with Culture
 
Call Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service Bangalore
Call Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service BangaloreCall Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service Bangalore
Call Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service Bangalore
 
Malegaon Call Girls Service ☎ ️82500–77686 ☎️ Enjoy 24/7 Escort Service
Malegaon Call Girls Service ☎ ️82500–77686 ☎️ Enjoy 24/7 Escort ServiceMalegaon Call Girls Service ☎ ️82500–77686 ☎️ Enjoy 24/7 Escort Service
Malegaon Call Girls Service ☎ ️82500–77686 ☎️ Enjoy 24/7 Escort Service
 
Call Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service Available
Call Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service AvailableCall Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service Available
Call Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service Available
 
Nelamangala Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...
Nelamangala Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...Nelamangala Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...
Nelamangala Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...
 
SEO Case Study: How I Increased SEO Traffic & Ranking by 50-60% in 6 Months
SEO Case Study: How I Increased SEO Traffic & Ranking by 50-60% in 6 MonthsSEO Case Study: How I Increased SEO Traffic & Ranking by 50-60% in 6 Months
SEO Case Study: How I Increased SEO Traffic & Ranking by 50-60% in 6 Months
 
Falcon Invoice Discounting: Empowering Your Business Growth
Falcon Invoice Discounting: Empowering Your Business GrowthFalcon Invoice Discounting: Empowering Your Business Growth
Falcon Invoice Discounting: Empowering Your Business Growth
 
Business Model Canvas (BMC)- A new venture concept
Business Model Canvas (BMC)- A new venture conceptBusiness Model Canvas (BMC)- A new venture concept
Business Model Canvas (BMC)- A new venture concept
 
unwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabi
unwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabiunwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabi
unwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabi
 
Call Girls In Noida 959961⊹3876 Independent Escort Service Noida
Call Girls In Noida 959961⊹3876 Independent Escort Service NoidaCall Girls In Noida 959961⊹3876 Independent Escort Service Noida
Call Girls In Noida 959961⊹3876 Independent Escort Service Noida
 
Mysore Call Girls 8617370543 WhatsApp Number 24x7 Best Services
Mysore Call Girls 8617370543 WhatsApp Number 24x7 Best ServicesMysore Call Girls 8617370543 WhatsApp Number 24x7 Best Services
Mysore Call Girls 8617370543 WhatsApp Number 24x7 Best Services
 
The Abortion pills for sale in Qatar@Doha [+27737758557] []Deira Dubai Kuwait
The Abortion pills for sale in Qatar@Doha [+27737758557] []Deira Dubai KuwaitThe Abortion pills for sale in Qatar@Doha [+27737758557] []Deira Dubai Kuwait
The Abortion pills for sale in Qatar@Doha [+27737758557] []Deira Dubai Kuwait
 
Falcon Invoice Discounting: The best investment platform in india for investors
Falcon Invoice Discounting: The best investment platform in india for investorsFalcon Invoice Discounting: The best investment platform in india for investors
Falcon Invoice Discounting: The best investment platform in india for investors
 

