Is it even possible on android? Is there a FOSS dialer to optionally encrypt some phone calls (non voip) using a pre-shared key with other party?
- jet ( @jet@hackertalks.com ) English16•6 months ago
See : https://en.m.wikipedia.org/wiki/Secure_voice
It’s all about bandwidth. At a minimum cellular voice signals have 4.7 kilobits of bandwidth per second.
Plus the cell phone network and the cell phones themselves, work really really hard, at compressing that data stream for human voices only.
So if you’re going to use some acoustic coupling to send data acoustically over the cellular network, you’re not going to get 4.7 kilobits per second, you’re going to get less than that.
Encrypting your voice stream, is going to take some bandwidth, so let’s say there’s a 10% overhead, so we’re at about 4 kilobits per second of total voice bandwidth after encryption.
http://www.whence.com/minimodem/ is a neat program that does software audio encoding and decoding so you could run a virtual modem from your desktop or phone.
Here is a demonstration of the general concept: https://www.youtube.com/watch?v=uQqWHLZjOjA
https://spectrum.ieee.org/why-mobile-voice-quality-still-stinksand-how-to-fix-it
Here is some secure voice modulation demonstrations that you could use as a starting point: https://www.youtube.com/watch?v=BLKHf40K0Wk
This program does exactly what you want. Implement secure voice in software. You would just have to transmit this over your cell phone. It’s possible this could be built out for Android for your specific use case, but right now it’s built for generalized radio transmission. So you could build two of these, for either party. And connect via audio call over the cell phone. You just might not get as much bandwidth, and call quality as you want. You’d have to keep reducing the settings until it worked
https://github.com/aarmono/crypto_transceiver_instructions
One big obstacle, is you’re going to have to do physical key exchange for your endpoints. If you use the internet for that key exchange, you might as well use encrypted voip.
- refalo ( @refalo@programming.dev ) 6•6 months ago
OP doesn’t say where they are, but at least in the US, there is no more such a thing as the “cellular network” like the old circuit-based analog systems or 2G/3G, practically everything is VoIP now. All carriers are requiring VoLTE at a minimum which is IP-based (and so is everything that will come after it). So to me, using a different app like Signal is not going to be a huge difference in quality as long as the codec being used is a similar bitrate to what VoLTE uses (AMR-WB I think at a minimum).
- jet ( @jet@hackertalks.com ) English5•6 months ago
Agreed. It’s a fun thought experiment. You have an acoustic tunnel. It may be transited over VoIP it may not. You can use that acoustic tunnel however you like, so implementing secure voice via audio is doable even if the underlying network turns it into VoIP
For what it’s worth signal voice quality is much much much much much much much higher, because it can use more bandwidth, then cellular voice connections
- Syn_Attck ( @Syn_Attck@lemmy.today ) 9•6 months ago
Signal is a great example of this but I don’t think you’ll find any ways to do it non-VoIP.
- catloaf ( @catloaf@lemm.ee ) English7•6 months ago
https://en.wikipedia.org/wiki/Acoustic_coupler
Slap your phone in one of those bad boys and go to town with your TST 3550 or whatever.
As for cell phones, I don’t think it’s really supported. I’d recommend using a separate encrypted calling app, or getting a dedicated encrypted phone device.
- umami_wasabi ( @umami_wasbi@lemmy.ml ) 4•6 months ago
Instead of fiddling with the limitation on Android set by Google, I think a custom crypto DAC/ADC would be far eaiser, though you need both hard and software knowledge to accomplish this. It also came with the added benefit of not processing cryptographic operations on a black box.
Still, I don’t know what goal you want to achieve and threat model is. If you are just curious if this possible, the answer will be ye with tons of hops amd hacks. If you really want security, I will advise you go another route.
Just curious really, would be cool using cellular network with an encrypted signal. Here some telcom companies offers infinite calls minutes but limited GBs of internet, so making voip calls would use those GBs.
- kora ( @KillingAndKindess@lemmy.blahaj.zone ) 4•6 months ago
My understanding of the way a phone call works leads me to believe the data would not survive the dynamic compression done at the various transmission points like towers, relays, or the occasional satellite. If neither party is moving and the towers in use do not change in load, it might be possible, but at that point you’re more tethered down than if you used a VPN.
- ReversalHatchery ( @ReversalHatchery@beehaw.org ) English2•6 months ago
This should be possible to do it software, but I don’t know about any apps or something else that deals with this. You would probably also need a rooted phone for it to work.
Why should I need a rooted phone? Can’t dialer apps send whatever they want through cellular network?
- umami_wasabi ( @umami_wasbi@lemmy.ml ) 3•6 months ago
Yes and no. Google put some limitation on the software side. For example, you can’t do call record unless you’re in a country isn’t two party consent.
- ReversalHatchery ( @ReversalHatchery@beehaw.org ) English1•6 months ago
Maybe I’m wrong, but I think it’s not the dialer app that operates the microphone, or at least it does not have total control over it, to record something and pass something else to the system.
- shortwavesurfer ( @shortwavesurfer@monero.town ) English1•6 months ago
Not that I’m aware of phone calls traversed the cellular network and are uncrypted. Okay, well that’s not exactly true. They are encrypted, but the cellular network has the decryption key. That way nobody on the air can listen to the call, but the cell company can record it.
Can’t the signal be encrypted first by client and then sent to cellular network?
- shortwavesurfer ( @shortwavesurfer@monero.town ) English2•6 months ago
With audio encryption hardware, sure. Speak into that and feed its output to the mic on the phone
- ReversalHatchery ( @ReversalHatchery@beehaw.org ) English2•6 months ago
I think they are interested in a purely software solution
- shortwavesurfer ( @shortwavesurfer@monero.town ) English2•6 months ago
I think you’re right. I know for a fact that I do not know of any, not for regular phone calls. Obviously if you want to use the internet and data, there’s tons of options.