What makes our encrypted calls top secure.
Our security methods:
Exclusive use of Open and Standard encryption algorithms
Exclusive use of Open and Standard encryption protocols
Exclusive use of technologies subject to public peer review
Exclusive use of Open source encryption technologies
Work in a way to guarantee that no backdoor can be put in place
Avoid security through obscurity
We use Open and Standard encryption algorithms and protocols that are fruits of years of public research in cryptography certified by internationally recognized institutes such as IETF (Internet Engineering Task Force), NIST (US National institute of Standard); by major security agencies such as NSA (National Security Agency) and NATO (North Atlantic Treaty Organization).
All the encryption algorithms and security methods including Random Number Generation follow strictly the FIPS (Federal Information Processing Standards) rules.
However just using standard algorithms such as AES or Diffie-Hellman is not enough to consider an encryption technology secure and robust.
AES and Diffie-Hellman algorithms are only the building blocks of a more complex system, the encryption protocol.
The IETF (Internet Engineering Task Force) is the authority that analyzes, approves and manages all the widely used internet protocols. Besides, the IETF has a strong policy against wiretapping. It is officially described in the IETF Policy on Wiretapping RFC2804 where it affirms that no IETF protocol should have wiretapping feature included.
When a security technology uses only the standards, we can be sure that the technology has been subject to independent security peer review by scientific and security communities. In fact, the two most famous international cryptographers in the world enforce that concept:
Bruce Schneier in his “Why cryptography is harder than it looks” clearly states: “Good cryptographers know that nothing substitutes for extensive peer review and years of analysis”.
Philip Zimmermann in his “Beware of Snake Oil” explains that typical mistake made by a software company that considers itself expert just not to get subject to peer review: “Every software engineer fancies himself a cryptographer, which has led to the proliferation of really bad crypto software.”
In order for encryption technologies to be subject to peer review, they should be open not only in the algorithms and protocol specifications but also in their implementations by using only the OpenSource Encryption Engine.
We make only public use of codes that have been already audited by a huge number of security experts and used in thousands of security software.
Our solutions cannot be polluted with backdoors by design. We strongly warn users against any kind of proprietary solutions as we believe that security through obscurity does not work. Just think that in 1883, the core of modern cryptography was summarized in the La Cryptographie Militaire by Auguste Kerckhoffs stating that: “The security of a cryptosystem should not depend on keeping the algorithm secret, but only on keeping the numeric key secret”.
This simple concept represents the foundation of modern cryptography, also serves to avoid Crypto Virus that any proprietary solution can have hidden inside their code.
However, making encryption technologies in the most secure way is not enough.
Any IT or security manager knows well that if a security system is too difficult or too annoying, the final user will just avoid it. To be efficient, a security system must be extremely easy to use.. Our products carry a high degree of usability.
All voice encryption products are, by default, integrated with mobile phone’s operating system, so that the end-user does not have to change the way he uses mobile phone. To make a secure call is no different than to make a standard phone call.