23
submitted 7 months ago by MrSoup@lemmy.zip to c/privacy@lemmy.ml

Is it even possible on android? Is there a FOSS dialer to optionally encrypt some phone calls (non voip) using a pre-shared key with other party?

all 27 comments
sorted by: hot top controversial new old
[-] jet@hackertalks.com 19 points 7 months ago* (last edited 7 months ago)

See : https://en.m.wikipedia.org/wiki/Secure_voice

It's all about bandwidth. At a minimum cellular voice signals have 4.7 kilobits of bandwidth per second.

Plus the cell phone network and the cell phones themselves, work really really hard, at compressing that data stream for human voices only.

So if you're going to use some acoustic coupling to send data acoustically over the cellular network, you're not going to get 4.7 kilobits per second, you're going to get less than that.

Encrypting your voice stream, is going to take some bandwidth, so let's say there's a 10% overhead, so we're at about 4 kilobits per second of total voice bandwidth after encryption.

http://www.whence.com/minimodem/ is a neat program that does software audio encoding and decoding so you could run a virtual modem from your desktop or phone.

Here is a demonstration of the general concept: https://www.youtube.com/watch?v=uQqWHLZjOjA

https://spectrum.ieee.org/why-mobile-voice-quality-still-stinksand-how-to-fix-it

Here is some secure voice modulation demonstrations that you could use as a starting point: https://www.youtube.com/watch?v=BLKHf40K0Wk

This program does exactly what you want. Implement secure voice in software. You would just have to transmit this over your cell phone. It's possible this could be built out for Android for your specific use case, but right now it's built for generalized radio transmission. So you could build two of these, for either party. And connect via audio call over the cell phone. You just might not get as much bandwidth, and call quality as you want. You'd have to keep reducing the settings until it worked

https://github.com/aarmono/crypto_transceiver_instructions

One big obstacle, is you're going to have to do physical key exchange for your endpoints. If you use the internet for that key exchange, you might as well use encrypted voip.

[-] refalo@programming.dev 10 points 7 months ago

OP doesn't say where they are, but at least in the US, there is no more such a thing as the "cellular network" like the old circuit-based analog systems or 2G/3G, practically everything is VoIP now. All carriers are requiring VoLTE at a minimum which is IP-based (and so is everything that will come after it). So to me, using a different app like Signal is not going to be a huge difference in quality as long as the codec being used is a similar bitrate to what VoLTE uses (AMR-WB I think at a minimum).

[-] jet@hackertalks.com 8 points 7 months ago* (last edited 7 months ago)

Agreed. It's a fun thought experiment. You have an acoustic tunnel. It may be transited over VoIP it may not. You can use that acoustic tunnel however you like, so implementing secure voice via audio is doable even if the underlying network turns it into VoIP

For what it's worth signal voice quality is much much much much much much much higher, because it can use more bandwidth, then cellular voice connections

[-] Syn_Attck@lemmy.today 13 points 7 months ago

Signal is a great example of this but I don't think you'll find any ways to do it non-VoIP.

[-] catloaf@lemm.ee 9 points 7 months ago

https://en.wikipedia.org/wiki/Acoustic_coupler

Slap your phone in one of those bad boys and go to town with your TST 3550 or whatever.

As for cell phones, I don't think it's really supported. I'd recommend using a separate encrypted calling app, or getting a dedicated encrypted phone device.

[-] solrize@lemmy.world 9 points 7 months ago* (last edited 7 months ago)

non voip

I think this is not doable. You don't have access to the voice codec to start with, and the phone at the other end generally won't receive the bit stream coming out of it anyway. With a non-rooted phone it's hard to even get to the voice stream. You might be able to send subliminal encrypted text messages through a voice channel and that could be kind of cool, and hard to detect. That idea has been around for a while but I don't know of existing software that does it.

With VOIP, of course there are many encrypted systems available.

Added: also I assumed throughout that you meant present day mobile phones. With land phones at both ends, it may still be doable using dialup modems, but that was a 1990s thing and was pretty awful when you got down to it. It existed though.