Secuvoice SNS - Christoff Erdman

  • 1. SecuVOICE SNS Mastering interoperability challenges with Secure Voice
  • 2. SecuVOICE SNS Outline The Need for End-to-End Security in Secure Voice The Compatibility Challenge of End-to-End Security The SNS Standard: Secure Network-Independent Speech Communication SecuVOICE SNS – Mastering the Interoperability Challange
  • 3. SecuVOICE SNS The Need for End-to-End Security threads to voice and SMS communication Interception on the air interface Passive: breaking A5/1 encryption Active: IMSI-Catcher (Dis-)lawful interception in the land transmission network Voice and SMS data are transmitted in clear text Call-ID spoofing Attacker transmits false caller ID Cheap and effective
  • 4. SecuVOICE SNS The Need for End-to-End Security secure voice needs more than just encryption End-to-End encryption of voice and SMS data Protection against interception Certificate-based authentication of the users Protection against man-in-the-middle attacks Protection against Call-ID spoofing
  • 5. SecuVOICE SNS The Interoperability Challenge of E2E Security the “mobile” island
  • 6. SecuVOICE SNS The Interoperability Challenge of E2E Security secure mobile to landline communication SecuGATE LI 1
  • 7. SecuVOICE The Interoperability Challenge secure enterprise voice communication TC Installation PSTN + SecuGATE LI 4 / LI 30 SecuGATE LI 1
  • 8. SecuVOICE SNS The Interoperability Challenge of E2E Security manufacturer-independent TC Installation PSTN + SecuGATE LI 4 / LI 30 + SecuGATE LI 1
  • 9. SecuVOICE SNS The Interoperability Challenge of E2E Security network-independent TC Installation PSTN + SecuGATE + LI 4 / LI 30 TETRA / PSTN SecuGATE LI 1
  • 10. SecuVOICE SNS The Interoperability Challenge of E2E Security future proof IP / PSTN TC Installation PSTN + SecuGATE + LI 4 / LI 30 TETRA / PSTN SecuGATE LI 1
  • 11. SecuVOICE SNS The SNS Standard: Secure Network-independent Speech communication Open standard published by the German Federal Office for Information Security (BSI) Defines a network-independent protocol for end-to- end secure voice and SMS communication Makes no assumptions on the underlying channel other than a minimum bit rate of ca. 7 kbit/s facilitates compatibility of manufacturer-independent solutions
  • 12. SecuVOICE SNS The SNS standard is leading the way in interoperable secure communication. SNS protocol supports the definition of various national and proprietary modes Each mode defines: voice codec, crypto scheme and signalling plan Negotiation of the best possible mode at the beginning of each call Mandatory interoperability mode based on TETRA ACELP voice codec and “BOS Digital” crypto scheme
  • 13. SecuVOICE SNS The SNS standard defines a mandatory interoperability mode based on “BOS Digital” Elliptic curve public key cryptography available only in Smart Cards (NXP SmartMX P5CT072) Certificate-based key management based on BOS public key infrastructure (BOS PKI) Authenticated ECDH key negotiation of a new traffic encryption key (TEK) for each new call Voice traffic encryption using symmetric key stream cipher based on AES-128 key stream generation performed inside the smart card Even the TEK never leaves the smart card
  • 14. SecuVOICE SNS The SNS standard enables E2E secure communication over a variety of networks One of the mandatory interoperability modes allows E2E secure voice and SMS communication between SNS devices in PSTN and TETRA radio devices in German TETRA-BOS network BOS-Digital cryptography (voice encryption, SDS/SMS encryption and key management) Voice Codec: TETRA ACELP (ETSI EN 300 395-2) Voice signalling plan compatible with TETRA (via transparent PSTN/TETRA gateway)
  • 15. SecuVOICE SNS The SNS standard implementation challenges Much like NATO-SCIP the implementation of the SNS-Standard imposes several challenges particularly when considering current mobile device platforms Design-In of BOS Smartcard Secusmart Security Card (4GB microSD Card with embedded BOS Smartcard) Integration of TETRA ACELP voice codec on application processor Implementation of SNS protocol stack for each mobile platform
  • 16. SecuVOICE SNS SecuVOICE SNS secure mobile voice communications Secure encrypted conversations, authenticated conversation partners Unencrypted telephone calls also possible SecuGATE LI 1
  • 17. SecuVOICE SNS SecuVOICE SNS secure SMS text messages Worldwide protection with end-to-end encryption, authenticated senders and recipients Unencrypted text messages also possible
  • 18. SecuVOICE SNS SecuGATE SNS secure landline voice calls SecuGATE Hardware-encrypted conversations, LI 1 authenticated conversation partners SecuGATE TC Installation SecuGATE LI 4 / LI 30 LI 1 Unencrypted also possible telephone calls
  • 19. SecuVOICE SNS SecuVOICE & SecuGATE as comfortable as always, more secure than ever. Usual user-friendliness Secure telephone conferences Excellent voice quality Quick call set-up Global accessibility (GSM networks)
  • 20. SecuVOICE SNS SecuVOICE & SecuGATE compatible, interoperable and approved Approved for VS-NfD security level (Classified – for official use only) Internationally approved up to NATO Restricted security level Compatible with TETRA-BOS Compatible with SNS standard Supplying German federal authorities since 2009 Supplying German state authorities since 2010
  • 21. SecuVOICE SNS Secusmart Security Card Secure microSD card with embedded Smartcard 4GB flash memory Embedded Smartcard Chip (NXP SmartMX P5CT072) BOS-Digital Cryptography Secure key storage (protected against unauthorized access) PKI co-processor High speed AES co-processor Energy saving design
  • 22. SecuVOICE SNS Technical Background – Landline SecuGATE Crypto Gateways: SecuGATE LI 1 – for 1 ISDN S0 connection SecuGATE LI 4 – for up to 4 ISDN S0 connections SecuGATE LI 30 – for 1 ISDN S2M connection (up to 30 voice channels) Works with all commercial ISDN telephones and ISDN telephone systems