Is it even possible on android? Is there a FOSS dialer to optionally encrypt some phone calls (non voip) using a pre-shared key with other party?

  • jet@hackertalks.com
    link
    fedilink
    English
    arrow-up
    19
    ·
    edit-2
    7 months ago

    See : https://en.m.wikipedia.org/wiki/Secure_voice

    It’s all about bandwidth. At a minimum cellular voice signals have 4.7 kilobits of bandwidth per second.

    Plus the cell phone network and the cell phones themselves, work really really hard, at compressing that data stream for human voices only.

    So if you’re going to use some acoustic coupling to send data acoustically over the cellular network, you’re not going to get 4.7 kilobits per second, you’re going to get less than that.

    Encrypting your voice stream, is going to take some bandwidth, so let’s say there’s a 10% overhead, so we’re at about 4 kilobits per second of total voice bandwidth after encryption.

    http://www.whence.com/minimodem/ is a neat program that does software audio encoding and decoding so you could run a virtual modem from your desktop or phone.

    Here is a demonstration of the general concept: https://www.youtube.com/watch?v=uQqWHLZjOjA

    https://spectrum.ieee.org/why-mobile-voice-quality-still-stinksand-how-to-fix-it

    Here is some secure voice modulation demonstrations that you could use as a starting point: https://www.youtube.com/watch?v=BLKHf40K0Wk

    This program does exactly what you want. Implement secure voice in software. You would just have to transmit this over your cell phone. It’s possible this could be built out for Android for your specific use case, but right now it’s built for generalized radio transmission. So you could build two of these, for either party. And connect via audio call over the cell phone. You just might not get as much bandwidth, and call quality as you want. You’d have to keep reducing the settings until it worked

    https://github.com/aarmono/crypto_transceiver_instructions

    One big obstacle, is you’re going to have to do physical key exchange for your endpoints. If you use the internet for that key exchange, you might as well use encrypted voip.

    • refalo@programming.dev
      link
      fedilink
      arrow-up
      10
      ·
      7 months ago

      OP doesn’t say where they are, but at least in the US, there is no more such a thing as the “cellular network” like the old circuit-based analog systems or 2G/3G, practically everything is VoIP now. All carriers are requiring VoLTE at a minimum which is IP-based (and so is everything that will come after it). So to me, using a different app like Signal is not going to be a huge difference in quality as long as the codec being used is a similar bitrate to what VoLTE uses (AMR-WB I think at a minimum).

      • jet@hackertalks.com
        link
        fedilink
        English
        arrow-up
        8
        ·
        edit-2
        7 months ago

        Agreed. It’s a fun thought experiment. You have an acoustic tunnel. It may be transited over VoIP it may not. You can use that acoustic tunnel however you like, so implementing secure voice via audio is doable even if the underlying network turns it into VoIP

        For what it’s worth signal voice quality is much much much much much much much higher, because it can use more bandwidth, then cellular voice connections

  • Syn_Attck@lemmy.today
    link
    fedilink
    arrow-up
    13
    ·
    7 months ago

    Signal is a great example of this but I don’t think you’ll find any ways to do it non-VoIP.

  • solrize@lemmy.world
    link
    fedilink
    arrow-up
    9
    ·
    edit-2
    7 months ago

    non voip

    I think this is not doable. You don’t have access to the voice codec to start with, and the phone at the other end generally won’t receive the bit stream coming out of it anyway. With a non-rooted phone it’s hard to even get to the voice stream. You might be able to send subliminal encrypted text messages through a voice channel and that could be kind of cool, and hard to detect. That idea has been around for a while but I don’t know of existing software that does it.

    With VOIP, of course there are many encrypted systems available.

    Added: also I assumed throughout that you meant present day mobile phones. With land phones at both ends, it may still be doable using dialup modems, but that was a 1990s thing and was pretty awful when you got down to it. It existed though.

  • umami_wasabi@lemmy.ml
    link
    fedilink
    arrow-up
    5
    ·
    edit-2
    7 months ago

    Instead of fiddling with the limitation on Android set by Google, I think a custom crypto DAC/ADC would be far eaiser, though you need both hard and software knowledge to accomplish this. It also came with the added benefit of not processing cryptographic operations on a black box.

    Still, I don’t know what goal you want to achieve and threat model is. If you are just curious if this possible, the answer will be ye with tons of hops amd hacks. If you really want security, I will advise you go another route.

    • MrSoupOP
      link
      fedilink
      arrow-up
      2
      ·
      7 months ago

      Just curious really, would be cool using cellular network with an encrypted signal. Here some telcom companies offers infinite calls minutes but limited GBs of internet, so making voip calls would use those GBs.

  • kora@lemmy.blahaj.zone
    link
    fedilink
    arrow-up
    4
    ·
    7 months ago

    My understanding of the way a phone call works leads me to believe the data would not survive the dynamic compression done at the various transmission points like towers, relays, or the occasional satellite. If neither party is moving and the towers in use do not change in load, it might be possible, but at that point you’re more tethered down than if you used a VPN.

  • Scolding0513@sh.itjust.works
    link
    fedilink
    arrow-up
    3
    ·
    7 months ago

    there are some obscure hardware options for this but hardware based audio encryption is mostly just enterprise stuff, it’s very difficult for a consumer to obtain

    • MrSoupOP
      link
      fedilink
      arrow-up
      1
      ·
      7 months ago

      Isnt enough software encryption like with voip calls (like telegram)?

      • umami_wasabi@lemmy.ml
        link
        fedilink
        arrow-up
        4
        ·
        edit-2
        7 months ago

        It’s on a different stack. Telegram (and VoIP) operates on the network stack, cellular call is working on the GSM/LTE stack. Networkin stack is more opened and free to do what you want; GSM/LTE stack have many proprietary tech that’s is not open to everyone.

  • ReversalHatchery@beehaw.org
    link
    fedilink
    English
    arrow-up
    2
    ·
    7 months ago

    This should be possible to do it software, but I don’t know about any apps or something else that deals with this. You would probably also need a rooted phone for it to work.

    • MrSoupOP
      link
      fedilink
      arrow-up
      1
      ·
      7 months ago

      Why should I need a rooted phone? Can’t dialer apps send whatever they want through cellular network?

      • umami_wasabi@lemmy.ml
        link
        fedilink
        arrow-up
        2
        ·
        edit-2
        7 months ago

        Yes and no. Google put some limitation on the software side. For example, you can’t do call record unless you’re in a country isn’t two party consent.

      • ReversalHatchery@beehaw.org
        link
        fedilink
        English
        arrow-up
        1
        ·
        7 months ago

        Maybe I’m wrong, but I think it’s not the dialer app that operates the microphone, or at least it does not have total control over it, to record something and pass something else to the system.

  • shortwavesurfer@monero.town
    link
    fedilink
    English
    arrow-up
    1
    ·
    7 months ago

    Not that I’m aware of phone calls traversed the cellular network and are uncrypted. Okay, well that’s not exactly true. They are encrypted, but the cellular network has the decryption key. That way nobody on the air can listen to the call, but the cell company can record it.