Quasar IV Cipherphone: The smartphone with encryption built in

Quasar IV Cipherphone: The smartphone with encryption built in

Summary: Worried about the NSA and other online eavesdroppers? Then startup QSAlpha is working on the smartphone for you.

SHARE:

Startup QSAlpha, developer of advanced digital security solutions for mobile device users, has announced the launch of an Indiegogo crowdfunding campaign for its new secure Android-based Quasar IV Cipherphone.

QuasarIV Secure Smartphone
Get ready to say hello to Quasar IV, the smartphone with serious encryption built-in.

The Quasar IV Cipherphone is being designed to enable users to access and protect their entire digital world—phone calls, email, mobile apps, SMS, cloud storage and more—using Quatrix.

Quatrix combines trusted authentication and encryption by generating a pair of public and private keys for each user from 16x16x4 three-dimensional matrices, certifying the user’s unique identity and protecting the transmission of information. With 1077 public and private key pairs available, the company claims Quatrix can provide unique digital identities for the entire global cyberspace population.

“Anytime people exchange data through their smartphones, they take a risk. Unsecured mobile data and applications are the biggest dangers facing the digital world today,” said Steve Chao, founder and CEO of QSα in a statement.

But, by using this technology Quasar IV users will be able to make VoIP calls, as well as send/receive emails and text messages. Conventional smartphones authenticate data via public key infrastructure that is stored online. No matter how many times a user changes passwords, thieves and other unauthorized entities can impersonate a user’s identity if they gain control over the third party authentication server or by intercepting the "secure" communications enroute

According to the company, "Quasar IV, by contrast, uses a seed public matrix stored on the user’s phone to compute and authenticate both ends of any communication event. The seed public matrix functions as a mediator, verifying the two identities and ensuring privacy for texts, emails, file transmissions and voice calls.

“If at all possible, cracking just one private and public key combination would be extremely difficult,” claimed Chao. “This is how Quasar IV, Quatrix and QuaWorks differ from any mobile security solution in the market.”

To use this technology, you'll need to use Quatrix enabled applications. These will be made available by the QuaStore, which features "apps that are digitally signed by the original developers to ensure they are free from the widespread malware and viruses that disrupt mobile phone use."

"Quatrix is a layer that runs on top of Android that protects Android from intrusion," said Shane Remington, co-founder of Peppermint Linux and QSAlpha CTO, in an Mountain Xpress interview, "It also protects your identity, and there are tools within Quatrix that will allow you to encrypt all of your conversations and everything you do on the Web."

Remington added that communications from a Quasar phone to a normal device will not be encrypted. So, to really use the phone correctly you'll need to use it with other people using other Quatrix-enabled devices. If your business has serious security concerns, these smartphones may well be worth the price.

The phone itself uses Android 4.3. It will include a 5-inch 1080p HD display, a 2.3GHz quad-core Qualcomm Snapdragon 800 CPU and either 64GB or 128GB encrypted local storage options. It also comes with 128GBs of encrypted cloud storage.

The Quasar IV will also pack 3GB RAM, a microSD card slot, and a 3,300mAh battery. It will also include dual rear facing 13-megapixel Sony cameras and an 8-megapixel front-facing camera.

The Quasar IV cipherphone and its QuaWorks ecosystem are expected to debut in April 2014. To get the phone itself off the ground, the company is seeking to raise 3.2-million dollars on Indiegogo. The Quasar IV will retail for $785, but the first 350 people to contribute $495 will also qualify for one.

Related Stories:

Topics: Mobility, Android, Linux, Security, Smartphones

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

13 comments
Log in or register to join the discussion
  • Secure?

    Whaddaya wanna bet the NSA actually runs this company, LOL!
    dsf3g
    • Secure.

      Haha. Oh, I can promise you that they don't.
      KStipe
    • No. Sounds like the NSA will be able to use any of

      the thousands of security holes in android 4.3 to go in under this and cripple it. That is if they're not already able to decrypt it simply. Otherwise yes this would make a good terrorist phone. Maybe they should name it the jihadi or something.
      Johnny Vegas
      • Better not say "Jihadi"

        Because the terrorists just exploit that term and it's meanings to justify their acts. Jihadi is someone who stands to protect his homeland, the poor and devotes his life for the betterment of the society, fights the evil inside him to purify his soul and the evil in the society to show others the right path.

