PTT (PoC) ENCRYPTION
RSA/AES
This is a hybrid type of encryption.
RSA is an asymmetric public key encryption algorithm and is considered the standard for encrypting information in the online environment.
The result of RSA encryption is an amalgam of data that makes it difficult to hack into your processing system, making it virtually invulnerable, as a second, private key is required to decrypt the encryption.
AES: The Advanced Encryption Standard (AES) is the algorithm trusted by governments and organizations around the world.
AES is considered secure from threats because of its versatility in generating keys of 128, 192 and 256 bits in length.
SM2/SM4
SM2 is a public key cryptographic algorithm based on elliptic curves, used for e.g. generation and verification of digital ignatures; SM3, a hashing algorithm comparable to SHA-256; and SM4, a block cipher algorithm for symmetric cryptography comparable to AES-128.
The SM2 implementation has been added to block BA414EP, the public key engine.
SM3 is now part of BA413, the fast and complete hashing engine.
And SM4 has been implemented in a new, dedicated IP core BA419.
Both RSA/AES and SM2/SM4 are widely used encryption algorithms, but the choice between them depends on several factors like security needs, regulatory requirements, and operational context.
Here's a breakdown of each option to help you decide which is better for securing your communications:
RSA/AES:
RSA (Rivest-Shamir-Adleman) is an asymmetric encryption algorithm that is widely used for secure key exchanges, digital signatures, and encrypting small amounts of data. It is based on the difficulty of factoring large prime numbers.
AES (Advanced Encryption Standard) is a symmetric encryption algorithm used for encrypting large amounts of data efficiently. It is one of the most widely adopted encryption standards in the world, known for its speed and security.
Pros:
RSA is well-tested and globally trusted.
AES is extremely fast and efficient for encrypting large datasets.
Both RSA and AES are commonly supported across different platforms and systems.
Suitable for cross-border communications, as it complies with international standards.
Widely used in commercial applications, making it easier to find support and implement.
Cons:
RSA key lengths need to be larger to maintain security as computational power increases.
RSA is slower compared to other asymmetric algorithms (e.g., elliptic curve cryptography).
SM2/SM4:
SM2 is an asymmetric encryption algorithm based on elliptic curve cryptography, while SM4 is a symmetric encryption algorithm. Both are part of the Chinese encryption standard known as the SM (ShangMi) series, designed by the Chinese government.
Pros:
SM2 is based on elliptic curve cryptography, which can achieve similar security levels as RSA with shorter key lengths, making it faster and more efficient.
SM4 is designed to be efficient and secure for bulk encryption, comparable to AES.
Compliance with Chinese regulatory standards: If you are operating in China or with Chinese companies, SM2/SM4 may be required for legal compliance.
Security level: Both SM2 and SM4 are strong algorithms, theoretically as secure as RSA/AES.
Cons:
SM algorithms are relatively less known outside of China, and global support for SM2/SM4 is more limited compared to RSA/AES.
Interoperability might be an issue if your systems or partners are based outside of China or use international encryption standards.
Potential concerns regarding trust for non-Chinese users, as SM algorithms are government-designed.
Key Considerations:
Regulatory Compliance: If you are operating or communicating with entities in China, SM2/SM4 might be required or preferred. Otherwise, RSA/AES is the more globally recognized standard.
Performance: SM2 may offer better performance for asymmetric encryption compared to RSA due to elliptic curve cryptography.
Global Trust and Support: RSA/AES has a broader base of support and is generally trusted worldwide.
Security: Both options provide strong security, though SM algorithms are relatively newer and less widespread outside of specific regions.
Conclusion:
RSA/AES is likely the better choice if you're seeking a widely trusted, well-supported, and globally recognized encryption standard, especially for international business and communications outside of China.
SM2/SM4 might be preferable if you're dealing with Chinese entities or need to comply with Chinese encryption standards, or if elliptic curve cryptography (ECC) offers specific performance advantages for your use case.
Ultimately, your decision should be based on your operational region, the need for cross-border communications, and whether regulatory compliance with Chinese standards is required.
PREFERRED ENCRYPTION IN EUROPE
For Europe, RSA/AES is generally the preferred choice due to its wide acceptance, trust, and compliance with European regulations. Here's why:
1. Regulatory Compliance:
RSA/AES is compliant with European regulations, such as GDPR (General Data Protection Regulation) for securing personal and sensitive data.
RSA/AES is also widely supported and accepted by European cybersecurity frameworks like ENISA (European Union Agency for Cybersecurity) and eIDAS (Electronic Identification and Trust Services), which set standards for digital security in Europe.
