The interception of telecommunications traffic has become an important economic sector. Secret services and private organisations routinely intercept calls that may provide sensitive political, military or business information. The use of interception devices has become so widespread, simple and uncontrolled that you must assume that the records of your private calls will fall into the wrong hands. Wireless mobile phone tapping equipment is now available in stores at such a low cost that it is often used even in relatively minor business conflicts.
Using encryption to protect your privacy is the right choice. But it has become difficult to obtain strong and trusted encryption. „Proprietary“ or „secret“ algorithms of dubious quality, backdoors and encryption that is too weak to protect against the power of modern computers are common in the telecommunications market. Marketing phrases are used to cover up these traps. Some suggest that one must rely on „the secrecy of the protected algorithms“, a concept that has often failed in history. Or they offer a „certificate“ to ensure that their encryption is good. The „certificate“ is often issued by the same secret service that is actually responsible for monitoring telecommunications traffic.
Now there is a solution that you can trust because it can be verified by you or your own experts. The PKI 2820 CryptoPhone products are the first phones with end-to-end encryption available with full source code for independent verification. Finally, you can perform an independent assessment to ensure that there is no weak encryption and no backdoors in the encryption system to which you can entrust your telecom security. You don’t have to believe us when we say it’s secure – you can verify this claim to yourself.
PKI 2820 CryptoPhones are not black box devices with scarce technical information like other products on the market. We give you all the details about their inner workings. PKI 2820 CryptoPhones allow you to put trust where it belongs – in a trustworthy, open and scientific verification process. The PKI 2820 CryptoPhone technology is based on well-researched, strong encryption algorithms – AES, Twofish and Diffie-Hellman. Very long encryption keys provide security today and in the future (see Encryption Overview for details).
Ease of use
The PKI 2820 CryptoPhone products are easy to use. PKI develops products specifically for users without technical background or knowledge. A simple and clear user interface and modern, fully featured devices are the basis of the PKI 2820 CryptoPhone products. Our secure phones are based on the latest mobile phone and PDA hardware, so you can buy accessories through your regular retail channels. You won’t get suspicious looks at the airport or at border control, because to the casual observer the PKI 2820 CryptoPhone devices are indistinguishable from a normal mobile phone.
Secure calls
Secure end-to-end encrypted Voice over IP calls on any network – 2G, 3G, 4G, WLAN. Strongest and most secret algorithms available today. AES256 and Twofish. 4096 bit Diffie-Hellman key exchange with SHA-256 hash function. Read-out hash based key authentication. Autonomous key generation, no pre-installed key material. Encryption keys are securely and immediately deleted from the device after each call.
Fully interoperable, secure communication system
All PKI CryptoPhones – from the very first CryptoPhone devices to the very latest CryptoPhone model – are fully interoperable. The fixed and satellite products work with each other and with any PKI CryptoPhone product. You can easily build a complete secure communication system based on trusted CryptoPhone products. New CryptoPhone models are released synchronously with the product innovation cycle of the standard mobile phone industry. This ensures that users always receive a state-of-the-art device. But you don’t have to worry about interoperability, everyone works seamlessly together. PKI even offers free Windows software for download that is interoperable with all CryptoPhone devices. So in the event of an emergency or lost device, you can always establish secure communications with just a notebook and a phone line.
Secure mobile phone for professional users with 360° protection, hardened operating system, baseband firewall, tamper-proof hardware and end-to-end encryption of voice and messages
Secure messaging
Based on the same strong encryption algorithms used for the PKI 2820 CryptoPhone voice encryption 4096 bit Diffie-Hellmann initial key exchange, AES256 and Twofish message encryption with 256 bit key.
Device protection
Hardened operating system with secure boot and device runtime integrity checks
Secure Android operating system from source code with granular security management and optimized, security enhanced components and communication stacks. Seamless, secure boot chain with secure boot, kernel, recovery, kernel object and APK signature keys. Runtime checks of core applications and services ensure that only signed and trusted code is loaded onto the device.
Configurable OS Security Profiles
Hardware module controller and permission enforcement module control access to the network, data and sensors (camera, microphone, etc.), keeping control of your individual security policies.
Baseband firewall 2.0
Unique protection against over-the-air attacks with constant monitoring of baseband processor activity. Detects baseband attacks and takes countermeasures. Automatic detection of IMSI catchers and rogue baseband stations. Detection of attempts to track the user’s location via SS7 or silent SMS.
Tamper-proof, tamper-proof hardware design
Dedicated hardware security modules with CPU-spervisor, watchdog timer, on-chip temperature sensor and removal-resistant coating Shield removal detection circuit and Environmental Failure Protection (EFP) for temperature, voltage, internal clock frequency and duty cycle by instantaneous circuit reset Supports the highest security level requirements of FIPS 140-2 and Common Criteria.
Compatibility
Fully compatible with all secure PKI CryptoPhone IP mobile, desktop and satellite phones, including all secure phones of the PKI CryptoPhone 400, 450, 500/500i and IP19 series and the PKI CryptoPhone IP PBX Gateways.
The PKI 2820 CryptoPhone offers with this model an extremely secure desktop phone for professional users with all-round protection. It offers a hardened operating system and end-to-end encryption of voice and messages. With PKI you can make secure, end-to-end encrypted Voice-over-IP calls.
