Quasar IV - The World's First Self-Authenticated Cipherphone Designed To Protect Your Digital Identity.

The making of the Quasar IV is a project that is designed to reinstate personal liberty to the internet.  Based on the world's most advanced security concepts and a trusted-authentication technology, it allows users to self-manage their digital interactions and create a trusted social circle.

The Quasar IV will be production ready in March 2014 and available to the general public in June 2014. Indiegogo backers will receive the Quasar IV in April 2014. The Quasar IV offers the following key features:

• Advanced trusted-authentication technology called Quatrix

• Unique digital signature and key computation methodology to protect your digital identity

• Quad-core 2.3GHz CPU, 3GB RAM, 64/128GB encrypted local storage and 128GB encrypted cloud storage

• Dual rear cameras for advanced augmented reality applications

• Android OS with an encryption layer

• Open SDK for the developer community

• Dual LTE with support for 3G and GSM networks

The Quasar IV is a “cipherphone” that safeguards the user’s digital identity with self-authenticated verification. All data exchanges between Quasar IVs are protected by trusted-authentication technology.

The Quasar IV is your gateway to a community of secure messages, emails, calls, cloud storage and mobile applications:

• Protect Your Digital Identity: Quasar IV uses a revolutionary self-authenticated, asymmetric encryption system called Quatrix that automatically verifies the identity of other Quasar IV users before information is sent. Your private identity key is encrypted in a hardware chip, making unauthorized access to data extremely difficult.

• Secure Operating System: QuaOS, Quasar IV’s operating system, is a fusion of Android, Linux and the Quatrix encryption software. The Quasar IV provides unprecedented security for Android users.

• Open Ecosystem for Developers: QSAlpha provides a software development kit (SDK) that allows software developers to build secure applications.

• Secure Community: Quasar IV users receive the most complete protection when communicating with other Quasar IV users.

Over the last five years, more than 27 million Americans have fallen prey to identity theft and 73 percent have suffered from cybercrime. Americans lose over $20 billion to identity theft each year. In 2012 alone, the Identity Theft Resource Center documented 447 major security breaches in the US that left 17 million personal records exposed to criminal activity.

Quasar IV has been designed for:

• Individuals who use their mobile devices to handle e-commerce transactions, day-to-day banking, storage of sensitive personal information or just casual correspondence.

• Individuals who value privacy and peace of mind and would like to ensure that their private correspondence is kept private.

• Individuals who want to ensure that eavesdroppers and stalkers cannot track their every move in the digital domain.

• Businesses that value data security and want to ensure that communications between executives, employees, customers and others cannot be read or listened to by third parties.

Quasar IV offers protection against external threats to enterprise and personal users of digital networks.

Publicly available statistics about the extent of cybercrime make clear that conventional computers and smartphones fail to prevent security breaches. The Quasar IV prevents identity theft and data leaks by using Quatrix, a proprietary encryption logic based on advanced trusted-authentication technology.

How does Quatrix work?

On a standard smartphone, when you text, email, call and store files, each service must verify who you are, so they provide you with a public key that is stored online. Every time you use each service, this public key confirms your identity.

Because public keys have to be stored and authenticated online by a third party server, your identity could be vulnerable to intrusion attacks.

No matter how complicated your passwords are, intruders can still impersonate your digital identity if they infiltrate and take control of the authentication server. Your lost digital identity may be used for cyber-crime. Until now, we’ve been relying on third-party agencies to authenticate and protect our most valuable information.

On the Quasar IV, when you text, email, call and store files within Quatrix, you and your contacts are authenticated via a public seed matrix located locally in the Quasar IV’s Quatrix hardware chip. This occurs offline, on each phone. The seed public matrix is simply a mediator that helps Quatrix devices verify each other’s identities through computation rather than exchange.

Verification happens on your device, not a public server

For Techies

By using state-of-the-art cryptography, we have developed a methodology to create up to 10^77 public and private key pairs from 16^16^4 three-dimensional matrices. By storing the possible encrypted combinations on the device, it becomes extremely difficult to forge your digital identity. On top of this, access to the Quasar IV’s secure apps requires both an 8+ digit PIN and a Two-Man Rule login.

