GSMK CRYPTOPHONE G10i User manual
CRYPTOPHONE
GSMK CRYPTOPHONE G10i
2
network type
signal strength
encryption indicator
key verification code
caller id
delay indicator
caller number
fast / robust indicator
volume indicator
settings menu
line type indicator
battery status
3
General 4
Inserting SIM card & switching the phone on 5
Security Profile Manager 6
Security Profile Choices 7
Enter your PIN 11
Charging 11
Standby 13
Switching on/off 13
Placing an Encrypted Call 14
Key Verification 15
Redialing 16
Calling from the Contacts list 16
Call Quality during Secure Calls 16
Secure Calls while moving 18
Switching the Call Type 19
Switching the Linetype 20
Problems with setting up a Secure Call 21
Changing the volume 24
Mute during call 24
General Mobile Phone Security Advice 25
Power down 25
Cold Boot & Emergency Erase 26
Security Advice regarding Flash Storage 27
Using the headset 28
Bluetooth headset 28
Sync Contacts and Appointments 29
Troubleshooting 30
Security Updates 30
Security Advice 32
Storage and Handling 33
Repairs 33
Accessories 34
3rd Party Software 35
4
General
Your CryptoPhone G10i is based on generic quadband (850 / 900 / 1800 /
1900) GSM Smartphone hardware that is sold under different brand
names. The phone’s firmware and operating system have been modi-
fied to accommodate the CryptoPhone functionality and provide add-
ed security, so a number of things that you might know from other
Smartphones are not available on the GSMK CryptoPhone for security
reasons. We supply the original Smartphone manuals, license sticker
and CD with the GSMK CryptoPhone G10i, but you need to be aware
that some functionality has been disabled by us for security reasons
and some functions have been changed to better integrate the Crypto-
Phone functionality.
Note: Do not try to use Microsoft operating system updates
as this may destroy the CryptoPhone firmware and void your
warranty. Certified CryptoPhone Updates are only provided by
GSMK to you in a cryptographically secure manner.
5
Inserting SIM card & switching the phone on
You need to insert a valid GSM card (SIM) into the GSMK CryptoPhone
G10i in order to place calls. To insert the SIM, remove the back cover of
the device by sliding the back cover downwards. You will see the SIM
card slot in the lower middle of the device. Insert the SIM card with the
gold-plated contact area facing down. Now insert the battery (which is
stored stored separately in the shipping box). Replace the back cover
by sliding it gently upwards onto the device. Now oben the lid and
push the power/hangup button. The screen will light up and the GSMK
CryptoPhone G10i begins its firmware initialization. This may take up
to two minutes.
6
Security Profile Manager
The CryptoPhone is based on the Windows Mobile 2005 operating
system which contains some potentially vulnerable, yet convenient
features and applications. To reduce the risk of attacks against your
CryptoPhone’s integrity, we recommend to disable some of these fea-
tures. The Security Profile Manager helps you to select between securi-
ty and extra features: the more features you enable, the larger the risk
of vulnerabilities. In the following section the different settings of the
Security Profile Manager are explained in detail. Please take your time
to read all the options to make an informed decision. After you have
selected a Security Profile, click the OK button on the screen. Now the
phone will install the operating system components according to the
profile you selected.
The default setting is “Medium Security” which provides a good bal-
ance of convenience and security for most users.
Note: You can always change the Security Profile setting by per-
forming a Cold Boot (see page 26). After each Cold Boot you
will be asked for your choice of Security Settings.
7
Security Profile choices:
No Added Security
This setting leaves the CryptoPhone with very little protection against
potential attacks on the operating system. Some mechanisms to prevent
really stupid attacks are activated, but this creates only a base layer of
protection that is not sufficient against a skilled adversary. New threats
(against any operating system) are discovered from time to time, and
we feel selecting “No Added Security” exposes the CryptoPhone to un-
neccessary risk. Choose this setting only if you really need one of the
services that would otherwise be disabled in the “Medium security”
setting and if doing so matches your risk profile.
8
Medium Security
At this level of security, the CryptoPhone disables a number of functions
which are likely vulnerable to attacks, but are not essential for most users.
