[VOIPSEC] Key Negotiation for SRTP (Ahmar Ghaffar)
Henrik Ingo
henrik.ingo at sesca.com
Tue Sep 6 06:08:58 CDT 2005
Thanks to everyone involved for a really informative thread!
Does someone know more about the Zfone approach, I'd like to have it
clarified. (It seems like another Phil-like novel idea!)
Randell Jesup wrote:
> "Johnston, Alan" <alan.johnston at mci.com> writes:
>
>>Phil Zimmermann's Zfone approach is quite different from MIKEY or SDES
>>in that it doesn't even use the SIP signaling path for key management.
>>
>>Instead, it does a DH exchange in RTP extension headers, much the same
>>way that secure PSTN phones work today, using only the media path. To
>>protect against a man-in-the-middle attack, a voice authentication
>>digest is used. In addition, previous shared secrets are cached and
>>used as input to generate a session key.
>
>
> "voice authentication digest" - sounds like the old PGPhone
> "read 3 words from a dictionary to prove it's not MITM". Because (when
> calling someone you haven't called before) that is the trick - prove
> it's only them and bad-guy-MITM hasn't inserted himself.
>
What specifically is this voice authentication digest? "Digest" conveys
the idea that those three digits are not sent from one end to another,
but I fail to see how that would work? (So maybe someone will explain it
to me...)
If the idea is just to sen 3 digits to the other person to read out
loud, it doesn't really prevent from a MITM attack on the first connect?
So its kind of like using ssh or self signed https in a manner where the
user just answers "yes" on the first connection, but can then be sure to
know that all subsequent connection are to the same person, whom he has
chosen to trust.
How will Zfone work with voicemail and other automated telephony gear?
henrik
--
Henrik.Ingo at sesca.com
+358-40-5697354
More information about the Voipsec
mailing list