CellKnox
The secure, customer-controlled smartphone with stealthy military-grade encryption based on CellAegis platformEncrypted point-to-point calling
HD audio engine that sounds better than popular VoIP apps in mobile networks
Secure messaging and file transfer
Point-to-point transfer, secure storage, 1-to-1 and group chat
Governmental Encryption Level
Multilayer, multifactor encryption that matches TOP SECRET requirements.
Protection against viruses and spyware
No 3-rd party services used
Even for push notifications
Absolutely no backdoors policy
Code review on demand
Your Own Server
Put server in your office or place server in the nondisclosure datacenter
Complete control
All system components accessed and controlled only by end user organization
Multiplatform
Available on iOS, Android, Landline, PC, Mac
Only pre-signed applications and programs allowed
Does not reveal it is a special kind of phone/software.
Looks and registers in the network as an ordinary smartphone
Optimized for all networks
LTE, 3.5G, 3G, 2.5G, EDGE, WLAN, Satellite
Forensic Wipe Feature
Panic wipe, Password bruteforce wipe; Remote wipe
Calls are done via encrypted binary protocol
pretending it is VPN connection
Top Secret solution
Top level ciphering
AES 256 (GCM mode) encryption; DH 8192 / ECC B571 key exchange
End-to-end encryption
Only the call or chat participants hold encryption keys
Mutual point-to-point authentication
Built-in Public Key Infrastructure system, certificate based authentication
Continous key updates
New encryption key exchange per each voice call
Backward and forward secrecy
Backward and forward secrecy
Protection from all known attacks
rMan-in-the-Middle, Replay and Mirroring attack protection
Why did we create the CellKnox?
All existing secure solutions have at least one of the following drawbacks:
1.Secure calls that are initiated and/or go through 3rd party servers (solution provider, Apple, Google, Facebook) which can act as a single point of attack, allowing for the theft of hundreds of millions of users’ information in one attempt.
2.Crypto phones draw unnecessary attention and can be even confiscated in certain situations like when crossing borders. Besides that, low profile methods can also be applied as soon as the user reveals that he is using a special phone.
3.Standard protocols, like SRTP and ZRTP protocols, which reveal encrypted communication to the network providers. In some countries, like UAE, those protocols are blocked by default.
4.No protection against viruses and spyware. This makes good cryptography useless since there are a number of viruses, trojans and exploits which can capture the phone audio or screen view, steal user credentials etc. It makes even good cryptography useless.

CellKnox closes all security gaps
- No 3rd party services and complete control. We have even made our own push notification service in order to provide customers with complete control.
- All server components, call establishment, key/certificate management services also belong to the customer.
- Protection from viruses and trojans, provided by hardened OS/firmware is installed on the CellKnox phone.
- CellAegis does not put secure communication at risk:
- Calls are done via an encrypted binary protocol which looks like a VPN connection for network providers
- It looks and registers in network as an ordinary smartphone
- No viruses/trojans with hardened OS.
CellKnox overview
- Point-to-point Encrypted Voice Calls with HD audio
- End-to-End Encryption
- Encrypted Text Messages
- Encrypted Group Chats
- Encrypted File transfer
- Encrypted Video Messages
- Support of extended security set
- remote revocation
- panic wipe
- 5 times incorrect password entry wipe
- Only signed, pre-checked apps allowed
- Full verified boot, covering all firmware and OS partitions
- Safe against all major vulnerabilities, avoids exploits
- Filesystem layer encryption, covering all data and metadata
CellKnox OS security specs
- Unsigned apps installation disabled
- Full verified boot, covering all firmware and OS partitions
- Forensic wipe feature
- Preventing all major vulnerabilities, avoiding exploits
- Filesystem layer encryption, covering all data and metadata
- UX focused on security: separate lock screen, encryption passwords, etc
- Backported security, regular updates (patching) to address new threats
Key exchange | DH 8192 or ECC B571 (over Binary Fields) / ECC P521 (over Prime Fields) |
Encryption | AES 256 in the GCM mode |
Hash function | SHA512 |
PRNG source | Several options available:
Non-blocking /dev/urandom Custom software/hardware (HSM) entropy source Mixing user input (radio signal, touch screen, audio, camera) to provide better entropy |
Authentication | Built-in Public Key Infrastructure (PKI) system, certificate based authentication |
Secure communication protocol | Custom binary communication protocol featuring:
Replay and mirroring attack protection |
All crypto parameters meet the highest, governmental, security level
Here is the table with the minimum level of security depending on the key exchange algorithms used. We have taken it from the NIST Recommendations.