Once you select Medium Security, the following functionality is disabled:
Picture Caller ID and Picture Contacts
.NET compact framework
Javascript
MIDP and all other Java framework
MS scripting
VBscript
MS terminal services client
MS Messenger client
SIM Toolkit
Remote OS updates
Downloadable Ringtones
some media playback features
WAP and WAP push
MMS and Video-MMS
9
High Security
In High Security mode, internet functionality is no longer avaialble.
GPRS, PPP data calls, the Internet Explorer and the Windows Media
Player are disabled, in addition to the measures taken in Medium Se-
curty setting. The following functionallity is disabled in High Security
mode:
Bluetooth
OBEX
WLAN
GPRS
all TCP/IP functionality
MediaPlayer
Internet Explorer
Video Telephony
email functionality
ActiveSync
Infrared
SD-card functionality
10
Extreme Security
This setting is intended for customers who only use the CryptoPhone
and normal unsecure call functionality, but wish to have all other means
of communication disabled. This security level offers protection against
attacks that potentially could be performed using SMS messages or the
synchronization with a desktop PC. PocketOutlook, SMS sending and
receiving, Active Sync and the Inbox are disabled in this setting, in ad-
dition to the measures taken in High Security mode. We recommend
this setting for situations where a highly skilled adversary has to be as-
sumed.
Note: Depending on how you obtained your CryptoPhone, not
all Security Profiles might be available or the described choices
might be different in detail. GSMK provides customized Security Pro-
file configurations as part of volume purchases for larger companies
and organizations. So if you received your CryptoPhone from your
organization, please consult with the appropriate corporate security
manager regarding the choice of Security Profiles available to you.
Also, GSMK may, without notice, remove certain components from
the default installation, if we receive information that indicate a
higher than originally assumed vulnerability of this component.
11
Enter your PIN
Most GSM SIM cards require you to enter a PIN number. After you have
switched on the CryptoPhone, you will be asked to enter your PIN. Af-
ter you entered the PIN, press the “Done” button. The CryptoPhone will
finish initialization and present the secure telephony mode interface. If
your GSM SIM does not require a PIN, the secure telephony mode will
be presented right away.
Note: We recommend that a PIN number is used, as it makes the
extraction of information stored on the SIM more difficult for
an attacker and prevents you from incurring charges to your ac-
count if the phone is stolen.
Charging
Before using your CryptoPhone, we recommend that you fully charge
the battery. In order to do this, you must connect the power supply to
the CryptoPhone. Depending on your location, you may need a plug
adaptor to use the power supply if the plug does not fit in your out-
let. The power supply is rated 100-240V, which means it will accept
your line voltage without conversion as long as it lies within this range.
The status LED will change color to yellow while the device is being
charged, and to green when fully charged. You can either charge the
12
CryptoPhone with the power supply (recommended) or with the sup-
plied USB sync cable on a computer. Charging over USB takes consid-
erably more time and is dependent on your computers configuration
and setup, so it may not work under some circumstances (e.g. if you
have no synchronization software installed on your computer or the
USB port is not powered up).
Due to the higher power consumption of the built-in powerful proces-
sor and the backlit display, the overall standby time and the talk time
in secure mode are slightly less than what you might expect from stan-
dard GSM phones. Also please note that the standby and talk times may
vary depending on your distance to the nearest GSM base station: the
further away the base station, the more power your phone needs to
use to reach it. Spare batteries are available in normal electronic stores
that sell HTC, Qtek or i-mate brand mobile phones.
Note: For security reasons explained in the chapter ‘Security
Advice’ (page 32), we suggest you keep the CryptoPhone with
you at all times so that it is under your permanent supervision.
If the phone rings or you need to place a call while the phone
is charging, you can leave it plugged in while operating the
phone.
13
Standby
The GSMK CryptoPhone has three basic modes of operation. It can be
either completely switched off, in ‘standby mode’, or active. In normal
operation the CryptoPhone is in ‘standby mode’. In standby mode, you
can activate the device at any time by opening the lid.
