• Crypto Phone
• Stacked Linux-based CPhone Brainstorming

Scott and Tyler began discussing a system for secure GSM-based voice communication on 2008-12-14.

Currently, the system is comprised of 4 layers:

1. Audio codec

   • MP3 for proof-of-concept?

2. Crypto engine

   • AESPipe for proof-of-concept?
   • Protects against temporal analysis (side channel?) attacks, if any.
   • Desired feature: can utilize an existing GPG keyring.

3. Error-correction engine

   • Tuned for the clicks and pops present on a typical cell network.

4. Steganographic engine

   • Operates on WAV audio data. We assume WAV data is available from the GSM device.
   • Necessary if you wish to hide from the telco or anyone that is capable of listening

PHASE 1 Initial Proto-type on Linux PC

• RC4 Stream-cypher Library
  • Send/Receive Text
  • Send/Receive Audio
• Connect RC4 Mic/Speaker (Local Loop)

  • Record a sound bite --> rc4

  • rc4 --> playback

• Connect RC4 up to TCP/IP
  • Test (local and remote loop)

PHASE 2 Audio Routing with the Neo Freerunner/1973

• Implement Phase 1 Prototype
  • Code should have been made portable so that only testing is required
• Implement Phase 1 Prototype using GSM connection.
  • Route PCM Audio to GSM Output (See resource below [1973 page])
  • Consider forcing the output through some sort of band threshold to keep squeals, ticks, pops in the right freq. range
    • (vocal band)?
• Audio Subsystem Resources

  • http://wiki.openmoko.org/wiki/Neo1973_Audio_Subsystem

  • http://wiki.openmoko.org/wiki/Neo_Freerunner_audio_subsystem

PHASE 3 Steganographic Proto-type with Linux PC

• Research Audio Steg/Watermarking Concepts

  • http://www.google.com/url?sa=t&source=web&ct=res&cd=1&url=http%3A%2F%2Fwww.mp3-tech.org%2Fprogrammer%2Fdocs%2Fisbn9514273842.pdf&ei=6hxLSdqfE4i28AT2joC4Dw&usg=AFQjCNHe_YVFMP4El2Zb1VtNp-2vlk2dYQ&sig2=IjFN-JumYZzHCT6WbDL_KQ

• Pass plain text data across a local loop via audio
  • Should not noticeably modify the audio bite itself
• How to implement existing gpg keys?
• Design Implement Algorithm

Other Operating Systems

• Overview of Hands-Free Profile (Hands-Free Unit Role) great diagram. "HF role"

• Manually using Bluetooth - Openmoko nice debugging ideas

• The Macadamian Files - Bluetooth HandsFree Profile Support for Windows Mobile 5 - The Series (part 3) 2007 msdn article w/ nice seq diagrams

• 'I recently discovered a really cool feature in Vista (I think it isn’t available quite so readily in XP), which allows you to transform your ' - Use your computer as a phone for free screenshot indicating this worx in vista

PulseAudio and Bluez

• 'To achieve the above goal, direct sink/source connection is needed, and PA's ability to auto detect a phone of capability "audio gateway" may also needed.' - [PATCH 0/2] Bluetooth A2DP Source module

  • scenario req's "direct source<->sink connection" feature in PA

• 'And PA can deal with both Headset and AudioSink devices. ' - Bug 486500 – segfault when configuring pulseaudio to play over bluetooth

• "Please set log-level to debug in /etc/pulse/daemon.conf"

• 'Since 0.9.13. Bluetooth audio sink (and source, soon)' - Modules – PulseAudio

• 'This page describes the work to make bluetooth audio work seamlessly with pulseaudio. João Vita is working on this with us for a GSoC project.' - PulseIntegration – BlueZ

  • bluez-pulseaudio - Project Hosting on Google Code

Misc

• Elastix - Wikipedia, the free encyclopedia

• Software code for improved in-band signaling for data communications over digital wireless telecommunications networks - US Patent 7206305 Description

• Bluetooth-alsa ancient

• 'There is no known open source handsfree profile other than Trolltech’s Qtopia, so we did some quick hacks on a draft we have found, both with python-bluez and C that lead us to create the “selfone” project on garage.maemo.' - Gustavo Sverzut Barbieri » Playing HandsFree with your Linux box

• 'Please keep in mind that whenever hcid or pand or hidd are mentioned it means that instructions are applicable only to bluez3 systems which is deprecated ages ago. Modern bluez4 uses only one daemon - bluetoothd and you are supposed to use dbus api directly to configure it.' - Manually using Bluetooth - Openmoko

• 'The hands-free device sends the AT+VTS command to the AG to transmit a DTMF code.' - Hands-Free Profile

• VoXel : ProjectBluezHandsfree super old (feb '04?) alsa+bluez c code to simple (read/write wav) HSP headset role