Essentially, QSAlpha has engineered a way to safely authenticate users in the digital world without incurring massive infrastructure costs. We’ve created a mathematically engineered matrix that contains all possible combinations of identity keys and then issued it to each individual user encoded in hardware. Truly safe identity verification must mimic the methods of real world, through offline communication security, and Quatrix does exactly that.

Quatrix Trusted-Authentication Flow

In April 2011, The White House issued the National Strategy for Trusted Identities in Cyberspace.The goal was to encourage the development of security infrastructure that would allow people to validate their identities securely and efficiently.

The Quatrix solution goes beyond the The White House vision and also addresses the requirements of the “Future Network.”

“Future Network,” a program of the ITU (International Telecommunication Union)’s SG13 (Study Group 13) on standards for next generation networks (NGN), guided the security principles behind the Quasar IV’s self-authenticated and encryption technology. 

“Future Network” endorses trusted identity authentication security, the basis of Quatrix.

For Cryptographers

The Quatrix system is based on asymmetric encryption, which includes three function modules: Key Generation, Authentication (Signature Verification) and Data Encryption.

Fig.1 Quatrix System

The key generation and distribution structure is the base of the Quatrix System. The private and public keys are generated separately: the private key is generated by the Key Management Center (KMC), while the public key is generated by the user. 

Signature verification and data encryption are performed using the Quatrix Key System. Since the public key is generated on the user side, the two operations are performed in peer-to-peer manner, and no online third-party agency is necessary. 

1. ID Based Key Pair Generation And Distribution

Fig.2 Key Pair Generation

The key pairs in Quatrix are generated via combined matrices of public and secret seed matrices M_p and M_s (also called the ‘the key calculation base’).

The Key Management Center (KMC) is the only owner of M_s. The private key is generated by KMC from the user’s ID. 

(1) The public key is generated by any user using known ID.

(2) M_pand the key generation mapping g_p(.) are distributed to the user after encryption. Note that Seeds designs should consider applications in multiple domains (city, state, country, etc.).

The relationships between public and private keys are explained in Section 1.1. The generation function is shown in Fig.3, and explained in Section 1.2.

1.1 Relationship of Private and Public Keys

The key generation is based on elliptic curve cryptography (ECC P-192).

The relation between private key and the public key is

Pair generation of Key_cs and Key_CP  in Quatrix is based on two principles:

a. In seed-based key generation, one Key_cs is related to only one Key_CP , and vice versa.

b. The summation of two key-pairs is also a key pair.

So we can generate a secret seed M_s , which is a f * h matrix whose elements s_ij are random integers. The elements p_ijof the public seed M_p can be derived from M_s using Eq.(3). Note s_ijis a number , while p_ij is a point (pair of numbers) .

An ID-based private key Key_cs is the combination of selected elements in M_s. Similarly, Key_cp is the combination of the corresponding elements in M_p.

1.2  from ID to Key_cs

Fig.3 Key Generation Procedure

The procedure include several steps

a)  Hash (using SHA-2 algorithm) to generate a fixed length variable for matrix coordination

b)  Row index reshuffling

c)  Column index reshuffling

Step b) and c) produce an index table to select element in seeds.

d)  Key_csis the combination of selected elements of M_s using index table Ind_r..

(4) For public key, the index table Ind_ris generated by other users with the mapping same function. 

1.3 Contents distributed with Private Key : hardware protected (encrypted) IC chip

a) Seeds of public key

b) Key generation functions in 1.2

c) Private key

d) Multiple groups of a,b&c may be included for different domains.

e) Functions for signature and authentication

All items above are encrypted in IC chip. The user can use the functions on the chip, but cannot access the original codes & parameters.

2. Signature Verification (Bob to verify Alice’s signature)

Fig.4 Signature Verification

In signature verification procedure, a customer (Bob) executes signature verification to authenticate the person (Alice) on the other side. The procedure uses the private and public keys of the person (Alice) to be authenticated. The general procedure is demonstrated in Fig.4.