Now the screen will light up. To put the GSMK CryptoPhone G10i back
in standby mode, simply close the lid. The GSMK CryptoPhone will
still receive incoming calls when it is in standby mode. In other words:
standby mode will not disable the radio, it just puts the processor to
sleep and switches the display off.
Switching on/off
It is not safe to enter an airplane, hospital or other no-phone area with
the GSMK CryptoPhone switched on or in standby mode. To ensure the
radio is off, you need to switch off your CryptoPhone G10i by press-
ing the power/hangup button for a few seconds. To switch it on again,
press power/hangup for two seconds. You will be required to enter
your PIN again.
14
Placing an Encrypted Call
In order to place a secure call, the following conditions need to be met:
• your partner has a CryptoPhone compatible device up and running
• there is sufficient GSM coverage
• the GSM operator supports ‘GSM data calls’ (technically called 9600
bit/s Circuit Switched Data or ‘CSD’)
To place a secure call, you can simply dial from the home screen and
press the “Call Secure” softkey on the left side. You can also choose
“Contacts”, select a contact and press “Call Secure”. Further you can
switch to the CryptoPhone screen by pressing the home key and dial di-
rectly (press the green Call button after entering the number).
The very first call after you switch on the CryptoPhone will take lon-
ger to be dialed after you press the green button, as the random num-
ber generator needs to be initialized and verified. After this you will
hear a bit of comfort noise in the speaker, followed by the normal ring-
ing tone. It may take longer than in unsecure mode before the secure
connection is established, so please let it ring. After your partner has
pressed the Talk button on his end, you will hear a ditt-dutt ditt-dutt
sound that signals to you that the ‘key setup’ procedure for the secure
connection is in progress. Key setup may take from 3 to 30 seconds, but
typically 4 seconds, depending on line quality. Once key setup is com-
+ 49 700 27978835
GSMK
CryptoPhone
15
pleted you hear a »Ping« sound and can start talking to your partner.
In order to verify the authenticity of the key, please take a look at the
display and read the three letters under »you say« to your partner and
verify the three letters under »partner says«. The green SECURE indica-
tor is only visible when a secure call has been established. During all
other times it is shown in grey with an open lock.
Key Verification
Reading the three letters and verifying what your partner says is meant
to protect you against so-called ‘man-in-the-middle attacks’ on the se-
cret session key. The session key is different for each call, as no key ma-
terial is re-used between calls. The letters are mathematically derived
from the unique secret key that is generated for each call. By reading
and verifying them with your partner, you make sure that you are in-
deed communicating using the same key. Please pay attention to the
voice of your partner when he reads his three letters. To be completely
on the safe side against very sophisticated voice impersonation during
the key verification, you could periodically reverify the letter code with
your partner during the conversation.
SECURE
you say: partner says:
CTQ DGA
16
Redialing
The CryptoPhone has access to a call history comprising the last 10 out-
going calls. You can redial a number by scrolling through the last di-
aled numbers by moving the Navigation keys up/down and press the
green Talk button once the desired number is shown in the display.
Calling from the Contacts list
To call a contact stored in the contact list, press the right soft key in
the home screen labeled “Contacts”. Now you see the list of contacts
stored on your SIM and on the phone. The left softkey is now labeled
“Call Secure”. To place the secure call, move the selection bar with the
Navigation keys to the contact and press the “Call Secure” softkey. The
CryptoPhone G10i now switches to the secure call mode and immedi-
ately dials the selected contact number in secure mode.
Call Quality during Secure Calls
The call delay indicator changes color in five steps between green over
yellow to red. Green indicates the best call quality, red the worst. De-
lay describes the period of time it takes for your voice to reach your
partner. This time gets longer if the transmission of the encrypted voice
over the telephone network takes longer, or transmission errors occur.
17
In general, you will achieve shorter delays by switching the call type to
Fast (see Switching the Calltype, page 19).
Reasons for longer than normal delay are usually either bad GSM cov-
erage or network congestion. Network congestion can often be cir-
cumvented by setting up the call again, sometimes you just get a »bad
line«. The GSM data call mode, used by the CryptoPhone to transport
the encrypted voice data during a call, has a certain delay, caused by
the architecture of the GSM network. The GSM network handles data
with lower priority than voice transmissions.