• 'I'm using A2DP with Bluez through Pulseaudio like this: I've got blueman from the daily-ppa for karmic, with the pulseaudio plugin activated and it works well!' - Bug #405294 in bluez (Ubuntu): “a2dp skips terribly in Karmic”

• 'To proceed further with the headphone emulation there must be a listening L2CAP service on PSM 25. At the moment there exists no program for doing this.' - I am Sam - [펌]Advanced Audio support for the BlueZ stack mirror of holtzman's page from jun '07

  • apparently replaced by HOWTO/AudioDevices – BlueZ

• N810 as a bluetooth hands free device - maemo.org - Talk maemo user discovers nohands, elicits samr7's help, never gets it working

• 'Although the Bluetooth specifications do not cover APIs, there is a specification that defines the bottom layer interface between a Bluetooth protocol stack and the Bluetooth radio. This is the host controller interface (HCI), and support for this interface is mandatory. ' - Managing Bluetooth profiles: A billion served - Electronic Component & Product Information - ECNAsiamag.com

• OLS: Audio Streaming over Bluetooth [LWN.net]

  • Audio streaming over Bluetooth - Marcel Holtmann

    • "The Headset profile and Handsfree profile use an RFCOMM channel as control channel. The protocol of this channel is based on standard AT commands with Bluetooth specific extensions. An example of these extensions is the volume control or the buttons to accept or reject calls."

    • "For the transport of the audio stream, the Bluetooth Synchronous Connection Oriented link (SCO) channel is used. The SCO channel is a designated channel within the Bluetooth piconet that allows the transport of 8 kHz Pulse Coded Modulation (PCM) audio over the air that will be encoded using Continuous Variable Slope Delta (CVSD) modulation."

    • "The current release of BlueZ contains the audio service with support for HSP, HFP, A2DP and AVRCP. It comes with plugins for ALSA and GStreamer."

• 'It is important to note that Qtopia make use of a PCM SCO connection since that connection type uses the least amount of power. This means that Qtopia does not process any audio data related to the Bluetooth connection.' - Bluetooth Support battery issue

• 'There are some experimental patches available for HFP/HSP headset role support on the linux-bluetooth mailing list (misleadinly called "gateway profile" support) but they haven't been merged with upstream yet due to design, quality and coding style issues.' - Bug 2754 - Support being an SCO/A2DP sink

  • "forrest" appears to have committed these in april '09

  • 'Add initial support for Headset Audio Gateway role' - git.kernel.org - bluetooth/bluez.git/commitdiff

  • jaunty has bluez v4.32 as of 2009-10-19. v4.32 was tagged 3/2/09.

• 'It uses SCO (see Synchronous Connection Oriented link) to carry a mono, continuously variable slope delta modulation or pulse-code modulation with logarithmic a-law or μ-law quantization audio channel.' - Bluetooth profile (Hands-Free Profile (HFP))- Wikipedia, the free encyclopedia

  • so, this codec needs to survive the telco's compression, but also bt's

• Detect DTMF Tones web app (generates too)

• 'The simpler profile is the Headset Profile, or HSP. It provides for a way to tap a button to start or end a call and buttons for controlling audio levels. The more advanced Hands-free Profile, HFP, adds a host of optional functions like call rejection, last-number redial, caller id display, and dialing specific phone numbers.' - Bluetooth-alsa

  • 'Two roles are defined for Bluetooth devices in this profile, Audio Gateway (AG) and Headset (HS):' - Headset Profile

• 'Verify its working: aplay -B 1000000 -D plughw:Headset sound.wav' - curious onloooker: Using audacity with a bluetooth headset in Ubuntu

• 'Ok, so I tested the software nohands very quickly' - Openmoko Devel - Use my GSM from my laptop via USB (or BT, wifi) ?

  • HFP for Linux: Source Code aka "nohands"

    • 'I hope samr7 comes back soon so he can help me integrate this into LinuxICE.' - HFP for Linux Bluetooth Hands Free - Page 6 - MP3Car.com 10/16/09 msg in "support forum"

• 'Packet data over 2400 baud is excruciatingly slow!' - Traditional Voice Connection Modem over CDMA digital Cellular? - Ask Metafilter

• EMBEDDING SIDE INFORMATION INTO A SPEECH CODEC RESIDUAL

• 'GSM has used a variety of voice codecs to squeeze 3.1 kHz audio into between 6.5 and 13 kbit/s. ' - GSM - Wikipedia, the free encyclopedia

• PocketMail Email Anywhere proof (in the form of a successful commercial product) that coupling w/ cell phones works

Alternatives

• Schneier on Security: GSMK CryptoPhone G10i

LOLz

• 'Avoid sharing any sensitive information over a cell phone.' - Data Security - Merchants