[-] umami_wasbi@lemmy.ml 5 points 7 months ago* (last edited 7 months ago)

Instead of fiddling with the limitation on Android set by Google, I think a custom crypto DAC/ADC would be far eaiser, though you need both hard and software knowledge to accomplish this. It also came with the added benefit of not processing cryptographic operations on a black box.

Still, I don't know what goal you want to achieve and threat model is. If you are just curious if this possible, the answer will be ye with tons of hops amd hacks. If you really want security, I will advise you go another route.

[-] MrSoup@lemmy.zip 2 points 7 months ago

Just curious really, would be cool using cellular network with an encrypted signal. Here some telcom companies offers infinite calls minutes but limited GBs of internet, so making voip calls would use those GBs.

My understanding of the way a phone call works leads me to believe the data would not survive the dynamic compression done at the various transmission points like towers, relays, or the occasional satellite. If neither party is moving and the towers in use do not change in load, it might be possible, but at that point you're more tethered down than if you used a VPN.

[-] Scolding0513@sh.itjust.works 3 points 7 months ago

there are some obscure hardware options for this but hardware based audio encryption is mostly just enterprise stuff, it's very difficult for a consumer to obtain

[-] MrSoup@lemmy.zip 1 points 7 months ago

Isnt enough software encryption like with voip calls (like telegram)?

[-] umami_wasbi@lemmy.ml 4 points 7 months ago* (last edited 7 months ago)

It's on a different stack. Telegram (and VoIP) operates on the network stack, cellular call is working on the GSM/LTE stack. Networkin stack is more opened and free to do what you want; GSM/LTE stack have many proprietary tech that's is not open to everyone.

[-] ReversalHatchery@beehaw.org 2 points 7 months ago

This should be possible to do it software, but I don't know about any apps or something else that deals with this. You would probably also need a rooted phone for it to work.

[-] MrSoup@lemmy.zip 1 points 7 months ago

Why should I need a rooted phone? Can't dialer apps send whatever they want through cellular network?

[-] umami_wasbi@lemmy.ml 3 points 7 months ago* (last edited 7 months ago)

Yes and no. Google put some limitation on the software side. For example, you can't do call record unless you're in a country isn't two party consent.

[-] ReversalHatchery@beehaw.org 1 points 7 months ago

Maybe I'm wrong, but I think it's not the dialer app that operates the microphone, or at least it does not have total control over it, to record something and pass something else to the system.

[-] shortwavesurfer@monero.town 1 points 7 months ago

Not that I'm aware of phone calls traversed the cellular network and are uncrypted. Okay, well that's not exactly true. They are encrypted, but the cellular network has the decryption key. That way nobody on the air can listen to the call, but the cell company can record it.

[-] MrSoup@lemmy.zip 2 points 7 months ago* (last edited 7 months ago)

Can't the signal be encrypted first by client and then sent to cellular network?

[-] shortwavesurfer@monero.town 2 points 7 months ago

With audio encryption hardware, sure. Speak into that and feed its output to the mic on the phone

[-] ReversalHatchery@beehaw.org 2 points 7 months ago

I think they are interested in a purely software solution

[-] shortwavesurfer@monero.town 2 points 7 months ago

I think you're right. I know for a fact that I do not know of any, not for regular phone calls. Obviously if you want to use the internet and data, there's tons of options.

[-] Scolding0513@sh.itjust.works 1 points 7 months ago* (last edited 7 months ago)

do you know of any purchasable equipment? I've never been able to find any, then again I'm not versed in such things too much

[-] shortwavesurfer@monero.town 1 points 7 months ago

I don't myself. So I am not sure.

[-] billbasher@lemmy.world 2 points 7 months ago

Yeah third party apps can do end to end encryption. It uses the data network and not the cellular network then though.

Google Fi on Android actually does run E2E on calls https://fi.google.com/about/end-to-end-encrypted-calls/

this post was submitted on 16 Apr 2024
23 points (89.7% liked)

Privacy

32045 readers
905 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS