Professional Documents
Culture Documents
Secure Communications
The TopSecMobile connects to communications terminal equipment by means of Bluetooth. These terminals are predominately mobile phones. A TopSecMobile allows encrypted communications with an interoperable partner encryption device using almost any mobile phone with a Bluetooth interface. This provides voice encryption services for the majority of the mobile phones from a variety of manufacturers. The algorithms and methods used for encryption have been tried and tested with the TopSec product family. The TopSecMobile is the most secure voice encryption device for mobile communications on the market today. It features an elegant design, outstanding voice quality and is easy to use and operate. The TopSecMobile is plug-and-play compatible with most commercially available mobile phones interoperable with other TopSec products in analog and digital fixed networks, as well as in mobile radio and TETRA networks secure through state-of-the-art encryption and security processes
Versatile
Bluetooth interface to connect to end user communications terminal equipment TopSec Mobile works with almost every modern mobilephone Largely independent of mobile radio frequencies Can also be used with modems and satellite phones withBluetooth interface page 4
Manipulation-proof
Unrestricted use of the mobile phone convenience features TopSec Mobile security is independent of the mobile phone Cannot be identified by the mobile network provider page 5
Interoperable
Interoperability with: TopSecMobile in combination with a mobile phone TopSec GSM encrypting mobile phone TopSec 703+ encryption device for digital connections TopSec 711 encryption device for analog connections Future-ready page 8
The Bluetooth word mark and logos are registered trademarks owned by Bluetooth SIG, Inc. and any use of such marks by Rohde & Schwarz is under license.
Versatile
Bluetooth interface to connect to end user communications terminal equipment
The TopSecMobile voice encryption device utilizes a Bluetooth interface to connect to communications terminal equipment. The majority of the devices that are used with the TopSecMobile are mobile phones with Bluetooth. Bluetooth is a clearly defined standard that provides a stable communications interface between the TopSecMobile and the mobile phone. The TopSecMobile provides voice encryption versatility when connecting communications terminal equipment to the network.
Can also be used with modems and satellite phones with Bluetooth interface
The TopSec Mobile can be connected to an analog or ISDN modem or a satellite phone via the Bluetooth interface. It can be operated within fixed telephone networks, or can provide secure satellite communications worldwide. The TopSec Mobile requires a non-transparent data connection at 9.6kbps for encrypted connections.
Manipulation-proof
Unrestricted use of the mobile phone conveniencefeatures
Mobile phones provide a wide selection of features. Applications can often be downloaded later from the public telephone network. Providers also send unsolicited information to the mobile phone. This information is then used to configure the phone according to the provider's preferences. These capabilities are necessary to make mobility as broad and flexible as possible, to have the most current information on hand, or to ensure around-the-clock access to meeting and appointment schedules. Mobile phone acceptance depends heavily on such convenience features.
GSM
TopSec Mobile
TopSec GSM
The TopSecMobile is interoperable with most Bluetooth enabled mobile phones. Either a moTopSec Mobile Mobile phone with Bluetooth interface bile phone in combination with a TopSecMobile or a TopSec GSM phone can be used as partner equipment in the mobile radio network. Rohde & Schwarz TopSec Mobile 5
Certificate-based authentication
Another measure to prevent man-in-the-middle attacks is to create closed user groups. This requires the TopSec Administrator, which combines the functions of a trust center with the centralized administration of operational parameters. During an initialization process, the TopSec devices receive a certificate and generate a public key pair that is used for authentication. In closed systems, authentication between the TopSec encryption devices takes place automatically. An encrypted connection is only established if authentication is successful. Consequently, calls made using the TopSec encryption devices meet the highest security requirements.
Voice encryption using the Advanced Encryption Standard (AES) 256 bit key
The TopSec Mobile and the partner encryption device automatically agree on a new 256 bit key during each call setup. A key is randomly selected from a pool of 1076 possible keys and then deleted immediately upon completion of the call.
Device A
Assumption: common base point P0; public keys PA, PB are included in the certicate; private keys SA, SB are only available in devices A and B SB, PB = SB P0
Device B
SA, PA = SA P0
PB, QB
A selects a random value rA A calculates QA = rA P0 A calculates K = rA PB + (F(QA, QB) rA + SA) QB
PA, QA
B selects a random value rB B calculates QB = rB P0 B calculates K = rB PA + (F(QB, QA) rB + SB) QA
Neither rA, rB, SA nor SB were transmitted; only A and B have the random values rA or rB required for calculating the session key K
Interoperable
Interoperability
The TopSecMobile uses algorithms and methods for encryption that have been tried and tested with the TopSec product family. The products of the TopSec family are interoperable. Voice encryption in mobile radio networks is the primary application for the TopSecMobile. The communications partner can be reached over a mobile radio network, an analog or a digital fixed network. Secure voice encryption is possible in all of the above scenarios. The TopSecMobile compresses the voice call so that it can be transmitted at a data rate of 9.6 kbps. Either the V.110 or the V.32 protocol can be used to place a secure call with a communications partner on a mobile phone. This ensures interoperability with a second TopSecMobile or with a TopSec GSM encrypting mobile phone.
