this post was submitted on 16 Apr 2024

22 points (89.3% liked)

Privacy

29869 readers

1977 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
Don't promote proprietary software
Try to keep things on topic
If you have a question, please try searching for previous discussions, maybe it has already been answered
Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
Be nice :)

Related communities

Chat rooms

[Matrix/Element]Dead
Discord

much thanks to @gary_host_laptop for the logo design :)

founded 4 years ago

MODERATORS

[email protected]

How to encrypt regular phone calls? (lemmy.zip)

submitted 2 months ago by [email protected] to c/[email protected]

25 comments fedilink hide all child comments

Is it even possible on android? Is there a FOSS dialer to optionally encrypt some phone calls (non voip) using a pre-shared key with other party?

all 27 comments

sorted by: hot top controversial new old

[–] [email protected] 18 points 2 months ago* (last edited 2 months ago) (1 children)

See : https://en.m.wikipedia.org/wiki/Secure_voice

It's all about bandwidth. At a minimum cellular voice signals have 4.7 kilobits of bandwidth per second.

Plus the cell phone network and the cell phones themselves, work really really hard, at compressing that data stream for human voices only.

So if you're going to use some acoustic coupling to send data acoustically over the cellular network, you're not going to get 4.7 kilobits per second, you're going to get less than that.

Encrypting your voice stream, is going to take some bandwidth, so let's say there's a 10% overhead, so we're at about 4 kilobits per second of total voice bandwidth after encryption.

http://www.whence.com/minimodem/ is a neat program that does software audio encoding and decoding so you could run a virtual modem from your desktop or phone.

Here is a demonstration of the general concept: https://www.youtube.com/watch?v=uQqWHLZjOjA

https://spectrum.ieee.org/why-mobile-voice-quality-still-stinksand-how-to-fix-it

Here is some secure voice modulation demonstrations that you could use as a starting point: https://www.youtube.com/watch?v=BLKHf40K0Wk

This program does exactly what you want. Implement secure voice in software. You would just have to transmit this over your cell phone. It's possible this could be built out for Android for your specific use case, but right now it's built for generalized radio transmission. So you could build two of these, for either party. And connect via audio call over the cell phone. You just might not get as much bandwidth, and call quality as you want. You'd have to keep reducing the settings until it worked

https://github.com/aarmono/crypto_transceiver_instructions

One big obstacle, is you're going to have to do physical key exchange for your endpoints. If you use the internet for that key exchange, you might as well use encrypted voip.

[–] [email protected] 10 points 2 months ago (1 children)

OP doesn't say where they are, but at least in the US, there is no more such a thing as the "cellular network" like the old circuit-based analog systems or 2G/3G, practically everything is VoIP now. All carriers are requiring VoLTE at a minimum which is IP-based (and so is everything that will come after it). So to me, using a different app like Signal is not going to be a huge difference in quality as long as the codec being used is a similar bitrate to what VoLTE uses (AMR-WB I think at a minimum).

[–] [email protected] 8 points 2 months ago* (last edited 2 months ago)

Agreed. It's a fun thought experiment. You have an acoustic tunnel. It may be transited over VoIP it may not. You can use that acoustic tunnel however you like, so implementing secure voice via audio is doable even if the underlying network turns it into VoIP

For what it's worth signal voice quality is much much much much much much much higher, because it can use more bandwidth, then cellular voice connections

[–] [email protected] 13 points 2 months ago

Signal is a great example of this but I don't think you'll find any ways to do it non-VoIP.

[–] [email protected] 9 points 2 months ago* (last edited 2 months ago)

non voip

I think this is not doable. You don't have access to the voice codec to start with, and the phone at the other end generally won't receive the bit stream coming out of it anyway. With a non-rooted phone it's hard to even get to the voice stream. You might be able to send subliminal encrypted text messages through a voice channel and that could be kind of cool, and hard to detect. That idea has been around for a while but I don't know of existing software that does it.

With VOIP, of course there are many encrypted systems available.

Added: also I assumed throughout that you meant present day mobile phones. With land phones at both ends, it may still be doable using dialup modems, but that was a 1990s thing and was pretty awful when you got down to it. It existed though.

