Deutsche Telekom’s SiMKo 3 handset features world’s first secure OS kernel

News

Deutsche Telekom has been working with Samsung to develop a high-security smartphone based on the Samsung Galaxy S3, featuring the world’s first secure mobile OS kernel that is able to protect confidential documents.

DT’s SiMKo 3, known as the “Merkel phone” after the German Chancellor, incorporates the L4 high-security microkernel and has just passed thorough testing by the German Federal Office for Information Security (BSI).

The handset, which is available now, is targeted at the public sector and costs €1,700 on a two-year contract. It is designed to be used straight out of the box as a tap-proof crypto phone securing data applications such as email, calendar, contacts and tasks.

If the smartphone is lost or stolen, other users will not be able to gain access to the data, and the owner of the device can also delete the content on the device remotely as a secondary measure.

The L4 microkernel makes it possible for two separate mobile OS to be running, each behaving as a totally independent device. As soon as the smartphone is turned on, the microkernel takes complete control of the handset and only permits secure operations.

However, users have the option to toggle between both secure and open operating modes, meaning that the user can switch from composing a confidential email in the secure mode, to using the open mode to obtain flight information, for example.

The L4 microkernel contains only 10,000 lines of programming code, compared with the kernels in commercially available smartphones, which use millions of lines of code.

The SiMKo 3, based on Samsung's Galaxy S3, featuring two mobile OS modes

The groundbreaking technology has been developed by German companies with close cooperation from Samsung. 

Certgate provided the crypto cards that deal with user authentication and data encryption on the phone, while NCP has ensured the encrypted connections.

The microkernel system itself was jointly developed by Dresden Technical University, Dresden start-up Kernkonzept, Telekom Innovation Laboratories and Berlin start-up Trust2Core.

"It is practically impossible to test such large operating systems which are also constantly being modified by subsequent development work,” said spokesperson Stephan Maihoff, who is responsible for SiMKo at DT.

 “You cannot exclude the possibility of back doors. To counter the risk of hacking, we use a transparent kernel that leaves no hiding places for surprises and offers security from the inside out."

The German government is currently developing an official Secure Multi-Network Voice Communication (SNS) standard and DT is planning for the SiMKo 3 to be able to offer encrypted VoIP phone calls in the future.

Samsung has stated that it intends to move forward with secure telephony and data transmission, following its experience developing the SiMKo 3 with DT.

In 2012, DT’s security experts reported that on average, 30,000 attacks were made against mobile networks each month, with hackers preferring to attack via mobile devices.

Read more:

Android ‘master key’ vulnerability discovered puts 99% of devices at risk

Security fears prompt Deutsche Telekom to launch “E-mail made in Germany”

BlackBerry security solution to sandbox apps for iOS, Android