The V.110 protocol is selected to set up an encrypted voice connection via the TopSec 703+ ISDN encryption device. If the communications partner uses a TopSec711 for encrypted voice calls over an analog connection, the V.32 protocol is selected. After the appropriate network protocol has been selected, i.e. V.110 or V.32, the TopSec Mobile voice encryption device is interoperable with the TopSec GSM, TopSec703+ and TopSec 711.
Future-ready
The TopSecMobile is based on high-performance hardware with large storage capacity. The TopSecMobile firmware can be securely updated with TopSecAdministrator. This ensures that new challenges can easily be mastered with the TopSecMobile.
GSM
POTS
TopSec 703+
TopSec 711
TopSec Mobile
Functional elements
The TopSecMobile is a voice encryption device with integrated audio components. The figure below depicts the various functional elements of the TopSec Mobile. The TopSecMobile has an integrated microphone for talking. The loudspeaker integrated into the clip on the reverse side of the TopSecMobile is used to signal incoming calls. The loudspeaker integrated into the front side of the clip is used during the phone call and delivers outstanding voice quality. The TopSecMobile functions are controlled using a fiveway element that consists of a center key and a ring that can be activated in four directions. Information is shown on a three-line display. The display can be rotated by 180 to accommodate both right and left-handed users. The TopSecMobile has two additional keys to control the loudspeaker volume. A multifunctional interface for charging the battery and connecting a PC is integrated on the bottom of the device. A card reader on the side of the TopSec Mobile is used for the loadable encryption methods.
Loudspeaker
Operation
Startup
The TopSecMobile must be paired with a mobile phone before it can be used. Pairing is started by activating the Bluetooth search mode on the TopSecMobile. As soon as the desired mobile phone is selected, the PIN a random eight-digit number is displayed on the TopSecMobile. This PIN must be entered in the mobile phone. ABluetooth connection between the mobile phone and the TopSecMobile is established. The TopSecMobile is now ready for encrypted voice communications.
Power supply
A rechargeable battery supplies power to the TopSecMobile. The battery is recharged using the USB cable supplied with the TopSecMobile. There are two ways to recharge the battery: connecting the TopSecMobile to a USB port, such as on a laptop, or using the power supply unit that is delivered with the device.
Bluetooth
GSM
GSM network
10
Specifications
Specifications
Bluetooth standard Standby time Talk time Data rate Communications protocol Dimensions Weight version 2.0 up to 100 h up to 4 h 9.6 kbps V.32, V.110 99 mm 34 mm 22 mm (3.9 in 1.3 in 0.9 in) 58 g (0.13 lb)
Ordering information
Designation
Voice Encryption Device
Type
TopSec Mobile
Order No.
5411.0002
Worldwide J Worldwide Local and personalized J Local and personalized Customized and flexible J Customized and flexible Uncompromising quality J Uncompromising quality Long-term dependability J Long-term dependability
About Rohde & Schwarz Rohde & Schwarz is an independent group of companies specializing in electronics. It is a leading supplier of solutions in the fields of test and measurement, broadcasting, radiomonitoring and radiolocation, as well as secure communications. Established more than 75 years ago, Rohde & Schwarz has a global presence and a dedicated service network in over 70 countries. Company headquarters are in Munich, Germany. Environmental commitment Energy-efficient products Continuous improvement in environmental sustainability ISO 14001-certified environmental management system
ISO 9001
Rohde & Schwarz SIT GmbH Am Studio 3 | D-12489 Berlin +49 30 65884-223 | Fax +49 30 65884-184 E-Mail: info.sit@rohde-schwarz.com www.sit.rohde-schwarz.com www.rohde-schwarz.com Regional contact Europe, Africa, Middle East +49 89 4129 123 45 customersupport@rohde-schwarz.com North America 1 888 TEST RSA (1 888 837 87 72) customer.support@rsa.rohde-schwarz.com Latin America +1 410 910 79 88 customersupport.la@rohde-schwarz.com Asia/Pacific +65 65 13 04 88 customersupport.asia@rohde-schwarz.com
R&S is a registered trademark of Rohde & Schwarz GmbH & Co. KG Trade names are trademarks of the owners | Printed in Germany (ch) PD 5213.9792.32 | Version 04.00 | February 2011 | TopSec Mobile Data without tolerance limits is not binding | Subject to change 2008 - 2011 Rohde & Schwarz GmbH & Co. KG | 81671 Mnchen, Germany
5213979232