Why trust KvantPhone with your privacy?
A personal message from Sab Kun
Co-Founder & Executive Chairman of
Arenim Group
Our security philosophy
No matter in which country you live, security and privacy issues are rarely out of the news headlines these days.
As a result, we know that when choosing a security product, most people question why they should trust the software and those who created it. Credibility and trust are at the heart of the KvantPhone service.
This is why we operate with total transparency. We want what we offer to be crystal clear because this is important to our clients who value their personal privacy.
Our mission is to offer a product that gives the best protection in the world at an affordable price, and which is designed with the future in mind. Our team of more than 20 security specialists and telecommunications and software engineers apply their wealth of expertise to the design and implementation of KvantPhone with this objective in mind.
Let me explain our guiding principles in greater detail.
The pillars of KvantPhone’s approach to security:
Systematic,
thorough and
adaptive approach
Best-practice
cryptography
Ongoing, regular
third-party security
assessments
Your security is at the heart of everything we do.
We know that KvantPhone’s success is entirely based on trust and reputation, which take years to build, but only moments to lose. This is why we have to be systematic and exceptionally thorough.
Over the past fifteen years, we assembled an experienced team of top-level telecommunication and software engineers, IT security experts, and operational managers whose mindset reflects these qualities.
They are a very talented, clever, and dynamic group who also know that especially in our line business, they must constantly adapt to change in order to succeed and excel. We constantly look for ways to test ourselves, and we challenge assumptions about everything.
We have enormous respect for our customers, both large and small. We know you’re entrusting us with the task of protecting your confidential mobile voice communications and safeguarding your private and business secrets. Failure to protect these private conversations could well result in reputational and financial loss, and in some circumstances may even put lives at risk. This is why we are continually improving KvantPhone, fine-tuning its security features while enhancing convenience of use.
All our staff adhere to a strict code of contact:
- We follow strict internal security policies.
- We adhere to the latest and most secure software development standards and methods.
- We only use best-practice cryptography in our systems.
- Internal security tests and challenges are part of our everyday quality control procedures.
- We only work with in-house developers on our payroll. Freelance developers working elsewhere may be cheaper, but ensuring the security of such an open network is impossible in practice.
- We keep up with emerging security-related developments and trends. We constantly update our thinking, seeking to strike a balance between maximal security and ease-of-use.
- We have an on-going dialogue with external, independent security experts and auditors, quickly implementing their recommendations. We also work with prominent ethical hackers who review our solutions and strengthen our quality control procedures.
Best-Practice Cryptography
KvantPhone only uses best-practice algorithms that are recommended by thought-leaders in IT security. These algorithms are also approved and recommended by government security and military services.
Just as in the space industry, our product must work every time and under any condition. Accordingly, KvantPhone exclusively uses proven encryption and key-exchange algorithms.
KvantPhone also encapsulates post-quantum cryptography adding quantum resilience to our product. KvantPhone is uses “quantum-resistant” mode by default.
In the unlikely case that ours users might find it too early to adopting post-quantum cryptography too early, we can offer a legacy best practice mode as well.
| Quantum resistant mode |
 Media encryption |
AES-256 in GCM mode |
 Authentication |
One Time Password (RFC 4226) with SIP Digest |
 Key exchange |
X25519 + Kyber Key Encapsulation 1024 signed with Ed25519 + Dilithium5, E2E KEX |
 Private key protecion |
Patented, proprietary method for top security (see White Paper for details) |
 Man-in-the-Middle protection |
X25519 + KEM signed with Ed25519 + Dilithium5 |
 Integrity protection |
Signed Voice/IM packets |
 SRTP authentication |
AES-GCM AED |
 RTP authentication |
Secure RTCP |
 Replay attack protection |
Ratcheting mechanism |
| Backup/restore protection |
Password authenticated key agreement (OPAQUE) |
Ongoing regular third-party security assessments
KvantPhone – and its previous product CryptTalk developed in 2009 – is constantly reviewed and benchmarked by third-party reviewers. We analyze their feedback as part of our quality assurance program and use their recommendations to make improvements to the system. If our non-disclosure agreement allows it, we make third-party reviewers’ findings public. The following list summarises the disclosable reviews/audits. We regularly update this list as new reports become available. Copies of the full (disclosable) reports are available from Arenim upon request.
Third-party security review track record –
Arenim’s secure communication product line
| Date | App version | Review done by | Description |
| 2012 June | CryptTalk 1.4 | YS | Re-assessment of the new registration process of the app’s iTunes version. Review of the user management and admin interface. |
| 2013 April – 2013 October | CryptTalk 1.8 | Gergely Trifonov – independent auditor | Application and system plan review |
| 2013 November | CryptTalk 2.0 | One of the “Big Four” firms | CryptTalk 2.0 Client and server system plan review |
| 2013 December – 2014 May | CryptTalk 2.0 | Gergely Trifonov – independent auditor | Continuous code and application review |
| 2014 May | CryptTalk 2.0 | Silent Signal | Mobile application security assessment |
| 2014 June – 2014 August | CryptTalk 2.4 | Gergely Trifonov – independent auditor | CryptTalk 2.4, 2.5 development support – continuous review |
| 2014 September | CryptTalk 2.4 | Gergely Trifonov – independent auditor | Mobile application security assessment |
| 2015 January | CryptTalk 2.5 | Gergely Trifonov – independent auditor | CryptTalk 2.5 Client and server system plan review |
| 2015 May – 2015 June | CryptTalk 2.5.0 | NCC Group, UK | Complex mobile application security assessment |
| 2015 September | CryptTalk 2.5.3 | Silent Signal | Re-assessment including new CT standard version’s registration process and internal admin interface |
| 2015 November | CryptTalk 2.7.2 | Silent Signal | CryptTalk iOS 2.7.2 |
| 2017 February | CryptTalk 2.9.5 | NCC Group, UK | CryptTalk iOS 2.9.5 |
| 2018 February | CryptTalk 3.4.0 | Silent Signal | AUMI 3.4.0 |
| 2018 March | CryptTalk 3.1.2 | Silent Signal | CryptTalk Android 3.1.2 |
| 2019 November | KvantMail 1.0.2 | Silent Signal | KvantMail security assesment for a white labeled product (iOS, Android, Webmail and Admin Interface) |
| 2021 December | CryptTalk 4.4 | Silent Signal | Group Messaging, File Transfer, Licensing and Admin interface |
| 2024 May | KvantPhone 2.0 | Silent Signal | Post-Quantum cryptography, Product migration, Admin interface |
If you would like to know more details about secure communication and
KvantPhone’s security, please see the following articles and resources:
KvantPhone Security
White Paper
Discover how KvantPhone makes your
communication completely secure.
The quantum
threat
Understand in detail the quantum threat and why Post-Quantum Communication is a must.
Are you looking for using KvantPhone
for personal or business purposes?
Personal use
Encrypt your personl digital online communication with KvantPhone’s end-to-end, quantum resistant encryption.
Business use
Increase business productivity with complete business communications privacy and security.