With SecuSmart chip, German officials free to talk and type securely on BlackBerry Z10

The German government has selected a micro-SD format smartcard from SecuSmart to secure its mobile voice and data communications

German government officials including Chancellor Angela Merkel could soon be communicating about classified matters using BlackBerry Z10 smartphones equipped with a new micro-SD card from SecuSmart.

The German Federal Office for Information Security and the government procurement office have selected the combination of phone and card for protecting classified communications, according to SecuSmart, which is showing the SecuSuite card at the Cebit trade show in Hanover, Germany this week.

SecuSuite encrypts voice and data, unlike previous SecuSmart mobile encryption products, which could only encrypt voice. They, however, worked with several smartphone platforms, while SecuSuite is only available for the Z10, because it builds on the security of the BlackBerry Balance feature separating personal apps and documents from work ones.

The card contains 4GB of flash memory for storing encrypted documents, and the smartcard chip that performs the encryption. The security keys are stored in the smartcard, and protected by a PIN, much like a mobile phone SIM.

The card can encrypt a voice bitstream of around 10kbps (kilobits per second), according to SecuSmart CEO Hans-Christoph Quelle. As long as the phone is connected to an EDGE mobile network, there is no perceptible difference in call quality or latency between encrypted and unencrypted calls, he said.

At 10kbps, it would take too long to decrypt the card's 4GB of storage, so for data SecuSmart takes another approach: The chip secures the keys used by the BlackBerry 10 OS to encrypt the phone's "business" partition. If the SecuSuite card is removed from the phone, the keys are no longer available and the "business" apps and documents can no longer be accessed. In the "personal" partition, details of previously visible business appointments are hidden, with the time marked simply as busy.

The encryption keys in the card are associated with a public key infrastructure (PKI). For commercial customers, the PKI will be SecuSmart itself, while the German government will run its own key infrastructure, said Quelle. Calls can be encrypted end to end for any two phones associated with the same PKI, Quelle said. A call can also be encrypted between a mobile and a SIP gateway associated with the same PKI, so that it can be routed to landlines.

German government approval puts SecuSmart a step closer to landing other government contracts, Quelle said. If another European security certification agency approves the card, then it will automatically be approved for communications at "EU Restricted" level, he said.

Such security doesn't come cheap: The German government has agreed to pay ¬2,500 (US$3,252) for phones equipped with the chip.

Peter Sayer covers open source software, European intellectual property legislation and general technology breaking news for IDG News Service. Send comments and news tips to Peter at peter_sayer@idg.com.

Tags SecuSmartcebittelecommunicationsecurityAccess control and authenticationmobile securitydata protectionmobileprivacy

Comments

Comments are now closed

CSO Corporate Partners
  • f5
  • Webroot
  • Trend Micro
  • NetIQ
rhs_login_lockGet exclusive access to CSO, invitation only events, reports & analysis.
CSO Directory

Cloud Security for Enterprise

Encrypt data with easy-to-use key management for virtual, private, and public cloud environments with Trend Micro SecureCloud™.

Security Awareness Tip
Security ABC Guides

Warning: Tips for secure mobile holiday shopping

I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.