International large-scale enterprises establish a number of offices worldwide, as well as many overseas offices. The global distribution of various functional departments needs to maintain timely communication via means of communication including voice, text messaging, and file transfer. Due to the commercial sensitivity and confidentiality needs of the exchanged information, we need to use encryption to protect the security of the communication content against eavesdropping and sabotage.
Traditional GSM-based secure communication suffers low rate of data channel, poor encrypted voice quality. Its operation is limited by the operator’s GSM voice coding or CSD data service deployment. Therefore, traditional GSM-based mobile phone communication is unable to meet the international demand for the company’s international and domestic operations.
At present, most countries have established a nationwide WCDMA and LTE wireless communication network. Data services costs are very low and the data communication rate can meet the requirements of VOIP and IM communications. Therefore, packet domain based communications solutions are able to adapt to the international and domestic needs of large enterprises international business. Our solutions are based on packet domain confidential VOIP and Instant messaging communication. All business are using encryption technology.
Without any changes to network topology (IMS/soft switch) and communication infrastructure, Secure VoIP Communication Solution provides VoIP service with secure encryption protection, and seamlessly integrates with 3G, 4G IP mobile terminals. A comprehensive SIP-based VoIP security system is built.
Its main functions are：
Secure VoIP Communication Solution is composed of client, key management system and service system, as shown below.
System main specifications are：
1 Secure Smartphone
Secure Smartphone it has OS: Privis Linux and Virtual Android, together with TF crypto card and SecCall VoIP software, it achieves VoIP encryption call, secure IM chat as well as key management.
TF crypto card
1. Secure Smartphone (SS): With crypto TF card inserted in it, secure smartphone provides end-to-end encrypted voice and IM services. Its features include the following:
2. TF crypto card
TF crypto card realizes SM2/SM3/SM4/ZUC crypto algorithms calculation, random number generation, key generation, key storage, and certificate storage. It is the security root of secure VoIP communication.
32-bit Chinese high-performance smart card chip
Processor frequency not less than 40 MHZ
64KB secure storage space
Support SM4 algorithm
Support ECB / CBC / OFB mode
Support SM2 public key algorithm
Support ZUC algorithm
Key pair is generated via hardware for digital signature; Private key can never be exported from TF crypto card
Product hardware unique serial number and product number
Storage read speed 6MB / s, write speed 2MB / s
2. SecCall VoIP software
SecCall VoIP software achieves VoIP encryption call function as well as secure IM chat. The software adopts modular design, high-strength key agreement mechanism and encryption. The use of advanced voice engine and related voice processing technology assures high quality voice calls.
151.7 x 75 x 7.9 mm (5.97 x 2.95 x 0.31 in)
|Weight||170 g (6.00 oz)|
|SIM||Hybrid Dual SIM (Nano-SIM, dual stand-by)|
AMOLED capacitive touchscreen, 16M colors
|Size||5.5 inches, 83.4 cm2 (~73.3% screen-to-body ratio)|
|Resolution||1440 x 2560 pixels, 16:9 ratio (~534 ppi density)|
– MiFavor UI 4.0
Privis Linux and Virtual Android
|Chipset||Qualcomm MSM8996 Snapdragon 821|
|CPU||Quad-core (2×2.35 GHz Kryo & 2×1.6 GHz Kryo)|
microSD, up to 400 GB (uses SIM 2 slot) or TF crypto card
|Internal||128 GB, 6 GB RAM|
Dual: 12 MP (f/1.8, 1/2.8″, 1µm, PDAF) + 20 MP; phase detection autofocus, dual-LED dual-tone flash
|Features||Geo-tagging, touch focus, face detection, HDR, panorama|
Vibration; MP3, WAV ringtones
– 24-bit/192kHz audio
– Active noise cancellation with dedicated mic
Wi-Fi 802.11 a/b/g/n/ac, dual-band, WiFi Direct, hotspot
|Bluetooth||v4.2, A2DP, LE|
|GPS||Yes, with A-GPS, GLONASS|
|USB||Type-C 1.0 reversible connector|
Fingerprint (rear-mounted), accelerometer, gyro, proximity, compass
|Messaging||SMS(threaded view), MMS, Email, Push Email, IM|
– Fast battery charging (Quick Charge 3.0)
– MP4/H.264 player
– MP3/WAV/FLAC/eAAC+ player
– Photo/video editor
– Document viewer
|BATTERY||Non-removable Li-Ion 3400 mAh battery|
2. SIP Encryption Phone (SEP): SEP is deployed at the user side. As an integrated secure voice communication terminal it offers encryption protection for media flow. It is simple to operate as the ordinary civil SIP telephone with some features in the following:
3. SIP Terminal Encryptor (STE): STE is deployed at the line side of SIP/IMS and connected between the SIP and network to protect one or more SIP telephones. Its features include the following:
Operating temperature: 0 ℃ ~ 45 ℃;
Storage temperature: -40 ℃ ~ 65 ℃;
Relative humidity: 20% ~ 80%;
4. VoIP Key Management Center (VKMC): VKMC is normally deployed in the subnet where IMS network element exists with functions such as equipment registration, certification distribution, key distribution, on-line centralized configuration and destruction for STE, SEP, SS. Its features include the following:
Operating temperature: 0℃~40℃
Storage temperature: -10℃~55℃
Relative humidity: 20%～80%
5. IM Server：IM server is composed of an IM application server and an IM push server. The IM application server provides services as registration, login, message storage and transfer and management to the secure instant messaging client. IM push server provides message push service to the secure instant messaging client based on MQTT protocol.：
6. SIP server：SIP server is responsible for processing the call control signal as dialing, answering and hanging the phone. The call signaling is transmitted after encryption through the secure channel to ensure its security.