        Oh, the phone is a great Spy tool by the way. I am sure some "official" Spy networks are gonna try it out ;) unless they have better alternatives, or even take an inspiration.
        jawadwaseem
  • Didn't they already invent this phone?

    Last I heard it went by the name "BlackBerry"
    Mac_PC_FenceSitter
    • No, Blackberry has back doors

      I believe that Blackberry has back doors for the authorities.

      You also really need to send your data through non-US servers, and servers that are not in countries that belong to the Five-Eyes agreement (the five-eyes countries harvest data and then exchange the results). Possibly Iceland would be a good place to base your servers.

      Security is a pretty serious matter. All journalists should be using very secure servers and phones, otherwise government authorities will get wind of what stories are brewing.
      Vbitrate
  • Good call!

    Even "Better than nothing" is welcome!
    Gonzalo_VC
  • Only 1077 "public and private key pairs available"?

    That isn't enough to secure a small village, let alone the "entire global cyberspace population".

    Oh, and the fact that none of you other commentards noticed this? Shows how much you lot know about security.
    ldo17
    • Just a typical Steven screwup.

      From the vendor: By using state-of-the-art cryptography, we have developed a methodology to create up to 10^77 public and private key pairs

      That 1077 Steven mentioned is actually something more like 10, with 77 zero's after it combinations if I remember my maths correctly.

      Steven in his normal high quality reporting habits just completely screwed up, as usual.
      Cynical99
      • Re: 10^77

        Which sounds more like 2^256. In other words, they're using 256-bit keys. Which is fine for secret-key encryption, but not good enough for public-key; the minimum recommendation for the latter is 2048 bits nowadays, with some even going to 3072 bits.

        But the burning question on everyone's lips nowadays, in light of the NSA's attempts at weakening encryption security, is: how good is their RNG?
        ldo17
        • I'll admit, this is out of my arena

          so I'm not qualified to debate the intricacies of key length and the rest. Though, my limited research shows that anyone cracking security systems only goes after the cypher as a last resort. The process and supporting systems around the cypher are weak spots.

          Not knowing the processes used in the phone, and what potential weaknesses may be in those supporting processes, I must assume the NSA will find something to compromise the overall security of the phone.

          I'd be disappointed if they didn't.
          Cynical99
  • The NSA probably already has an attack outlined

    for devices like this. After all, this isn't their first rodeo.

    While they've got lots and lots of neat pictures and a great sales pitch (http://www.indiegogo.com/projects/qsalpha-quasar-iv), one must wonder about how this system is actually implemented.

    The implementation is where the attacks will normally come from. The cyphers are probably as strong as advertised, and the lack of public servers eliminates one weak spot from the implementation of most encryption systems, but . . . . .

    Every system created by man (and women to be politically correct) is flawed. Therefore, any system may be broken if the information is deemed valuable enough to expend the resources to do it. Some systems are just easier than others, as history has shown.

    If the NSA wants to expend the energy, they'll simply buy a couple units and reverse engineer them. Once the code is downloaded, they'll find the flaws in the system, or a method to reduce the time required for brute force cracking, or something else.

    The NSA has the advantage as well. Bottomless pit of secret piles of money, incredible human resources, and probably more super computers than the rest of the planet combined. Once the phone is released, it's a static device.

    NSA = Cat, Phone = Mouse.

    Let the games begin!
    Cynical99
  • How about the "meta-data"?

    As I understand it, the phone will encrypt communications -- text messages, email, voice calls, IMs (?), etc. That still won't prevent agencies such as the NSA from digging through carriers' records to see whom you've been communicating with, or even from where (location-based services, or LBS). Same with other service providers (e.g., social networks). The meta-data can't be encrypted, otherwise your carrier won't be able to do anything with your call. Or, if it's encrypted, you can be sure that the carriers will be under pressure from the authorities to produce the keys.
    Daniel Escasa