[liberationtech] Silent Circle experiences rapid growth in wake of NSA surveillance scandal

Mon Jul 1 11:35:13 PDT 2013

http://gcn.com/blogs/cybereye/2013/06/agencies-sudden-interest-encrypted-comm.aspx

Agencies showing sudden interest in encrypted comm

Silent Circle, the company that provides end-to-end BYOD encryption,
has introduced a Web-based management console to support large
deployments of crypto licenses. It was developed largely in response
to government demand for a tool to manage enterprisewide licensing,
said CEO Mike Janke.

Government was always a primary market for Silent Circle, but the
speed of adoption has caught the company by surprise.

“We had no idea that government customers would need a thousand
subscriptions,” said Janke, a former Navy SEAL. “We didn’t see any of
this coming. We envisioned 10 special ops guys, reporters in Sudan or
some individuals around the world.”

Silent Circle’s secure voice, text, mail and video communications have
gone in less than a year from being a point-to-point solution to an
enterprise tool. There has been strong adoption in the financial
industry and with oil companies, but “most of it was from [the Defense
Department] and other government agencies,” Janke said.

The company has benefited from current events, particularly recent
revelations about the National Security Agency’s surveillance of
Internet and telephone communications. Growth, already a strong 100
percent month-over-month, rocketed to 420 percent in the last
two-and-a-half weeks. Agencies that were buying 50 subscriptions now
are buying hundreds as concerns grow not only about government
snooping, but also of government leaking.

Encrypted communications is not new. What Silent Circle has done is
make it practical for bring-your-own-device environments by harnessing
the computing power of smart phones for crypto key management, cutting
the middle man out of the security equation. Keys remain in the hands
of the end users rather than a server, eliminating the need for trust
in a third party.

Secure peer-to-peer connections with Silent Circle Android and iOS
apps use the Zimmermann Real Time Transport Protocol, a crypto key
agreement protocol for voice over IP that uses the Diffie-Hellman key
exchange and the Secure Real Time Transport Protocol. Encryption is
done with NSA Suite B cryptography, a public interoperable set of
crypto tools that include the Advanced Encryption Standard, Secure
Hash Algorithm 2 and elliptic curve digital signature and key
agreement algorithms. The company operates its own network with SIP
servers and codecs, but all encryption and security remain on endpoint
devices.

Just 35 percent of the company’s business is in North America, with
the rest of it off-shore in countries where security has long been a
bigger issue than here. “We look at things in a bit of a bubble here
compared to the rest of the world,” Janke said. People in Europe and
Asia not only have to worry about NSA snooping, but also about their
own intelligence agencies.

Although it is available in time to take advantage of the post-PRISM
boom in secure communications, the new console was in the works well
before the NSA leaks. “It took five months for our team to create
this,” Janke said, primarily because of the security required for the
portal. The console is a business management tool only and has nothing
to do with encryption. It does not hold or manage keys and does not
have access to message content. “It in no way, shape or form touches
the technology.”

Despite the unexpected growth, Janke said Silent Circle is holding to
its course for releasing new products this year, several of which,
requested by government customers, now are in beta. These include
encrypted file transfer from desktops, secure video conference calling
and encrypted voice mail.

Posted by William Jackson on Jun 28, 2013 at 9:41 AM