[–] [email protected] 9 points 2 months ago

https://en.wikipedia.org/wiki/Acoustic_coupler

Slap your phone in one of those bad boys and go to town with your TST 3550 or whatever.

As for cell phones, I don't think it's really supported. I'd recommend using a separate encrypted calling app, or getting a dedicated encrypted phone device.

[–] [email protected] 5 points 2 months ago* (last edited 2 months ago) (1 children)

Instead of fiddling with the limitation on Android set by Google, I think a custom crypto DAC/ADC would be far eaiser, though you need both hard and software knowledge to accomplish this. It also came with the added benefit of not processing cryptographic operations on a black box.

Still, I don't know what goal you want to achieve and threat model is. If you are just curious if this possible, the answer will be ye with tons of hops amd hacks. If you really want security, I will advise you go another route.

[–] [email protected] 2 points 2 months ago

Just curious really, would be cool using cellular network with an encrypted signal. Here some telcom companies offers infinite calls minutes but limited GBs of internet, so making voip calls would use those GBs.

[–] [email protected] 4 points 2 months ago

My understanding of the way a phone call works leads me to believe the data would not survive the dynamic compression done at the various transmission points like towers, relays, or the occasional satellite. If neither party is moving and the towers in use do not change in load, it might be possible, but at that point you're more tethered down than if you used a VPN.

[–] [email protected] 3 points 2 months ago (1 children)

there are some obscure hardware options for this but hardware based audio encryption is mostly just enterprise stuff, it's very difficult for a consumer to obtain

[–] [email protected] 1 points 2 months ago (1 children)

Isnt enough software encryption like with voip calls (like telegram)?

[–] [email protected] 4 points 2 months ago* (last edited 2 months ago)

It's on a different stack. Telegram (and VoIP) operates on the network stack, cellular call is working on the GSM/LTE stack. Networkin stack is more opened and free to do what you want; GSM/LTE stack have many proprietary tech that's is not open to everyone.

[–] [email protected] 2 points 2 months ago (1 children)

This should be possible to do it software, but I don't know about any apps or something else that deals with this. You would probably also need a rooted phone for it to work.

[–] [email protected] 1 points 2 months ago (2 children)

Why should I need a rooted phone? Can't dialer apps send whatever they want through cellular network?

[–] [email protected] 3 points 2 months ago* (last edited 2 months ago)

Yes and no. Google put some limitation on the software side. For example, you can't do call record unless you're in a country isn't two party consent.

[–] [email protected] 1 points 2 months ago

Maybe I'm wrong, but I think it's not the dialer app that operates the microphone, or at least it does not have total control over it, to record something and pass something else to the system.

[–] [email protected] 1 points 2 months ago (1 children)

Not that I'm aware of phone calls traversed the cellular network and are uncrypted. Okay, well that's not exactly true. They are encrypted, but the cellular network has the decryption key. That way nobody on the air can listen to the call, but the cell company can record it.

[–] [email protected] 2 points 2 months ago* (last edited 2 months ago) (2 children)

Can't the signal be encrypted first by client and then sent to cellular network?

[–] [email protected] 2 points 2 months ago

Yeah third party apps can do end to end encryption. It uses the data network and not the cellular network then though.

Google Fi on Android actually does run E2E on calls https://fi.google.com/about/end-to-end-encrypted-calls/

[–] [email protected] 2 points 2 months ago (2 children)

With audio encryption hardware, sure. Speak into that and feed its output to the mic on the phone

[–] [email protected] 2 points 2 months ago (1 children)

I think they are interested in a purely software solution

[–] [email protected] 2 points 2 months ago

I think you're right. I know for a fact that I do not know of any, not for regular phone calls. Obviously if you want to use the internet and data, there's tons of options.

[–] [email protected] 1 points 2 months ago* (last edited 2 months ago) (1 children)

do you know of any purchasable equipment? I've never been able to find any, then again I'm not versed in such things too much

[–] [email protected] 1 points 2 months ago

I don't myself. So I am not sure.