Alice sends Bob the signature (Alice’s ID encrypted using Alice’s private key), Bob generates Alice’s public key and decrypts the received signatures. The signature is certificated if the decrypted data matches Alice’s ID. In this procedure, Bob generates Alice’s public key on his own side, no third-party involved.

The procedure can be mathematically described as follows:

Alice (generate signature) 

A signature includes two parts: signature code and check code

where S_Alice is Alice’s signature code, C_Alice  is check code

Bob (verification) Two steps include: 

1) generate public key of Alice 

2) verification using verification function S_v and Alice’s public key:

Alice’s signature is verified if

3. Password/Data Exchange (from Alice to Bob)

Fig.5 Data Encryption

In this procedure, Alice encrypted (AES256 - CBC mode encrypted) her data using a system generated random number(password, PW). PW is also enveloped (ECC P-192 encrypted) using Bob’s public key. Bob recovers the PW using his private key first and then decrypts the data using the PW.

The mathematical procedure is described as following:

Alice: Encrypt the original data data₀ using encryption function e(.) with Bob’s public key, and generate encrypted password of data_e

Bob:

1)  Recover the password using password decryption function d_p(.) with Bob’s private key

2)  Decrypt data_e using data decryption function with password PW

data_d is decoded version of data_o.

From The Security Expert

"A lot of the nightmares we face in the information security and privacy industry include aspects like cryptographic key management, trusted identity, and an overall fragility in the hardware devices that we use. QSAlpha's Quatrix system and the Quasar IV cipherphone's strategy of securing both the software and hardware is the approach that's needed for a trusted computing environment."

- Justin Troutman

An Independent Security And Privacy Researcher

It is not safe to entrust one company, corporation or entity with the protection of your personal data. QuaOS is a fusion of Android, Linux and the Quatrix trusted-authentication technology to create the world’s first mobile OS that utilizes self-authenticated logic to safeguard your communication and data-sharing. Storing the private seed matrix offline and providing the user with the hardware encoded key pairings gives the user control over security, rather than any one corporation or entity.

Using Quasar IV with QuaOS means that you are in control of your own data and you are able to safeguard your own digital identity.

QSAlpha will actively promote innovation among developers. Quasar IV offers developers access to the core source code to encourage the creation of a completely open yet secure application ecosystem.

QuaOS offers developers the opportunity to create a vast range of data-encrypted applications which, in time, will be able to leverage a trusted community of Quasar IV owners.

We took our design inspiration from one of the world’s most recognized symbols of secrecy, supernatural ability and stealth: the art of Ninjutsu. 

In the digital world, privacy and security have been impossible to attain until now, which is why we found our inspiration in a warrior who does the impossible. We created a device that allows users to send data undetected across the rooftops and through the alleyways of cyberspace. The Quasar IV not only reflects the covertness of a ninja, but also the extraordinary grace, flexibility and subtlety of this iconic figure.

Simple but effective, subtle yet powerful, functional but graceful, the Quasar IV gives the user an indelible sense of being on a mission. It is the shadow of people who move about with a purpose. 

The way of Ninjutsu inspired the way of the ultimate digital defense system.

The Quasar IV is the world’s first cipherphone tailored to secure privacy.  The device has been named Quasar IV because the IV stands for Identity Vessel, and because the fourth amendment of the US constitution guarantees the right to privacy.

The Quasar IV combines a suite of encrypted applications and the ability to safeguard personal information with features we commonly associate with smartphones: fast processors, onboard memory, sensors, front and rear facing cameras and 4G connectivity.

Most importantly, it opens up a new world to the developer community by providing a system that protects applications, content and intellectual property from piracy.

