Secure desktop VoIP telephone set
CryptoPhone IP-19 is a
secure encrypted Voice over Internet Protocol (VoIP) desktop telephone set,
developed in 2010 by
Gesellschaft für Sichere Mobile Kommunikation mbH (GSMK)
in Berlin (Germany), and partner
company Snom Technology AG, also in Berlin (Germany).
The device is based on the Snom 870 IP phone, and is also known as the
Snom 870 CryptoPhone Edition [B].
Basically, it combines Snom's 870 IP phone, with GSMK's hardened
operating system with end-to-end voice and data protection, using AES256
and Twofish encryption with 4096 bit Diffie-Hellman key exchange (SHA256).
All keys are destroyed automatically at the end of each conversation.
The image on the right shows a typical IP19 with standard handset.
Powered by a mains adapter or Power over Ethernet
(PoE), it supports Gigabit Ethernet and has sockets for connection of
a PC (RJ45) and optional USB add-ons. It can also be used with
Inmarsat BGAN satellite terminals [A].
The device featured here, was anonymously donated to Crypto Museum in
November 2020. It had been used between 2012 and 2016 by WikiLeaks activists
in Berlin and London, in relation to the
Snowden Revelations of the
controversal – since ruled illegal – PRISM mass surveillance program of the US
National Security Agency (NSA) (NSA) . 1
A similar IP-19 set, used by WikiLeaks at its London office, was later found to
be compromised with a sophisticated listening device (bug).
The CryptoPhone IP19 was the first secure wired IP telephone
developed by GSMK, that was based on one of Snom's standard IP phones.
It was announced in 2010  and marked the beginning of a long-term
partnership between GSMK and Snom . The Snom 870 was last sold
in June 2015 and was supported until June 2017, after which it was
succeeded by the D765 and D785 models.
Edward Snowden is a former CIA/NSA contractor turned whistleblower.
In 2013, he released thousands of classified documents about the
NSA's unlawful PRISM mass surveillance program to the press.
The diagram below gives an overview of the controls at the front panel
of the CryptoPhone IP-19. At the left is a cradle with the handset. It
has a coiled cable that is connected at the rear. At the right is the
keypad, which has the regular telephone buttons, plus a number of special
purpose keys. At the top right is a colour LCD, with navigation keys
below it. The unit can be powered by a 5V DC mains adapter – connected
at the rear – but also via the RJ45 Ethernet connection (PoE).
When powered, the device automatically connects to the network via
It was not supplied with a user manual, as full instructions
are available on the LCD screen at the touch of a button. Each GSMK
secure phone comes with a pre-configured fixed telephone number that
is shown on the screen, but is also available on a printed label at
the rear, in the format +807 12345678.
The IP-19 is extremely user-friendly and does not require a long and
complicated installation procedure. Just connect the phone to the network and
dial the number of the desired party. All keys are generated and exchanged
automatically and will be destroyed at the end of the call.
In addition, an extra — easy to use — authentication dialogue is available
from the display after intiating a call. This is done as an extra
safety measure against man-in-the-middle attacks.
The interior of the IP-19 can be accessed by removing 8 recessed
screws from the rear side of the device, after which the
back panel can be taken off,
as shown in the images below. All electronics are
concentrated on two well-designed printed circuit boards (PCBs):
a large one and a small one.
Although the device is not built to TEMPEST standards — the plastic case
is unshielded and the lines are unfiltered — it is well-designed and
well-built. The fact that it is manufactured in China can be regarded
as a disadvantage, but tampering with the firmware is highly unlikely,
as it is replaced – in Europe – by GSMK's own firmware that runs on
a hardended operating system [A].
According to the manufacturer of the CryptoPhone, it uses
a strong encryption scheme that is difficult (or impossible)
to break. However, there are other ways of tapping a secure telephone.
In March 2018, the bug shown in the image on the right was found inside
a CryptoPhone that was used by WikiLeaks journalists in London in relation
to the revelations of NSA whistleblower
Given the highly professional signature of the device,
it seems likely that it had been implanted by an intelligence service.
➤ More information
- Secure Voice over IP (VoIP) communication
- Not suitable for regular (insecure) VoIP/SIP calls
- Gigabit Ethernet IEEE 802.3 10/100/1000 BaseT (RJ45)
- Compatible with Inmarsat BGAN satellite terminals
- IEEE 802.11b/g/n/ wireless LAN support (option)
- Strong encryption algorithms AES256 and Twofish
- 4096 bit Diffie-Hellman key exchange with SHA256 hash
- Readout-hash based key authentication
- 256 bit effective key length
- Encryption key destroyed at end of call
- Compatible with all GSMK CryptoPhone IP products
- Suitable for PBX/PABX integration
- Open source
- GSMK CryptoPhone IP 19, Brochure
- Snom 870 IP CryptoPhone Edition, product leaflet
Snom Technology AG, February 2011, version 1.1.
- Snom 870 IP phone, product leaflet
Snom Technology AG, July 2013, version 3.0.0.
- Snom 870 IP phone, datasheet
Snom Technology AG, November 2015, version 3.0.2.
- Snom 870 User Manual
Snom Technology AG, 2009, version 1.01.
Any links shown in red are currently unavailable.
If you like the information on this website, why not make a donation?|
© Crypto Museum. Created: Friday 06 November 2020. Last changed: Tuesday, 28 March 2023 - 13:39 CET.