Select Page

CellKnox

The secure, customer-controlled smartphone with stealthy military-grade encryption based on CellAegis platform

Encrypted point-to-point calling

HD audio engine that sounds better than popular VoIP apps in mobile networks

w

Secure messaging and file transfer

Point-to-point transfer, secure storage, 1-to-1 and group chat

~

Governmental Encryption Level

Multilayer, multifactor encryption that matches TOP SECRET requirements.

Protection against viruses and spyware

No 3-rd party services used

 Even for push notifications

Absolutely no backdoors policy

Code review on demand

Your Own Server

Put server in your office or place server in the nondisclosure datacenter

Complete control

All system components accessed and controlled only by end user organization

Multiplatform

Available on iOS, Android, Landline, PC, Mac

l

Only pre-signed applications and programs allowed

u

Does not reveal it is a special kind of phone/software.

Looks and registers in the network as an ordinary smartphone

Optimized for all networks

LTE, 3.5G, 3G, 2.5G, EDGE, WLAN, Satellite

Forensic Wipe Feature

Panic wipe, Password bruteforce wipe; Remote wipe

Calls are done via encrypted binary protocol

pretending it is VPN connection

Top Secret solution

~

Top level ciphering

AES 256 (GCM mode) encryption; DH 8192 / ECC B571 key exchange

~

End-to-end encryption

Only the call or chat participants hold encryption keys

~

Mutual point-to-point authentication

Built-in Public Key Infrastructure system, certificate based authentication

~

Continous key updates

New encryption key exchange per each voice call

~

Backward and forward secrecy

Backward and forward secrecy

~

Protection from all known attacks

rMan-in-the-Middle, Replay and Mirroring attack protection

Why did we create the CellKnox?

All existing secure solutions have at least one of the following drawbacks:

1.Secure calls that are initiated and/or go through 3rd party servers (solution provider, Apple, Google, Facebook) which can act as a single point of attack, allowing for the theft of hundreds of millions of users’ information in one attempt.

2.Crypto phones draw unnecessary attention and can be even confiscated in certain situations like when crossing borders. Besides that, low profile methods can also be applied as soon as the user reveals that he is using a special phone.

3.Standard protocols, like SRTP and ZRTP protocols, which reveal encrypted communication to the network providers. In some countries, like UAE, those protocols are blocked by default.

4.No protection against viruses and spyware. This makes good cryptography useless since there are a number of viruses, trojans and exploits which can capture the phone audio or screen view, steal user credentials etc. It makes even good cryptography useless.

CellKnox closes all security gaps

  1. No 3rd party services and complete control. We have even made our own push notification service in order to provide customers with complete control.
  2. All server components, call establishment, key/certificate management services also belong to the customer.
  3. Protection from viruses and trojans, provided by hardened OS/firmware is installed on the CellKnox phone.
  4. CellAegis does not put secure communication at risk:
    • Calls are done via an encrypted binary protocol which looks like a VPN connection for network providers
    • It looks and registers in network as an ordinary smartphone
  5. No viruses/trojans with hardened OS.

CellKnox overview

  • Point-to-point Encrypted Voice Calls with HD audio
  • End-to-End Encryption
  • Encrypted Text Messages
  • Encrypted Group Chats
  • Encrypted File transfer
  • Encrypted Video Messages
  • Support of extended security set
    • remote revocation
    • panic wipe
    • 5 times incorrect password entry wipe
  • Only signed, pre-checked apps allowed
  • Full verified boot, covering all firmware and OS partitions
  • Safe against all major vulnerabilities, avoids exploits
  • Filesystem layer encryption, covering all data and metadata

CellKnox OS security specs

  • Unsigned apps installation disabled
  • Full verified boot, covering all firmware and OS partitions
  • Forensic wipe feature
  • Preventing all major vulnerabilities, avoiding exploits
  • Filesystem layer encryption, covering all data and metadata
  • UX focused on security: separate lock screen, encryption passwords, etc
  • Backported security, regular updates (patching) to address new threats
Key exchange DH 8192 or ECC B571 (over Binary Fields) / ECC P521 (over Prime Fields)
Encryption AES 256 in the GCM  mode
Hash function SHA512
PRNG source Several options available:

Non-blocking /dev/urandom

Custom software/hardware (HSM) entropy source

Mixing user input (radio signal, touch screen, audio, camera) to provide better entropy
Authentication Built-in Public Key Infrastructure (PKI) system, certificate based authentication
Secure communication protocol Custom binary communication protocol featuring:

  • New encryption key exchange per call
  • Backward and forward secrecy
  • End-to-end encryption, e.g. only the participants hold encryption keys
  • Mutual point-to-point authentication
  • Data integrity

Replay and mirroring attack protection

All crypto parameters meet the highest, governmental, security level

Here is the table with the minimum level of security depending on the key exchange algorithms used. We have taken it from the NIST Recommendations.

Our solution implements ECC 571 and/or DH 16 384* key exchange which is even above the green line.

*In some implementations DH 8192 algorithms is used due to certification reasons.