We’ve spent the last three years developing and integrating the security and smartphone technologies to the point where we now have the design finalized, along with the latest working prototypes. The scope of design work that has been completed includes the following:

• PCBA+LCM+OGS Touch Panel

• Internal Poly-Carbonate Case Molding and Fitting

• Antenna Placement and Electromagnetic Interference Test

• External Glass Molding

• QuaOS based on Android 4.3

• QuaWorks – Framework of Secure Applications by Third Party Developers

• 3D Home with Augmented Reality

We now look to you to get the Quasar IV into the final phase of testing and production. We are crowdsourcing USD $3,200,000 dollars to take us from our current stage to manufacturing the first 10,000 units. If we exceed our target, we will be able to increase the first manufacturing run.

The Quasar IV 64GB edition will be retailed for $785 but is available to backers for only $595 and the Quasar IV 128GB edition will be retailed for $855 but is available to backers for only $665. As soon as the campaign starts, we are offering the first 950 units of Quasar IV 64GB for just $495. Of course, we also offer a wide range of other rewards for different pledge levels.

We hope you will support our aim of becoming the first company to offer a solution to one of the digital era’s greatest problems.

The QSAlpha team members include internationally recognized pioneers in digital security, communications and augmented reality. The team has extensive experience and relations with some of the world’s best manufacturer and components providers in the smartphone industry. With QSα, we aim to create the world’s safest digital community. The team’s head office is based in San Francisco, USA. To provide immediate access and closer working relationships with our manufacturing and design partners, we have based our QSAlpha project team in Taiwan. We also have offices in North Carolina and UK. 

Steve Chao, Founder and CEO

Steve Chao is an internationally recognized pioneer in digital security, communications and augmented reality. A veteran entrepreneur, Chao is responsible for a variety of advances in the mobile technology space. With QSα, he aims to create the world’s safest digital community.  He is one of the inventors of Quatrix technology and the driving force behind the Quasar IV’s Ninjitsu concept and industrial design. 

Dr. Liu Li, Chief Scientist

Dr. Liu has taken several academic and industry positions in New York and Silicon Valley since receiving his PhD in 2005. He holds multiple patents on color imaging and cyber-security applications. Dr. Liu is one of the inventors of Quatrix technology.

Ben Vaughan, Chief Operating Officer

Ben has held senior management roles in the high-tech sector for the last 20 years. As an expert in real-time 3D software and mobile systems, he has grown and managed companies in Europe, North America and Asia. At QSα, Ben oversees operations in four offices spanning three different continents. 

Shane Remington, Chief Technology Officer

Shane is a co-founder and principal of Peppermint, the company behind the open source, Peppermint OS Linux distribution. Shane is a specialist in digital security, network technology, systems integration and project management with more than 15 years of experience. Shane manages the IT systems that are critical to QSα’s security ecosystem.

Kendall Weaver, Chief Software Architect

Kendall is a co-founder and principal of Peppermint, the company behind the open source, Peppermint OS Linux distribution. Kendall brings over six years of experience in software development to the QSα team. As an expert in Linux, Kendall is responsible for the ongoing development of QuaOS, QSα’s fusion of Android, Linux and Quatrix software.

Eugene Li, SVP of Engineering 

For more than 13 years, Eugene has held high profile R&D, product planning and platform development roles in the mobile technology sector. As an expert in Linux-based smartphones, Eugene spearheads development of the Quasar IV’s hardware and virtual infrastructure.

• QuaOS (based on Android 4.3, powered by Quatrix)

• Quatrix Trusted-Authentication Processor

• 5” FHD 1920 x 1080 Sharp (IGZO) Display

• Corning Gorrilla Glass III

• Snapdragon 800 Quad-Core CPU @ 2.3GHz per core

• GPU with OpenCL, OpenGL ES3.0 support

• 3GB (LP-DDR3) RAM

• 64GB/128GB (eMMC) Storage

• MicroSD External Memory Card

• Dual 13MP rear facing Sony cameras (optimized for computer vision) | 8MP front camera

• FDD-LTE | TDD-LTE | UMTS | CDMA2000 | GSM

• Nano-SIM card

• GPS, WiFi (a/b/g/n/ac), Bluetooth 4.0, NFC

• Gyroscope, Gravity, Proximity, Compass, Thermal, Barometer and Atmospheric Sensors

• 3,300mAh battery

• IP57 water proof

Risks and challenges

Turning a prototype into a device suitable for mass production presents a series of challenges for any company. It’s important that the design is scalable both financially and for production; components must be able to be sourced in sufficient quantities for mass production; the final product must have the high level of reliability associated with a mass produced device; and critically, reliable component and assembly partners need to be sourced.

