New app prevents phone tapping

February 24, 2014 - 06:13

The need for privacy is greater than ever after Edward Snowden revealed that the US is monitoring people using sophisticated software. Danish researchers have now developed an app that makes it harder to tap smartphones.

The new dynamic encryption app from DTU Compute will be available in app stores this summer. (Photo: Shutterstock)

You can no longer be sure that nobody is listening in your phone call with your grandmother. This was made clear in 2013 when Edward Snowden published documents which showed that the US intelligence agency NSA was monitoring personal communications.

Now researchers at the Technical University of Denmark (DTU) have developed a solution, known as ‘dynamic encryption’, which can prevent interception of mobile phone calls.

“I can’t see why we shouldn’t protect ourselves if we can,” says Professor Lars Ramkilde Knudsen, who heads the dynamic encryption research team at DTU Compute.
We all use the same encryption

Today, most mobile phone use the same encryption system, and that, Knudsen says, can make it easier to tap mobile phones.

He compares it to when we are away from our home:

“To secure your home, you lock your door and windows, and then it’s no good to leave the key under the mat. If the key is visible, it can be easy to find.”

Dynamic encryption works across the board

With dynamic encryption, each phone encrypts data differently, and there are no holes where the encryption does not work, explains Professor Ivan Bjerre Damgård, who researches into data security at Aarhus University, Denmark. He did not take part in the development of the new app.

To secure your home, you lock your door and windows, and then it’s no good to leave the key under the mat. If the key is visible, it can be easy to find.
Lars Ramkilde Knudsen

“The existing systems often only encrypt conversations to a certain extent, and typically only on the wireless part of the network. So the great advantage of this new technology is that there is encryption all the way from the sender to the receiver.”

The new encryption method may be good against phone tapping, but it cannot protect your mobile phone from hacker attacks, he adds:

Hackers can steal data from smartphones

”Mobile phones are often tapped through hacking. They can be hacked in the same way as computers can, so if you get any malicious software on your phone, this software can steal data from you before it’s encrypted. There is no way that this method can prevent that from happening.”

The reason for this limitation is that smartphones communicate in many different ways. When we, for example, visit a website from our smartphone, a hacker can intercept the communication between the website and the phone. This means that it is almost impossible to be 100 percent safe from phone monitoring.

“There is a huge spectrum of external hacker attacks. Dynamic encryption closes some doors, which is an advantage, but saying that it solves all problems is an exaggeration,” says Damgård.

Snowden set the dynamic encryption ball rolling

The scandal that Edward Snowden launched in 2013 has created a tense situation where no one can feel entirely safe – even the German Chancellor’s phone has been tapped by the NSA, according to Snowden’s revelations.

This was just the kind of scandal that the DTU Compute researchers were waiting for:

We started two years ago. It was an uphill struggle because nobody thought it was a good idea. We needed a scandal to set the ball running. Luckily for us, Snowden entered the stage, and now we can certainly see a difference.
Lars Ramkilde Knudsen

”We started two years ago. It was an uphill struggle because nobody thought it was a good idea. We needed a scandal to set the ball running. Luckily for us, Snowden entered the stage, and now we can certainly see a difference,” says Knudsen.

App available this summer

The DTU Compute system is obviously not the only attempt at solving the problem of phone tapping. The Spanish/American Blackphone, which is said to be untappable, will hit the market soon.

With the new app from DTU Compute, however, there is no need to invest in a particular brand of smartphone.

“The idea is that it should be possible to use any mobile. We call it ‘bring your own device’. Once you have installed the app, you will not notice any encryption. That all takes place in the background,” says Knudsen.

The app, currently still at the test stage, is expected to hit the various app stores this summer.

The researchers behind the app recently founded the company Dencrypt. DTU has filed a patent for the app and will own ten percent of the company’s shares.

---------------------

Read the Danish version of this article at videnskab.dk

Country