Most recently, Mega and Vodafone have announced services that would allow you to encrypt phone calls using AES, here’s why you should probably not bother.
Vodafone Offers Its Encrypted Phone Calls To Corporate Users
Corporate customers in Germany can now book a service to encrypt phone calls developed by Secusmart (a company acquired by BlackBerry Ltd.)
Currently there is only support for Android and iOS, not Windows Phone and both parties need to have the app installed on their phones. It is unclear whether Vodafone intends to offer its encrypted phone call services to consumers.
Any calls will be encrypted with an AES 128 bit key. While AES is considered ‘safe’ and is in use by the US government, it is not really fool-proof and it is very likely that 3rd-parties can buy AES exploits on the black market for a certain sum. AES exploits are outlined in this artice: Defeating AES without a PhD
Encrypted Calls: Automatically Considered ‘Suspicious’ Target
If I were to collect meta-data, I would probably split it into two groups. Group one is using non-encrypted calls that you can tap into directly and the second one is encrypted and will go straight into another database. All those who use encrypted calls are automatically targets and considered suspicious, I would focus my efforts on that group. Then, I would probably look for ways how to circumvent that encryption and buy an AES exploit on the market.
So, the question really is, why bother using an outdated encryption? Why bother and make yourself a target? It really defeats the purpose and there are only two solutions.
Solution one: Find a provider that is not using AES and rather uses a self-developed encryption algorithm.
Solution two: Communicate only via self-delivered physical forms of communication (pen & paper).
MEGA: Encrypted Chat Service With Additional File Sharing Layer
KimDotCom’s MEGA is offering a similar service for consumers, but similarly to Vodafone is using AES to encrypt files and calls.
Although MEGA could never replace a fully functional app like Skype that is tightly integrated into many existing ecosystems, the added encryption feature makes it an attractive option for sharing private files. Sharing files via Skype is working nicely, but currently lacks the encryption feature.
MEGA is obviously targeting the average consumer, whereas Vodafone is targeting business and corporate clients.
MEGA at the moment is a very rudimentary beta service and not a full-fledged solution, but is surprisingly easily to use.
Additional Resources
- Part 1 – General
- Part 2 – Remove UserAssist Entries
- Part 3 – Clean Paging File When You Shut Down
- Part 4 – Private Browsing
- Part 5 – Tor vs VPN
- Part 6 – Cryptic Fonts And Virtual OS’s
- Part 7 – Set Up Bitmessaging
- Part 8 – Flash Cookies
- Part 9 – Installing Tails on Raspberry Pi
- Part 10 – Creating encrypted containers