The ICE Secure communications platform (lPS) provides strong built-in security features, based on open standards and state-of-the-art end-to-end encryption utilizing the IPS network.
ICE Platform Services (IPS)
ICE has virtualized entire classes of network node functions into building blocks (I-Nodes) that can connect, chain together, or propagate-on-demand for a tailored solution. Like the “LEGO®” concepts, building a rich library of fundamental virtual building blocks with security and encryption embedded throughout the architecture enables repeatable quick response for operational missions without compromising each mission. Included is a multi-layered design for authentication, identity management, and configuration.The IPS secure infrastructure provides AES encrypted links between location sites using diverse transport such as cellular, Internet or Wi-Fi. We do this by securely guarding your information content.Applied tactics, techniques and procedures enable operations differentiation, hide securely in plain sight, and avoid compromising mission intent. IPS major framework components are purposely built from the ground up.We start with a minimalized Linux kernel, security enhancements, hardening, virtualizing, and designating a specific network virtual function or service to each I-node.
End-to-end encryption for one-to-one and group messages
• Modern ciphering based on modern elliptic curves 448 and 25515
• Perfect forward secrecy with double ratchet algorithm
• Asynchronous messaging system based on pre-positioned keys
• Man-in-the-middle detection based on ZRTP auxiliary secret
End-to-end encryption for audio and video calls
• Audio/Video packets encryption using AES 128-bit and 256-bit key length
• State-of-the-art ciphering key exchange with ZRTP, using safe Elliptic Curves Diffie-Hellman (ECDH) X25519 and X448, and Short Authentication String (SAS) to prevent Man-in-the-middle attacks
• WebRTC-compatible end-to-end encryption with DTLS-SRTP
The ICE Secure Softphone provides end-to-end encrypted unified communications.
Secure user authentication and call setup
• Verification of the SIP server authenticity based on x509 certificates
• Verification of the user identity, using either SHA 256 digest authentication or TLS client certificates
• Secure connection between client (user) and server thanks to SIP TLS