Live: Samsung Unpacked Live Updates Apple HomePod 2 Review Apple Earnings Preview Resurrecting the Dodo COVID Health Emergency to Expire DOJ Eyes Tesla Self-Driving Tech DC's 'Gods and Monsters' Slate Salami, Sausage Recalled
Want CNET to notify you of price drops and the latest stories?
No, thank you

Encrypted cell phone foils eavesdroppers

Berlin company CryptoPhone releases a GSM mobile handset that uses encryption technology to ensure that calls can't be intercepted.

A Berlin company has developed a cell phone designed to be impenetrable to eavesdroppers.

CryptoPhone, a unit of privately held GSMK, said a European model of its encrypted GSM (Global System for Mobile Communications) phone is available immediately for $2,270 (1,900 euros), and a U.S. configuration will ship by the end of the year. Two CryptoPhones are necessary to have a secure conversation.

 "It's the only option people currently have to get trustworthy mobile encryption," Frank Rieger, GSM technical director at CryptoPhone, said in an interview Tuesday.

Other companies have developed mobile devices that use encryption, including Siemens' TopSec GSM phone and Motorola's CipherTAC module for its flip phones.

But CryptoPhone is unique in that its phone is cheaper, and the complete source code to its encryption software is available, allowing independent auditors to check for accidental bugs and intentional backdoors. For encryption, CryptoPhone uses AES256 and Twofish, two algorithms considered to be among the strongest available.

Interception of GSM calls is illegal in most, if not all, nations, but equipment to sniff and decode phone calls is readily available. GSM spy gear claims to "auto detect," decode and record conversations and "target specific numbers or randomly screen GSM mobile communication." The GSM standard itself includes a limited form of encryption, but Israeli researchers recently discovered a basic flaw in it.

"This is something that is no longer theoretical," Rieger said. "This is something that you can expect every private investigator to have in his toolset."

CryptoPhone's Web site also mentions possible eavesdropping by the National Security Agency and warns that "law-enforcement agencies have in the last years acquired an ever-rising set of capabilities, with ever-shrinking restrictions on their use." In 1998, the Los Angeles Police Department was discovered to have illegally wiretapped hundreds of telephones in violation of the law.

To make a CryptoPhone, the company buys an off-the-shelf phone from a Taiwan manufacturer (sold in the United States as an AT&T SX56) and loads its encryption code into it. The company also plans to release free encryption software for Windows computers on Nov. 23 that will interoperate with its GSM units.