SM2/SM4 is not widely adopted in Europe and is not referenced in most European cybersecurity frameworks.
2. Trust and Support:
RSA and AES are well-established and trusted in Europe, with a long history of cryptographic strength and extensive use in both public and private sectors.
Interoperability: RSA and AES are globally supported and widely interoperable with other encryption systems used across Europe, making them ideal for cross-border business and communications within the EU and beyond.
SM2/SM4, on the other hand, is primarily used in China and is less recognized or trusted outside of Chinese regulatory environments, including in Europe.
3. European Standards:
ENISA and other European bodies support and recommend AES for symmetric encryption and RSA (alongside elliptic curve cryptography options like ECC) for asymmetric encryption.
RSA/AES is used extensively in digital certificates, VPNs, TLS/SSL protocols, and email encryption (e.g., PGP, S/MIME), all of which are critical for secure communications within Europe.
4. Encryption Ecosystem:
Europe has a mature ecosystem of cybersecurity tools and platforms that support RSA/AES. Many encryption products (e.g., OpenSSL, GPG, commercial VPNs) are based on or compatible with RSA/AES.
AES is particularly favored for data-at-rest encryption (e.g., for storage) and data-in-transit (e.g., for communications encryption), making it the default choice in many European industries.
5. Elliptic Curve Alternatives:
While RSA/AES remains the standard, elliptic curve cryptography (ECC) alternatives such as ECDSA or ECDH are also gaining popularity in Europe for asymmetric encryption.
These provide stronger security with shorter key lengths (similar to SM2).
However, this is distinct from SM2/SM4 and would still be more trusted and interoperable across Europe than SM algorithms.
Conclusion for Europe:
For secure communications in Europe, RSA/AES is the better option, as it is:
- Trusted and compliant with European regulations.
- Widely supported across platforms and applications.
- Known for its strong security track record.
If you need additional asymmetric encryption strength with shorter key lengths, you could also consider using elliptic curve cryptography (ECC), which is more accepted in Europe than SM2/SM4.
RSA/AES and SM2/SM4 Hacking
No encryption method is completely immune to being hacked, but both RSA/AES and SM2/SM4 are considered very secure when implemented correctly and with adequate key lengths.
However, the possibility of hacking depends on several factors, such as the strength of the algorithm, the key length, vulnerabilities in the implementation, and potential advances in computing technology (like quantum computing).
1. RSA/AES:
RSA:
Security: RSA is currently secure if sufficiently large key sizes (e.g., 2048 or 4096 bits) are used. RSA's security relies on the computational difficulty of factoring large numbers, a problem that classical computers cannot solve efficiently.
Potential Weaknesses:
Key length: RSA with smaller key sizes (e.g., 1024 bits or less) can be vulnerable to attacks using modern computational power.
Implementation flaws: Poor implementation of RSA, such as weak random number generation or improper padding schemes (e.g., Padding Oracle attacks), can introduce vulnerabilities.
Quantum computing: In theory, a large-scale quantum computer could break RSA by using Shor's algorithm, which can factor large numbers much more quickly than classical algorithms. However, quantum computers are not yet advanced enough to break RSA in practice.
AES:
Security: AES is highly secure and widely trusted when implemented with sufficient key lengths (128, 192, or 256 bits). There are no known practical attacks that can break AES when used properly.
Potential Weaknesses:
Brute-force attacks: With sufficiently large key lengths (e.g., 256 bits), brute-force attacks are computationally infeasible, even with today's technology.
Side-channel attacks: AES can be vulnerable to side-channel attacks if it is not implemented properly. For example, attackers may exploit the physical properties of the system (e.g., power consumption, timing information) to extract the key.
2. SM2/SM4:
SM2:
Security: SM2 is based on elliptic curve cryptography (ECC), which is generally considered secure and more efficient than RSA in terms of key size. SM2 is comparable to other ECC algorithms like ECDSA or ECDH in terms of security.
Potential Weaknesses:
Like all ECC algorithms, SM2 can be vulnerable if the elliptic curve parameters are not chosen correctly or if there are weaknesses in the specific curve used. However, with standard curves, SM2 is considered secure against classical attacks.
Quantum computing: Similar to RSA, a future quantum computer could potentially break SM2, as elliptic curve cryptography is also susceptible to quantum attacks (using Shor’s algorithm).
SM4:
Security: SM4 is a symmetric encryption algorithm similar to AES in structure and security. When used with sufficient key sizes (128 bits), SM4 is considered secure against brute-force attacks and other classical attacks.
