Encrypt voice and email on the iPhone
Summary: Encrypting voice and email communications on an iPhone is easy -- no jailbreaking required -- but securing voice communication is very expensive.
An interesting question that caught my attention dropped into my Hardware 2.0 mailbox over the weekend.
"The more I use my iPhone, the more I feel like I'm sending and receiving a lot of important -- and potentially sensitive -- data over WiFi and 3G connections. Are there any apps that I could install onto my iPhone that would allow me to encrypt selected email and voice communications?
"I like to be able to do this without jailbreaking my iPhone."
Apple promised that "there's an app for just about anything" and, true to that slogan, there's are apps that allow you to do exactly what you want.
One of the best email encryption apps available from the App Store is called Enlocked. This app easy-to-use allows you to send and receive secure email encrypted using PGP which encrypts emails to the PGP/MIME standard. If you already have set up a working PGP infrastructure you can continue using your own keys and infrastructure for decrypting received encrypted emails.
Enlocked easy to set up, and work with all the popular email providers including Gmail, Yahoo Mail, AOL, and Microsoft Live.
Enlocked is a free, and there are versions available not just for the iPhone and iPad but also Android, Outlook, Chrome, Firefox, Internet Explorer and Safari. There's a version for BlackBerry in the pipeline.
That's the email secured, now for the voice communications, and this is where things start to get complicated -- and expensive.
To encrypt voice calls you not only need an app, but you also need to sign up for an encrypted voice service. One company that offers both is Cellcrypt, which offers government-grade security for protecting sensitive voice calls against interception..
Cellcrypt uses public key cryptography, and each phone running the software -- Cellcrypt supports iOS, Android, BlackBerry and Symbian -- has its own private key stored only on the device. When a call is made, the two devices exchange a secret session key, which is subsequently erased when the call ends.
Voice data is then double encrypted, first using a 256-bit RC4 algorithm and then again with a 256-bit AES algorithm. This encryption can a delay of about one and a half seconds when using the slower GPRS networks, but this drops to 150 milliseconds when using WiFi.
Like the app for encrypting email on iOS, the app for encrypting voice calls is free, but the encrypted voice service that you need to make it work is far from free. In fact, it comes with the very enterprise-level price tag of $1,600 per year, per device.
Depending on your budget, you might want to make do with just encrypting email communications.
Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.
Talkback
What the heck?
How safe is this encryption?
Cellcrypt is a defense contractor and supplier of encrypted call services to the government. Does anyone really believe they can't just grab cleartext copies of the calls somehow?
This stuff may just be an expensive way of adding oneself to a government watch list, as part of their total information awareness approach (which doesn't exist, of course).
You might be more secure communicating with pieces of tape on 'No parking' signs and moving your lawnchair about on your balcony as a signal for a 3AM meeting in a parking garage.
I think that issue goes well beyond Apple
Who holds the keys
Litigious Apple
Given the litigious, cry baby atitude displayed by Apple, what is next? Will Apple start suing reviewers who don't like Apple? Perhaps start suing any reviewer who likes Samsung?
Sour Apple or Crab Apple
How about Sour Apple 5S, or Crab(bie) Apple?