Encryption in Your Pocket

Cellcrypt Mobile lets users make encrypted calls using smartphones.

Cellcrypt makes versions of its app for BlackBerry, Android and iPhone devices, and while each is slightly different, they are all interoperable and equally easy to use.

Each of the Cellcrypt platforms meets FIPS 140-2 requirements. The Android and iOS (iPhone and iPad) versions use an encryption library developed by Cellcrypt and are FIPS 140-2 validated. Cellcrypt lists the BlackBerry version as FIPS-compliant, which means it uses the existing Research in Motion FIPS-certified encryption library developed for the BlackBerry.

Advantages

The Cellcrypt Mobile app for each of the supported smartphones is installed like other apps.

The iOS version comes from the Apple store; users can download the Android version from a web address, usually provided in an e-mail message; and the BlackBerry app can be pushed out to devices from a BlackBerry Enterprise Server or downloaded in the same manner as the Android version.

Using Cellcrypt is like using any other app. Users select the Cellcrypt icon, and it opens to display a dial pad that differs slightly in appearance from a standard dial pad. That way, users aren’t likely to make what should be an encrypted call on an unencrypted service. It’s still clearly a cell phone dial pad, so there’s effectively no learning curve involved with using it.

One difference from normal smartphone use is that while the Cellcrypt app can retrieve a listing from your primary contact list, it doesn’t share information you add to the Cellcrypt contact list with your primary list.

Why It Works for IT

Cellcrypt gives users a low-impact way to outfit their mobile devices with FIPS-compliant encryption, which is required for phones used by the government. Although the method of loading Cellcrypt varies for different devices, none of them is difficult.

Basically, these apps install themselves. Once they’re on the phone, there’s also little user training involved because most smartphone users already know how to launch an app.

Cellcrypt sends the voice signal out over the phone’s data connection rather than the voice network. Because Cellcrypt establishes an encrypted Voice over IP session, the app can be used in conjunction with SIP phone systems; thus, it can work with PBX systems using the Cellcrypt Enterprise Gateway, and it can work through satellite links.

Because the Cellcrypt connection uses VoIP, users must have a data plan for their phones. Cellcrypt will work with most IP data networks, including 2G and 3G, and with Wi-Fi. Users don’t need to make any special provisions on their networks beyond what would be required to handle VoIP, something most networks can do
by default.

Disadvantages

The Cellcrypt encryption software drains the battery somewhat for users of the Android and iOS versions because the phones must poll for a server. BlackBerrys don’t have this drawback because these devices use a push technology and don’t poll.

Also, phones using the encryption software exhibit greater latency than one finds with normal calls. Because all digital phones exhibit some degree of latency, the difference would be obvious only to a user standing near the person with whom he or she is having an encrypted conversation — which seems improbable, though not impossible.