Potential Weaknesses:
SM4 has not been scrutinized as thoroughly by the global cryptographic community compared to AES, so there is less public research on potential weaknesses.
As with AES, SM4 could be vulnerable to side-channel attacks if not implemented properly, but no major weaknesses have been identified to date.
Can they be hacked?
Classical attacks: Both RSA/AES and SM2/SM4 are considered highly secure against classical cryptographic attacks as long as proper key sizes and implementations are used.
Quantum computing threat: Quantum computers pose a significant threat to both RSA and ECC-based algorithms (like SM2). AES and SM4, being symmetric algorithms, are more resistant to quantum computing attacks but would require doubling the key size to remain secure in a post-quantum world (e.g., using 256-bit AES keys instead of 128-bit).
Known Vulnerabilities:
Implementation flaws: Many hacks occur not because the algorithm itself is weak, but because of poor implementation.
For example, improper random number generation, weak key management, or vulnerabilities in the system where the encryption is implemented can lead to security breaches.
Side-channel attacks: Both RSA/AES and SM2/SM4 can be vulnerable to side-channel attacks (attacks that exploit physical implementation aspects like timing, power consumption, etc.), but these can often be mitigated with proper implementation.
Mitigating Risks:
Use strong key lengths (e.g., 2048-bit RSA, 256-bit AES).
Follow best practices in implementation, especially for key management and padding.
Be aware of potential side-channel attacks and ensure physical and network security measures are in place.
Start preparing for the post-quantum cryptography era, where quantum-resistant algorithms will become necessary.
Conclusion:
RSA/AES and SM2/SM4 are secure today against classical computing attacks, but their security depends on proper key length, implementation, and defenses against side-channel attacks.
Quantum computing presents a future threat, especially to RSA and SM2, but it is not an immediate concern as quantum computers capable of breaking these algorithms do not yet exist.
TRUNKING Digital System
Coverage: infrastructure communication solutions only communicate in the geographical area covered by the deployed infrastructure.
There’s no redundancy in communications. In our Company service we have more than 150 partnerships internationally and we can offer national and international communication where telephone coverage is available.
Our Service Operator Mode Solution uses 2G, 3G, 4G and LTE data infrastructure of all external operators as opposed to technologies that use proprietary. Moreover, as in the same country we have more than one partnership with operators, we are always connected to the best communication range, so in the case that one operator stops working you’ll be connected to the next immediately.
In short, always the best communication possible inside the country and among other countries with our terminals.
Investment: it’s much more expensive to build and amortize a proprietary infrastructure than to use our service.
Immediate deployment: once we close a sale, we send the terminals and activate our service. Once those terminals are in the country, they can be available to use in a short time as opposed to the time you’ll need to use to build an infrastructure (1 year).
Our terminals are “push-to-talk”. You don’t have to wait for any ringtones. We offer real time communications worldwide.
You can make individual as well as group calls. Moreover, you can create unlimited use groups.
Robust: they are hard to break.
You can geolocalizate any terminal to know where they are.
Personalization to each client in terms of organization of groups and sectors inside the company.
Security: as opposed to other solutions with risk in security in communications and hosting, we offer 4 types of encryption to offer a safe solution.
Training for our customers. We train all of our clients until they completely understand how our terminals and service is used. Apart from, offering support for any question or issue they may have.
We offer the ability of installing client APKs on our terminals.
Advantages of A Trunked Radio System
Trunked systems are the ideal option for larger organizations that need expansive coverage as well as flexibility, convenience, and privacy throughout different talk-groups.
Advantages include:
Coverage: Since the system incorporates repeater technology, groups using frequencies can contact each other over greater distances.
The re-transmitting of signals helps reception just as much as it helps with reach.
With reinforced frequencies, radios using a trunked system will also experience stronger reception, even in areas where cell phones would not work.
Flexibility: The system can easily be changed to accommodate the needs of multiple departments without having to merge separate groups.
Convenience: The computer’s planning and assigning of frequencies makes channels available whenever groups are ready.
At any given time, a group will be automatically directed to whatever frequency is currently open, allowing talk-groups to use the signals when they need them.
In conventional systems, users may waste time listening for idle time on the channel they’ve manually selected while other channels are available.
Trunking reduces wasted time by finding an available channel and making the selection for them.
Privacy: Assigning groups to specific frequencies allows for more private conversation without the fear of another talk-group overhearing or interfering with an existing conversation.