Our solution implements ECC 571 and/or DH 16 384* key exchange which is even above the green line.
*In some implementations DH 8192 algorithms is used due to certification reasons.
SV works with all networks
- Satellite
- Mobile (3G, 4G, 2.5G)
- Wi-Fi
- Landline (Ethernet)
Adjusts to almost any mobile coverage quality
- LTE, TD-LTE, LTE Advanced
- IEEE 802.11 (WiFi): 802.11b, 802.11b/g, 802.11n
- HSDPA+, HSDPA
- UMTS, UMTS-TDD
- HSPA, HSPA+
- CDMA EV-DO (Rel. 0, Rev.A, Rev.B)
- EDGE, Evolved EDGE
Out of the box CellKnox Operating System is available for Premium and Budget models
CellKnox Premium

CellKnox Silver


CellKnox Premium
CellKnox Silver
The CellAegis Communication Server for corporate communication systems
The CellAegis Server communication system can be installed on corporate premises. It acts as a communication system backend to register/manage CellAegis user and initiate the communication.
Features:
- Сomplete control over the corporate telephone system
- No 3rd party services
- Authorized devices only, with hardware binding
- PKI infrastructure and certificate management
- Control panel for managing users and keys
- Extended PKI support
- Client and server apps protected from third party interference
- World Wide and Regional servers infrastructure supported
- Redundancy and Load Balancing
- Secure devices support: CellKnox phone
- BYOD support: iOS, Android, PC and Mac (beta)

Usage of standard servers
Our solutions work on standard servers, easy to buy or rent. All servers can be locally located or can be located in undisclosed data center.
Our solution – standard server |
Others – special server |
Can be chosen from a large variety
Can be rented from a data center No geographical limitations No extra attention – the staff do not know what is inside the server |
Can be tracked (such servers are rare)
Can be bugged Limitations with import/export Licensing and control by the USA or country of production Serves as a warning beacon (red flag) for secret services Hard to sustain in a data center Linked to a country (import/export limitations) |
Proceed with free expertise, consultancy and Pilot
Total anonymity and only individual approach.
Let us study your case and bring the most feasible platform-based solution:
Complete control
All communication servers, cloud storage and key management solution сan be deployed at customer’s premises and is fully controlled by customers.
As a result you get a fully encrypted protection of your conversations, text and file transfer.
If compared with cloud-based solutions, in our case it would be hard even to understand that you are using an encrypted call solution. Since your phone will not be connected with a 3rd party communication server, rather to your own server.
This is the principal difference – the entire solution is in the customer’s hands and not in the providers.
The client is given the opportunity to fully check the source code and personally compile the application.
Moreover, large/VIP customers can get the full source code.
Our solution |
Others |
Our solution is sold as a platform – allows anonymity and no sharing info with the government.
The client is able to fully check the source code Compile and take it with you Full source code access for VIP customers |
Their solution is sold as a final solution, hence is available to government secret services and (sometimes) has a backdoor
Usually the source code is unavailable Seldom access to the source code is partially available. Often to cryptography (and what does that give you, if the recording can conducted through another source, let’s say the microphone?) |
CellAegis for Bring Your Own Device (BYOD)
Major reason why many security solutions are not used daily is that not everyone has an encrypted phone. Great solution is CellAegis for BYOD
The system runs on standard iOS and Android smartphones, which allows you to install the solution independently and eliminates tracking at the purchasing/delivery stages.




CellAegis works on the iPhone 5C, 5S, SE, 6, 6+, 6S, 6S+, 7, 7+, 8+, X (OS 8.x.x and higher) or any Android device with OS 4 and higher
We support the following versions of Android:
- 4.0 – 4.0.4 Ice Cream Sandwich
- 4.1 – 4.3.1 Jelly Bean
- 4.4 – 4.4.4 KitKat
- 6.0 – 6.0.1 Marshmallow
- 7.0 – 7.1.2 Nougat
- 8.0 – 8.1 Oreo
We support the following versions of iOS:
- 8.x.x. – Final version: 8.4.1
- 9.x.x. – Final version: 9.3.5
- 10.x.x. – Current version: 10.3.3
CellAegis BYOD overview
- Point-to-point Encrypted Voice Calls with HD audio
- End-to-End Encryption
- Encrypted Text Messages
- Encrypted Group Chats
- Encrypted File transfer
- Encrypted Video Messages
- Jailbreak/Root detector module integrated
- Support of extended security set
- remote deletion of messages feature (all memory space rewrites with ones, zeros, pseudo-random sequence five times)
- panic wipe feature (forensically unreadable)
- 5 times incorrect password entry wipe (forensically unreadable)
- remote certificate revocation feature
Our solution – standard iOS/Android device |
Others – special phone |
Can be picked randomly from a large variety of choices
Very difficult to track the purchase No import/export limitations Not associated with the country of production No attention from secret services/government structures |
Can be tracked during use
Can be bugged during delivery Limitations on import/export Licensing and control by the USA or country of production Serves as a warning beacon (red flag) for secret services |
Why CellAegis
CellAegis Platform was developed by European-based company specializing in security solutions and mobile development with more than 15 years of experience in security market.
- Experienced team of mobile development professionals
- Expert in security of communication systems, networks, enterprise software
- Verified and certified by governmental institutions in different countries
- Ready for pre-deployment revision, audit and certification
- Reasonable and flexible pricing policy
- Honesty and fairness as core company values