mikroPhone

The goal of this project is to develop a privacy enhanced, simple and fully featured mobile phone.

Current situation

Smart phones commonly used today are vastly complex systems. Users generally fail to grasp their intricacy and understand the way they operate, and it's virtually impossible for anyone to verify flows of data. As a consequence, users are in no position to exert control over their sensitive data passing through such devices.

Further, phone manufacturers are often reluctant to be transparent enough about technical details of their products. In addition, they try to prevent users from repairing their own devices or at least try to make repairs extremely difficult and costly. This practice contributes to unnecessary e-waste accumulation.

As an additional issue in relation to hardware security, there is a noteworthy risk of supply chain attacks, especially in the case of users in need of an increased level of security (such as investigative journalists, human rights activists, etc.).

Product

This device is intended to overcome the security threat and protect users and their privacy to the highest possible degree. It aims to bring data sovereignty back to its users. mikroPhone is easy to undestand, simple and above all secure. It resembles a regular mobile phone, with a display and a touch screen. It comprises two parts — core part and an additional application module (app-module).

Block diagram mikroPhone Block Diagram

Let's first focus on the core part. The idea behind it was to build a simple communication device both in hardware and software terms. The most challenging task and mikroPhone's key and unique feature was to build its core part in a way that it can be audited entirely. Its software solely consists of a small library OS (~ 30 KLOC) and simple tools (phone, messaging, contacts, calendar). The central piece of the device is RISC-V microcontroller (central MCU). It is the only mikroPhone's processor with access to peripheral sensors and to the microphone and camera. Therefore, the potential for remote meddling with the peripherals is considerably reduced. The central MCU utilizes Wi-Fi/Bluetooth module and cellular modem for wireless communication. The security of the whole system is not compromised even though none of these modules is trusted, because all sensitive data is encrypted by the central MCU before sending it to a communication module. Secure communication uses a protocol EllipticCP originally designed for this project. It provides end-to-end encryption and an additional anonymizing layer based on the principle of onion routing. In order for a security protocol to function to its full extent, the end recipient in the communication channel also needs to use mikroPhone or some other phone with comparable security performances (in other words, both communication parties must be secure enough).

The hardware is built from as open as possible generic off-the-shelf components. The aforementioned risk of a supply chain attack is also significantly reduced as anyone can easily source components and assemble mikroPhone in a home lab.

This was all about the first part of mikroPhone. We call it core part, as it is essential and at the same time quite enough for this phone to be called a phone. With this essential part in place, mikroPhone users can have a secure voice and text communication, as well as an ordinary voice and SMS messaging over cellular network.

Now let's turn our attention to the second part of mikroPhone — app-module. As mentioned before, central MCU is a small and simple system that provides safety, therefore it can not run complex software such as web browser. Complex software is hence delegated to the app-module. It is a module that can be physically connected to the core part and it can run GNU/Linux or custom Android-based distribution. Both core part and optional app-module are connected to the same screen and touch interface, but only one of the connections is active at any given time. Since the screen itself can't provide information which one is active, there's a small green light above the screen indicating when the core connection is the active one.

mikroPhone can also serve as an educational tool for electronics enthusiasts as they can build phones on their own and learn how they function.

Technical specs (core):

  • Central MCU: SiFive Freedom E310-G002 (RISC-V) microcontroller
  • Wireless: Espressif ESP32 Wi-Fi + Bluetooth
  • Cellular modem: Mini PCIe module (SIMCom SIM7600X or Quectel EC-25)
  • Graphics: BT817 Display controller
  • Audio: 2xMAX98357A Class D amplifier / PCM1770 headphone amplifier / ICS-43434 MEMS Microphone / MAX9814 microphone amplifier
  • Storage: SD card (FAT filesystem, AES/Blowfish encryption support)
  • Power: Lithium battery + charger (BQ25895)

Project status

mikroPhone

  • Hardware design of core part completed. 126x68mm prototype board built and tested;
  • Central MCU OS almost feature complete. Supports basic phone functionality (cellular voice and SMS messaging);
  • EllipticCP implementation tested for real time voice communication;
  • Support for app-module in progress. Module envisaged i.MX 8M Plus Computer on Module;
  • 3d printable phone case envisaged to be designed in FreeCAD;

For more information please visit history

For building instructions please visit how to build my mikroPhone.

License

Hardware licensed under the CERN OHL v1.2

Software licensed under the GPLv2

Acknowledgments

This project is funded through NGI0 Entrust, a fund established by NLnet with financial support from the European Commission's Next Generation Internet program. Learn more at the NLnet project page.

NLnet foundation logo NGI Zero Logo