Are you sure?

Hungarian Encryption Frustrates Governments and Criminals Alike

A Hungarian innovation helps prevent mobile phone snoops picking up your trade secrets, and its potential business is about to get much bigger.

Gyuri Karady, director of business development for Arenim Technologies.

Szabolcs Kun, chief executive and co-founder of Arenim Technologies.

Gyuri Karady has long studied the risks of telephone eavesdropping: he can be very persuasive on the subject.

“If you are a western corporate executive chasing, say, a mining concession in an African country, where you are negotiating with the government and where there are a couple of other companies competing for the same contract, I’m sure you’d feel uncomfortable talking to your head office back home on a mobile phone about the deal,” he tells the Budapest Business Journal in a half statement, half question.

The implication is obvious: the price, the concession timeline, the bargaining tactics – almost every detail of the deal would be highly valued business secret – and it could all be compromised by illicit phone tapping.

The problem is any such phone call is at much a risk of interception in Budapest or Boston as it is in Banjul or Addis Abiba – indeed, perhaps even more so, such is the ready availability of the required gadgetry in the developed world.

At Risk

“Most corporates just don’t seem to have caught on that they are at risk – until itʼs too late. Just look at what corporate or bank IT managers are focusing on: it’s email, network security, firewalls,” he says.

Karady should know. A Canadian-Hungarian and former banker, he is director of business development for Arenim Technologies, a company set up to develop and market CryptTalk, an award-winning software package created in Hungary that is designed to combat phone tapping – and assure callers their conversation is unheard by any third party, be that a government agency, business competitor, tabloid journalist or criminal group.

Quietly launched in late 2014, CryptTalk has attracted almost 16,000 users world-wide: clients range from OTP Bank to television celebrities, from law firms to gemstone dealers. Revenues last year came to some EUR 0.4 million.

“Basically, it’s for anyone or any firm that needs privacy. Just recently we’ve been talking with two very big European football clubs: their managers need security for [transfer] negotiations, and their players to protect their private lives,” says Szabolcs Kun, chief executive and co-founder of Arenim Technologies.

With a track record in advanced telephone systems, Kun was first made aware of the hazards of eavesdropping by energy traders (and long-term clients) who reported being beaten by the finest of margins on bids for contracts submitted after discussions on mobiles. Such corporate eavesdropping was destroying their business. Kun investigated the problem and studied the solutions on offer.

Peer-to-Peer Encryption

They shunned the idea of using a separate, especially designed phone (a route used by some competitors) and focused on encrypting the voice message from every-day handset to handset – so-called “peer-to-peer” encryption.

By using a state-of-the-art algorithm (designated AS 256) as the basis for encryption, each conversation uses a separate code – sometimes several in a single call – which is not shared elsewhere and is unique to each call. This renders their system effectively unbreakable: any illicit eavesdropper using available monitoring equipment will receive only babble that would take an aeon to decrypt.

Equally, the system prevents even legal phone tapping by government agencies using the so-called “back door” available via telecom companies’ servers. Indeed, since the encryption key is neither shared nor stored, not even CryptTalk staff can intercept a call, nor can the call be saved and decoded later.

Zsolt Cseledi, a partner with law firm Oppenheim in one satisfied CryptTalk user: “The system is really impeccable. Voice quality is great, transition from Wi-Fi to 4G and vice versa is great. We were ensured right at the outset that the system would be stable … [which] was of paramount importance for us, given that we wanted to offer this service to our clients,” he says. Some “small hiccups” encountered have been “mainly attributable to poor mobile networks and not to the product itself”.

Karady freely admits that rivals use the AS 256 algorithm: where CryptTalk scores is through attention to detail in all aspects of the package. “Itʼs not about my encryption is stronger than your encryption, because the encryption is strong enough,” he says. “But there are a whole bunch of other things, like authentication, like the way you exchange and manage the keys, the way you protect this information within the phone.

“Itʼs the whole system: this is where we think CryptTalk is more systematic and better protected than many of our competitors who have not been quite as careful putting it all together.”

Android Compatible CryptTalk Ready for Launch

Arenim Technologies will launch a version of CryptTalk compatible for Android-based smartphones “in late September or early October” Szabolcs Kun tells the BBJ. Given that Android phones far outnumber their iOS rivals across the globe, the move promises to be a major milestone in CryptTalk’s development.
“I think this will lead to exponential growth in users; we have been losing users daily because weʼve not been able to supply Android users,” Szabolcs says.
The Budapest-based development team initially focused only on devices using Apple’s iOS operating system because of its inherently superior security characteristics, but has long sought to offer CryptTalk to users of the more popular Android smartphone.
For a time, Kun even toyed with the idea of introducing a special CryptTalk for Android – accompanied with a warning that it was not a 100% guaranteed protection against malware – but ultimately held back, fearing the compromise could taint its otherwise impeccable record achieved with the Apple system.
But in the past two years, Google, the owners of Android, have made “serious improvements” to the system says Kun, enabling the security characteristics of its latest devices to a level that has enabled Arenim Technologies to design a CryptTalk package without fear of compromise.
“CryptTalk for Android is especially important for us in countries like Korea, where weʼve recently opened a subsidiary,” says Kun. “Korea has Samsung, and that means almost every Korean uses Android phones. I think this [new application] will open the floodgates there.”