CryptMyCall is a new secure VoIP phone app which lets you make encrypted phone calls over the Internet using your Android device.
Only one touch and you can call your friends with full protection and privacy.
What is needed is simple: CryptMyCall app on both Android devices.
Once you have activated a SIP account at your preferred SIP Provider, the Account section of CryptMyCall settings can be configured in few steps:
- insert your SIP username (e.g., 123456)
- insert your password
- insert the SIP server (e.g., sip.server.com).
That's all! You are now ready to communicate privately with your contacts.
Security is based on the well-known ZRTP protocol. ZRTP is a
cryptographic protocol that allows to negotiate the keys for
encryption between two endpoints. It ensures both the authentication between the communication partners and the confidentiality of the information exchanged.
ZRTP is able to protect from one of the most dangerous threats of the VOiP communication: the Man In The Middle
MITM, i.e., when someone can hear your VoIP conversations without being discovered.
The protection from MITM is granted by two security features:
- in the first communication the communicating parties verbally cross-check a shared value displayed at both endpoints;
- according to the key continuity, new sessions between the same partners are encrypted exploiting part of the last used key preserving the first verbal authentication.
ZRTP requires no prior shared secrets and does not rely on a
Public key infrastructure (PKI) or on certification authorities.
Different keys are generated at the beginning of each session through a Diffie-Hellman key exchange protocol.
This allows to bypass the complexity of creating and maintaining a trusted third-party.
CryptMyCall recognizes automatically whether the communicating partners are capable of supporting encrypted communication. If your partner does not have CryptMyCall on his/her device, you can still establish a simple VoIP communication. In this case CryptMyCall alerts you, through a message clearly visible on the screen, that the communication is not encrypted.
CryptMyCall is password-protected, and the password can be chosen by you. This way, nobody can use your CryptMyCall application without your authorization.
Tags: zrtp , cryptmycall , hushcrypt , encrypted calls , zrtp callcentric