RedPhone voice encryption system for Android open sourced
Security company Whisper Systems has announced that the code for its RedPhone application is now available as open source. RedPhone is an app for Android smartphones that encrypts VoIP calls using the ZRTP open standard. It integrates with the system's dialler for what the developers describe as a "frictionless call experience".
Unlike other applications, the app doesn't use a SIP gateway to communicate; instead, it establishes a direct connection to another RedPhone user via Wi-Fi or UMTS. A server operated by Whisper Systems, which sends a text to the receiving caller to initiate the connection, is required to set-up the connection. Separate accounts are not needed as RedPhone uses the Android device's phone number to identify users.
RedPhone was originally created by security researcher Moxie Marlinspike, whose company Whisper Systems was acquired by Twitter in November of last year. Another of Marlinspike's apps, TextSecure – which encrypts text messages using the Off-the-Record-Messaging protocol and elliptic curve-based cryptography – was open sourced in December 2011.
Further information about RedPhone, including developer resources and technical documentation, is provided on the RedPhone wiki. Version 0.5 of RedPhone, which is currently considered to be in beta, is available from the Google Play store for devices running Android 2.2 or later. Source code for the app can be downloaded from Whisper System's GitHub repository and is licensed under the GPLv3.
(crve)