The DICA ScryptGuard Crypto-Gateway does not only enable encrypted interconnections between subscribers of the mobile and the fixed network, but also allows a defined number of secured telephone conferences for up to 30 mobile subscribers or at least 60 subscribers of the fixed network and mobile network.<br>
<br>
Encrypted calls are always secured with 256-bit keys using AES and Twofish running as counter mode stream ciphers. Using both AES and Twofish provides a much stronger encryption than using only one algorithm. For the highly unlikely case that a weakness is detected in one of the algorithms, the second algorithm still provides sufficient security. The use of two strong algorithms is a unique feature of the ScryptGuard-GSM series that provides a "fallback" within the crypto-system design.<br>
<br>
The key required for each call is generated using a 4096-bit Diffie-Hellman shared secret exchange, hashing the resulting 4096 bits to the 256-bit session key by means of SHA256. To prevent man-in-the-middle attacks, a six-digit hash is generated from the Diffie-Hellman result and displayed as a password to the user. The user then reads three digits over the encrypted line to the communication partner and verifies the three digits, which the communication partner reads to him. If there is a discrepancy in the six digits, a man-in-the-middle attack has been detected. All key material is securely erased immediately after the call ends.<br>
<br>
Mobile phones of the ScryptGuard-GSM series run on top of a heavily hardened and stripped-down Microsoft Windows Mobile environment system. DICA removed applications, communication stacks and system parts that are not necessary for the operation and which may cause potential security problems.<br>
<br>
Four ROM-based security profiles make it possible to use a ScryptGuard mobile as a smartphone, with crypto functionality or a dedicated crypto mobile phone for clear for encrypted voice communication and SMS transmission. However, mobile phones of the ScryptGuard-GSM series cannot protect against the detection of your IMSI (International Mobile Subscriber Identity) or the recording of numbers called or calling.<br>
<br>
For more information, please contact Ingrid Reimschussel at Biodata IT on (011) 234-3650.