If you are referring to “decoding” RedPhone, you are likely looking at the cryptographic process used to decipher the encrypted communications of RedPhone, a pioneering open-source mobile application designed for secure, encrypted voice calls. Developed by security researcher Moxie Marlinspike and Whisper Systems, RedPhone was later integrated into what is known today as the Signal app.
Understanding how RedPhone worked and how its traffic was handled requires analyzing its underlying security protocols. The Core Encryption Protocol (ZRTP)
RedPhone did not use standard cellular network encryption, which is vulnerable to interception. Instead, it functioned as a Voice over IP (VoIP) application and secured calls using ZRTP (Zimmermann Real-time Transport Protocol).
Diffie-Hellman Key Exchange: When a call was placed, the two devices negotiated a temporary, shared cryptographic key using a Diffie-Hellman exchange over the Real-time Transport Protocol (RTP) stream.
No Centralized Key Storage: Because the keys were generated directly between the two endpoints, the RedPhone servers never held the keys. This meant the service providers could not decode or decrypt the call.
Ephemeral Keys: Keys were destroyed as soon as the call ended, providing perfect forward secrecy. The Short Authentication String (SAS)
To mathematically confirm that no one was “decoding” or intercepting the conversation via a Man-in-the-Middle (MitM) attack, RedPhone utilized a Short Authentication String (SAS).
Two-Word Verification: Once the connection was established, both users’ screens would display the exact same two random words.
Mouth-to-Ear Authentication: Callers read these words out loud to one another. If a malicious actor attempted to intercept and decode the stream, the cryptographic math would break, causing the words on the two screens to mismatch and alerting the users. How Signaling Bypass Worked
Unlike modern apps that stay constantly connected to the internet, early RedPhone used a unique signaling mechanism to save battery:
The Silent SMS: When you called someone, the app sent a secure request to the RedPhone server.
The Wake-up Call: The server sent a hidden, specially coded SMS to the recipient’s device.
Decoding the Signal: The RedPhone app running in the background intercepted and decoded this specific text message, woke the phone up, and initiated the encrypted data call over Wi-Fi or 3G/LTE. Evolution into Signal
In late 2015, Whisper Systems officially combined RedPhone (encrypted voice) and TextSecure (encrypted texting) into a unified application called Signal. The core philosophies of RedPhone—including endpoint-only decoding and strict identity verification—remain foundational pillars of modern consumer encryption.
Leave a Reply