Concept
The TMP CryptoPhone Closed User Group (“CUG”) system offers the capability to have different closed user groups with their own group keys. In a closed user group scenario, each CryptoPhone is assigned to one or more groups.
Secure calls can be established if and only if both the calling and the called party belong to the same group.

Group membership is established via a 256-bit group key. This is a symmetric key that is identical for every device belonging to the group. The session key for secure communication is derived from both the group key and the result of the CryptoPhone’s Diffie-Hellman key exchange operation. Thus, it is as secure as the plain Diffie-Hellman key exchange, but in addition, knowledge of the group key is required to derive the session key, effectively enforcing
strict group call policy. Secure communication attempts between members of different groups will fail.

In Cryptophone devices belonging to multiple groups, automatic selection of matching call groups is offered based on a group key system with multiple hierarchies.

Implementation
Mobile Devices
In a CUG system, group key material needs to be stored on the device for authentication. All CryptoPhones that shall participatein one or more closed user groups must be individually loaded with their respective group keys by means of a central Key Management Console before use.

An organization that deploys a TMP CryptoPhone CUG system has full autonomus control of the group keys. To prevent the group key material on the mobile devices from falling in the wrong hands when a device gets lost, stolen, or captured, secure storage is implemented on all devices using group key material.

Trustworthy Voice Encryption
The TMP CryptoPhone CUG System comes with full source code available for independent review. Finally, you can perform an independent assessment to ensure that you can rely on strong encryption without any backdoors in the communications and key management devices that you entrust your security to. The TMP CryptoPhone system enables you to put the trust where it belongs – in a trustworthy, open and scientific verification process.

TMP CryptoPhone technology is based on well-researched algorithms for both encryption and voice processing. It features the strongest encryption available combined with key lengths that provide peace of mind today and in the future. TMP CryptoPhones do not simply
provide »tactical security« that lasts for a few months or years, but were designed for strategic security against future developments in cryptanalysis in the next decades.

The secure “key vault” in each phone stores the group key material for all groups of which that particular phone is a member. The secure storage section is encrypted using 256-bit AES256 and Twofish encryption in counter mode just as used for encrypted calls. Secure storage locks automatically if the phone is not to be used for some time, and then needs to be unlocked by the user with a device-specific pass phrase, such that a potential attacker will not be able to obtain group key material from a phone with locked secure storage.

Key Management Console
The central key management console (“KMC”) takes over the task of generating the group keys and programming the individual phones. The KMC is implemented on a fully ruggedized notebook computer that is compliant with military standards and that can easily be stored in a secure location when not in operation. The KMC holds a central database of all group keys.
The operator at the KMC can create individual groups and generate the cryptographic keys for these groups. All CryptoPhones that shall participate in closed user groups must be individually programmed at the KMC via their USB ports before they can participate in CUG communication. There is no limitation on the number of groups that can be generated, and a phone can belong to more than one group if so desired. The sources of randomness required at the KMC for key generation consist of a Protego R-210 USB hardware true random number generator in addition to other sources such as clock skew inside the CPU, or timing behaviour of key press events.
The „Fortuna“ algorithm, a sophisticated entropy mixing scheme, is employed to ensure that the strength of the randomness is at least as good as the best single source of entropy, just as in the regular CryptoPhone key generation process. The KMC’s hard disk is cryptographically secured with transparent hard disk encryption. Strong authentication is required for local access the KMC; there is no online access to the system.

Deliverables

Mobile Devices
Cryptographically signed firmware upgrade with group key functionality for all TMP CryptoPhone mobile and satellite encryption products that are to be made part of the closed user group system delivered on CD or SD cards.

• Factory-installed firmware and hardware upgrade incl. group key memory modules for all TMP CryptoPhone fixed-line encryption products that are to be made part of the closed user group system.

Key Management Console
Fully ruggedized, moisture, vibration, shock, drop and dust-resistant MIL STD 810-F compliant stand-alone notebook PC:

• Dimensions & weight: 271 x 49 x 216mm, 2.3 kg
• Display: Daylight-readable 550 nit 10.4” TFT active matrix color display with XGA resolution
• Durability: Full magnesium alloy case with hand strap, shock - mounted removable hard disk in stainless steel case, sealed connector covers
• Connectivity: 2 x USB, 1 x IEEE1394a, 1 x RS232 serial port, PC Card Type I /II, Secure Digital SDHC and ExpressCard /54 slots
• Battery: 5700mAh Li - Ion for up to 7 hours of operation without AC power
• Access control: Utimaco SafeGuard access control and transparent hard disk encryption
• True random number generator: Fail-safe Protego R-210 USB TRNG with HCIA processing and built-in radio frequency filter

Optional Accessories

• KMC SmartCard reader
• KMC vehicle port replicator
• TMP CryptoPhone PSTN/1 group key replacement modules
• 12V car chargers