Overblog Follow this blog
Edit post Administration Create my blog

combined RSS feed

Silent Circle Smartphone Encryption

Posted on February 8 2013 by secret santa

"By design, Silent Circle’s server infrastructure stores minimal information about its users. The company, which is headquartered in Washington, D.C., doesn’t retain metadata (such as times and dates calls are made using Silent Circle), and IP server logs showing who is visiting the Silent Circle website are currently held for only seven days. The same privacy-by-design approach will be adopted to protect the security of users’ encrypted files. When a user sends a picture or document, it will be encrypted, digitally “shredded” into thousands of pieces, and temporarily stored in a “Secure Cloud Broker” until it is transmitted to the recipient. Silent Circle, which charges $20 a month for its service, has no way of accessing the encrypted files because the “key” to open them is held on the users’ devices and then deleted after it has been used to open the files. Janke has also committed to making the source code of the new technology available publicly “as fast as we can,” which means its security can be independently audited by researchers.

The cryptographers behind this innovation may be the only ones who could have pulled it off. The team includes Phil Zimmermann, the creator of PGP encryption, which is still considered the standard for email security; Jon Callas, the man behind Apple’s whole-disk encryption, which is used to secure hard drives in Macs across the world; and Vincent Moscaritolo, a top cryptographic engineer who previously worked on PGP and for Apple."

Comment on this post