With the PKI 2820 CryptoPhone model, users get the strongest and most secure algorithms available today – AES256 and Twofish. 4096-bit Diffie-Hellmann key exchange with SHA-256 hash function. Read-out hash based key authentication. This model involves continuous autonomous key generation. No pre-installed key material is used. Encryption keys are securely and immediately deleted from the device after each call. Based on the same strong encryption algorithms used for PKI CryptoPhone voice encryption – 4096 bit Diffie-Hellmann initial key exchange, AES256 and Twofish message encryption with 256 bit keys.
Trusted Platform Module (TPM) for platform measurement and certification
Trusted Computing Group (TCG) TPM Specifications Level 2 Version 1.2, Revision 116. Active shield and environment sensors Memory Protection Unit (MPU). Hardware and software protection against error injection.
Encrypted storage
Encrypted storage system for contacts, messages and notes with smart folders protects dormant data from unauthorized access
Verifiable source code
The PKI 2820 CryptoPhones are the only secure mobile phones on the market whose source code is available for independent security assessments. This enables individual source code audits according to national and international verification and certification standards, which are designed to verify the integrity mechanisms of the devices, the correct implementation of all encryption algorithms and the absence of backdoors.
| 360° security: end-to-end encrypted voice and message transmission on a fully armored platform |
|---|
| High-level CryptoPhone security |
| IP67 Water and dust protection |
| MIL-STD-810G shockproof |
| Touch screen operable with gloves |
| Extremely resistant mechanical construction |
| Complete source code available for review |
| Hardened Android OS |
| Emergency delete function |
| Made in Germany |
A hardened operating system with security-optimized components and communication stacks protects the device against external attacks.
An encrypted storage system for contacts and messages protects the data from unauthorized access.
PKI CryptoPhones are among the only secure mobile phones on the market whose source code is available for independent security assessments. This enables individual source code audits according to national and international verification and certification standards to verify the integrity mechanisms of the devices, the correct implementation of all encryption algorithms and the absence of backdoors. State-of-the-art graphical user interface, for comfortable operation in combination with future-proof and reliable hardware.
PKI offers with the model PKI 2820 CryptoPhone an absolutely secure mobile phone for professional users with all-round protection. It offers a hardened operating system, a baseband firewall, tamper-proof hardware and end-to-end encryption of voice and messages.
Secure calls
The PKI 2820 CryptoPhone provides secure end-to-end encrypted Voice over IP calls on any network – 2G, 3G, 4G and WLAN. It features the strongest and most secret algorithms available today. AES256 and Twofish. 4096-bit Diffie-Hellman key exchange with SHA-256 hash function and read hash-based key authentication. It provides autonomous key generation, no pre-installed key material is used. All used encryption keys are securely and immediately deleted from the device after each call.
Secure messaging
Based on the same strong encryption algorithms used for PKI CryptoPhone voice encryption 4096 bit Diffie-Hellmann initial key exchange, AES256 and Twofish message encryption with 256 bit key.
Device Protection
The PKI 2820 CryptoPhone uses a hardened operating system with secure boot and device runtime integrity checks Secure Android operating system from source code with granular security management and optimized, security enhanced components and communication stacks. Seamless, secure boot chain with secure boot, kernel, recovery, kernel object and APK signature keys. Runtime checks of the PKI 2820 CryptoPhone core applications and services ensure that only signed and trusted code is loaded onto the device.
Configurable OS Security Profiles
Hardware module controller and permission enforcement module control access to the network, data and sensors (camera, microphone, etc.), keeping control of your individual security policies.
Baseband firewall 2.0
PKI 2820’s unique protection against over-the-air attacks with continuous monitoring of baseband processor activity. Detects baseband attacks and initiates countermeasures. Automatic detection of IMSI catchers and rogue base stations. Detection of attempts to track the user’s location via SS7 or silent SMS.
Tamper-proof hardware design
Dedicated hardware security modules with CPU-spervisor, watchdog timer, on-chip temperature sensor and removal-resistant coating Shield removal detection circuit and Environmental Failure Protection (EFP) for temperature, voltage, internal clock frequency and duty cycle by instantaneous circuit reset PKI 2820 supports the highest security level requirements of FIPS 140-2 and Common Criteria.
All-round security: end-to-end encrypted voice and message transmission on a fully protected platform
- High-level CryptoPhone security
- IP67 Water and dust protection
- MIL-STD-810G shockproof
- Touch screen operable with gloves
- Extremely resistant mechanical construction
- Complete source code available for review
- Hardened Android OS
- Emergency delete function
Trusted Platform Module (TPM) for platform measurement and certification
Trusted Computing Group (TCG) TPM Specifications Level 2 Version 1.2, Revision 116. Active shield and environment sensors Memory Protection Unit (MPU). Hardware and software protection against error injection.
Encrypted storage
Encrypted storage system for contacts, messages and notes with smart folders protects dormant data from unauthorized access
Verifiable source code
PKI CryptoPhones are the only secure mobile phones on the market whose source code is available for independent security assessments. This enables individual source code audits in accordance with national and international verification and certification standards, which are designed to verify the integrity mechanisms of the devices, the correct implementation of all encryption algorithms and the absence of backdoors.