Whisper Systems offers call encryption on Android with RedPhone. Chad Perrin describes how it works and where the potential security questions exist.
The technology for practical, private telephone call encryption has existed for years, but the costs involved have tended to push it out of range of what people are willing to pay for a telephone. The advent of VOIP systems has started to make call encryption more practical because the encryption and decryption can be implemented in software without requiring any special equipment beyond servers running open source VOIP PBX software like Asterisk, but deploying such heavy-duty VOIP systems is a bit much for common use. Consumer-grade VOIP packages could bring this a bit closer to home, but they have not really taken off to the point that people who care much about privacy technologies to form a market niche substantial enough to make development of easy call encryption likely.
Smartphones are the turning point. As handheld computers, they have rapidly developed the ability to support VOIP software. This, in turn, makes it reasonable to expect call encryption to finally make it into the hands of the common consumer. A smartphone security company co-founded by Moxie Marlinspike, called Whisper Systems, has addressed the need on Android with an application called RedPhone.
RedPhone uses an encryption protocol called ZRTP designed by Phillip Zimmerman, the inventor of PGP. It allows you to connect to another user's smartphone with RedPhone installed using a contact list, or by entering the intended recipient's telephone number with an asterisk (the "star" key) appended to the end. The application uses encrypted SMS messages to quickly establish calls across a VOIP connection, all behind the convenient mask of a normal dialing interface or contact list.
Thanks to its use of direct, smartphone-to-smartphone VOIP on the back end, RedPhone calls do not use up call minutes from the service provider plan. The only potential costs involved should be whatever SMS text messaging charges the service provider applies when establishing a connection.
While RedPhone's encryption is end-to-end, it does not provide perfect security. The fact of the matter is that as long as our smartphone hardware is not strictly verified and operating systems are susceptible to infection by spyware, there is always the possibility that the operating system or even the hardware itself could be compromised such that it captures unencrypted data before encryption and transmission. This could potentially include voice data.
RedPhone itself is not open source software, either, which could raise some security problems of its own. I discussed the matter with Moxie in IRC some months ago, and he confirmed that there were plans to make the source code available for review, but that the application itself would remain protected by a proprietary license. Without the ability to actually install from source, there is no means of direct verification of the code we actually run, and as such we must decide whether to trust that the source code we can access is the same as the source installed on the system — and that any additional source that could be included in the usable application does not change the basic security character of the software itself.
The difference between open source and source available for review is academic at this point, however. Thus far, at pre-release version 0.4, I have yet to see the source made available for review.
Even if it is not perfect, however, RedPhone is definitely a step in the right direction. It is end-to-end encryption for voice calls, easy to install and use, available on a common consumer smartphone platform. In addition, Whisper Systems has made an effort to expand the availability of its encrypted communications software into markets that particularly need them. Whisper Systems has made special provision for Android device users in Egypt.