Thankfully, we have already overcome the riskiest areas of this project. Along with a working prototype, the Quasar IV’s overall hardware design has been validated by the manufacturer and is well suited for mass production.

We can also confirm that we have secured a relationship with a well-known OEM phone manufacturer to bring the product to the market. We have also fully validated every single component in the Quasar IV and teamed up with an experienced component procurement company to ensure timely delivery to the manufacturer for final assembly. This means we can deliver to the high level of specification and design outlined in this project while meeting our timeline.

If our Indiegogo campaign is successful, we will use the funds to produce our final prototypes, complete the tooling and certification, begin mass production and deliver the final Quasar IV to your doorstep.

Along with the handset hardware, your money will also fund additional application development for the QuaWorks ecosystem. We will keep you updated on our progress throughout the process, with the overall aim of shipping the first production units in April 2014.

FAQ

Are all shipping costs included in the pledge price?

Shipping charges are included with each Indiegogo perk. Local import taxes may apply.

Will the Quasar IV phone work on my telecom network?

The Quasar IV is not locked to any particular network and works in all countries.

Does Quasar IV need a 4G network to work?

Quasar IV works on the 3G/GSM network bandwidth and in all countries supporting the two LTE standards that provide 4G mobile broadband connectivity. 4G network service is subject to your telephone network’s service offerings and specific data fees may apply.

What warranty is provided with the phone?

Every Quasar IV device comes with a standard manufacturer’s warranty. If for any reason you are not satisfied with your purchase you may return it within 28 days for a full refund on your pledged amount. Return postage fees are not included.

Will there be different versions to support international power socket adapters?

Each Quasar IV will be shipped with the appropriate adapter for the shipping address listed.

If I have problems placing my pledge what do I do?

Please contact us directly at support@qsalpha.com

Is a developer kit available for the phone?

The developer SDK is supplied with the developer version of the handset, one of the available Indiegogo perks. The SDK itself will be made available through our website in June 2014.

Does the security encryption work when I am contacting a non-Quasar device?

Quatrix-encrypted data can only be read and decrypted by another Quatrix device. When data is sent from a Quasar IV to a different type of smartphone, the data will not be encrypted by Quatrix.

How do I access the QuaCloud?

The Quasar IV comes with 128GB of secure cloud storage. The QuaCloud app is located in the QuaWorks section of your phone.

To use a QuaCoin do I need to have a Quasar IV handset?

You will need a Quasar IV handset to activate your QuaCoin and use it towards qualifying purchases.

Is there a future roadmap for the development of applications and OS on the phone?

We will reveal the roadmap during this campaign.

Do I get charged if you don’t meet the funding goal?

All credit/debit cards are charged immediately. This money is held by Indiegogo until the project timeline is complete. If the project does not reach its funding goal, your full pledged amount will be refunded by Indiegogo.

Have additional questions?

Please feel free to contact us on Facebook, Google+ or Twitter. We'll post frequently asked questions here on this FAQ.

Glossary

Quasar IV 
The world’s first self-authenticated cipherphone.

Qua ID / User name 
Members of the Quasar community can log on to the QSAlpha website to select and reserve their own user name. The user name is tied to the Qua ID, a nine-digit key that grants access to the QuaWorks ecosystem.

QuaOS 
The Quasar IV operating system – Android with an integrated encryption layer.

Quatrix 
QSAlpha’s proprietary trust-authentication technology, used to secure apps, data and communications on mobile devices.

QuaWorks 
The Quasar IV application ecosystem.

QuaCoin 
A “crypto-currency”, similar in concept to Bitcoin. QSAlpha intends to launch QuaCoin in 2014 and use it as an alternative to traditional currencies for making purchases in the QuaStore.

Quasar Community 
Collective noun for members of the Quatrix ecosystem.