Photo Phone

Overview

All image, text and file data used within a Photophone Session is encrypted 'over the wire' when sending data from and to clients (Desktop / Laptop and PDA). The image, text and file data is also held on the server in the same encrypted form. Industry standard 256bit encryption is used. Each session has its own encryption key which has been derived from the session password, thus only those who have been entrusted with the password can view the above data whilst in a session. The session password (and the derived key) is not stored on any computer, nor ever sent 'over the wire' - it is only known to authorised users. In addition to the data encryption, Photophone incorporates its own certificate protection using 128-bit encryption for securing the various modes of communication over which it operates. Therefore, the Photophone is now transmitting 256-bit encrypted data over a 128-bit encrypted line.


Technical

256bit AES (Rijndael) Encryption is used on Sessions. Each session encryption key (256bit) is cryptographically random generated when each session is created using RNGCryptoServiceProvider. A randomly generated salt is used to ensure that encrypting the same data twice results in a different encryption stream. This is to prevent against Dictionary attacks. The session encryption key itself is protected by encryption - again 256bit AES (Rijndael). This uses the Session Password as a seed to create a 256bit key using RFC 2898 which implements 'PBKDF2 / PKCS #5' based on HMACSHA1 with 1000 iterations.


Additional

It is also recommended that all Photophone XT clients (Desktop and PDA) are protected using an approved method such a BeCrypt for hard drives and storage cards. This is to mitigate problems that might occur if the Laptop or PDA was lost or stolen.

Applications:

Surveillance operations
Kidnap/Extortion operations
Airport/Port X-ray examination
Counter-Terrorist operations
Emergency Response
Scene of Crime
Football Policing Support
Air Support imagery
Map Tracking Broadcast