So even if the delay indicator is green, there is always a certain notice-
able delay, much like on some transcontinental phone calls. If the over-
all line quality becomes bad, the delay rises and you may experience
»drop outs«. Note that the quality on international calls might not be
as good as on domestic calls. The multiple operators involved in an in-
ternational call often try to minimize their costs by technical measures
that can affect the quality of the call. If the call quality is unaccept-
able, please try calling again. Call quality can also be adversely affected
when using certain GSM providers. It often helps to switch the GSM
provider to achieve better secure call quality. As a rule of thumb, the
larger operators tend to work better than the small ones.
If the Delay indicator becomes reddish or red, please try to find a place
18
with better GSM coverage. Use the signal strength indicator on the up-
per right side of the display to find a better spot. If the delay indica-
tor turns and stays solid red, please hang up and set up the call again.
When no call is in progress, the delay indicator is shown grey.
Secure Calls while moving
When using the GSMK CryptoPhone while moving fast in a car or a train,
you may experience a degradation in call quality, periods of longer delay
(especially in Robust call mode) and short dropouts during a call. These
effects are the result of a so called “handover” that occurs when you
move from the coverage zone of one GSM tower (also called ‘GSM cell’)
to the next. During the handover the data connection is briefly inter-
rupted.
The GSMK CryptoPhone G10i has been successfully tested traveling at
speeds faster then 180km/h. The frequency and intensity of disturbanc-
es is primarily determined by the GSM network. In rural areas, the net-
work consists of fewer and bigger cells, resulting in less frequent han-
dovers and less disturbances. In urban areas the network has typically
a high density of small cells, resulting in many handovers when moving
and thereby causing more disturbances.
Note: In many countries the use of mobile phones while driv-
19
ing is regulated or completely prohibited. You are responsible
for complying with local laws and regulations on telephone use
while driving a car. We strongly recommend the use of the en-
closed headset while driving, even if local regulations may not
require this.
Switching the Call Type
The CryptoPhone G10i supports two different types of call. We call
them “Fast” and “Robust”.
Technically speaking, the Robust mode uses a special type of error cor-
rection in the GSM network, which causes less dropouts (short interrup-
tions) in the conversation, but can cause longer delay under bad condi-
tions and buildup of delay in the network. The Fast mode does not use
this error correction and thus has less delay and no delay buildup. How-
ever, under certain network conditions it can cause chopped up con-
versations with lots of dropouts or does not work at all (e.g. on some
international calls or calls between different mobile phone operators).
We generally recommend to use the Fast mode as it usually gives better
call quality. Only if it does not work or gives unsatisfactory results, you
should switch to Robust mode.
To switch the call type, in the CryptoPhone mode, select the “Menu”
Call Type Fast
Call Type Robust
20
softkey, choose Settings, and use the Navigation Control and Enter but-
ton to change the Calltype to the desired mode. Then leave the Set-
tings page by pressing the softkey labelled “Done”. The icon between
the volume indicator and the delay indicator will switch according to
the chosen Call type to indicate Fast or Robust mode.
Switching the Line Type
Normally, the CryptoPhone uses the V.110 circuit switched data (CSD)
- also called digital data call - bearer type to establish a secure con-
nection. To call to an analog landline or to a CryptoPhone on a satel-
lite network or a network with non-standard data-call configuration
(like most GSM carriers in the USA), you can switch to the V.32 bearer
mode.
To switch the line type, in the CryptoPhone mode, select the “Menu”
softkey, choose Settings, and use the Navigation Control and Enter but-
ton to change the Line Type to the desired mode. Then leave the Set-
tings page by pressing the softkey labeled Done.
A small desktop phone icon will show up on the CryptoPhone screen if
V.32 is activated. The call setup with V.32 takes longer than with V.110,
as the modems need some time to synchronize. Incoming calls are not
affected by the call type settings.
Table of contents
Other GSMK Cell Phone manuals