SV works with all networks

  • Satellite
  • Mobile (3G, 4G, 2.5G)
  • Wi-Fi
  • Landline (Ethernet)

Adjusts to almost any mobile coverage quality

  • LTE, TD-LTE, LTE Advanced
  • IEEE 802.11 (WiFi): 802.11b, 802.11b/g, 802.11n
  • HSDPA+, HSDPA
  • UMTS, UMTS-TDD
  • HSPA, HSPA+
  • CDMA EV-DO (Rel. 0, Rev.A, Rev.B)
  • EDGE, Evolved EDGE

Out of the box CellKnox Operating System is available for Premium and Budget models

CellKnox Premium

CellKnox Silver

                            CellKnox Premium

CellKnox Silver

The CellAegis Communication Server for corporate communication systems

The CellAegis Server communication system can be installed on corporate premises. It acts as a communication system backend to register/manage CellAegis user and initiate the communication.

Features:

  • Сomplete control over the corporate telephone system
  • No 3rd party services
  • Authorized devices only, with hardware binding
  • PKI infrastructure and certificate management
  • Control panel for managing users and keys
  • Extended PKI support
  • Client and server apps protected from third party interference
  • World Wide and Regional servers infrastructure supported
  • Redundancy and Load Balancing
  • Secure devices support: CellKnox phone
  • BYOD support: iOS, Android, PC and Mac (beta)

Usage of standard servers

Our solutions work on standard servers, easy to buy or rent. All servers can be locally located or can be located in undisclosed data center.

Our solution – standard server

Others – special server
Can be chosen from a large variety

Can be rented from a data center

No geographical limitations

No extra attention – the staff do not know what is inside the server

 Can be tracked (such servers are rare)

Can be bugged

Limitations with import/export

Licensing and control by the USA or country of production

Serves as a warning beacon (red flag) for secret services

Hard to sustain in a data center

Linked to a country (import/export limitations)

Proceed with free expertise, consultancy and Pilot

Total anonymity and only individual approach.

Let us study your case and bring the most feasible platform-based solution:

CELL AEGIS
Request free expertise. Start with Pilot

Complete control

All communication servers, cloud storage and key management solution сan be deployed at customer’s premises and is fully controlled by customers.

As a result you get a fully encrypted protection of your conversations, text and file transfer.

If compared with cloud-based solutions, in our case it would be hard even to understand that you are using an encrypted call solution. Since your phone will not be connected with a 3rd party communication server, rather to your own server.

This is the principal difference – the entire solution is in the customer’s hands and not in the providers.

The client is given the opportunity to fully check the source code and personally compile the application.

Moreover, large/VIP customers can get the full source code.

Our solution

Others
Our solution is sold as a platform – allows anonymity and no sharing info with the government.

The client is able to fully check the source code

Compile and take it with you

Full source code access for VIP customers

 Their solution is sold as a final solution, hence is available to government secret services and (sometimes) has a backdoor

Usually the source code is unavailable

Seldom access to the source code is partially available. Often to cryptography (and what does that give you, if the recording can conducted through another source, let’s say the microphone?)

CellAegis for Bring Your Own Device (BYOD)

Major reason why many security solutions are not used daily is that not everyone has an encrypted phone. Great solution is CellAegis for BYOD

The system runs on standard iOS and Android smartphones, which allows you to install the solution independently and eliminates tracking at the purchasing/delivery stages.

CellAegis works on the iPhone 5C, 5S, SE, 6, 6+, 6S, 6S+, 7, 7+, 8+, X (OS 8.x.x and higher) or any Android device with OS 4 and higher

We support the following versions of Android:

  • 4.0 – 4.0.4 Ice Cream Sandwich
  • 4.1 – 4.3.1 Jelly Bean
  • 4.4 – 4.4.4 KitKat
  • 6.0 – 6.0.1 Marshmallow
  • 7.0 – 7.1.2 Nougat
  • 8.0 – 8.1 Oreo

We support the following versions of iOS:

  • 8.x.x. – Final version: 8.4.1
  • 9.x.x. – Final version: 9.3.5
  • 10.x.x. – Current version: 10.3.3

CellAegis BYOD overview

  • Point-to-point Encrypted Voice Calls with HD audio
  • End-to-End Encryption
  • Encrypted Text Messages
  • Encrypted Group Chats
  • Encrypted File transfer
  • Encrypted Video Messages
  • Jailbreak/Root detector module integrated
  • Support of extended security set
    • remote deletion of messages feature (all memory space rewrites with ones, zeros, pseudo-random sequence five times)
    • panic wipe feature (forensically unreadable)
    • 5 times incorrect password entry wipe (forensically unreadable)
    • remote certificate revocation feature

Our solution – standard iOS/Android device

Others – special phone
Can be picked randomly from a large variety of choices

Very difficult to track the purchase

No import/export limitations

Not associated with the country of production

No attention from secret services/government structures

 Can be tracked during use

Can be bugged during delivery

Limitations on import/export

Licensing and control by the USA or country of production

Serves as a warning beacon (red flag) for secret services

Why CellAegis

CellAegis Platform was developed by European-based company specializing in security solutions and mobile development with more than 15 years of experience in security market.

  • Experienced team of mobile development professionals
  • Expert in security of communication systems, networks, enterprise software
  • Verified and certified by governmental institutions in different countries
  • Ready for pre-deployment revision, audit and certification
  • Reasonable and flexible pricing policy
  • Honesty and fairness as core company values

Try Secure Voice

Book a Demo or contact us with any questions you might have

13 + 2 =

Tel: +49 335 2288 3873

Skype: fivepro.customer.care

Monday-Friday 10:00 – 18:00 CET

Email:

customer.care@5pro.com

Try CellAegis

Book a Demo or contact us with any questions you might have

Copyright 2018 CELL AEGIS

conter12