[VOIPSEC] zFone

Johnston, Alan alan.johnston at mci.com
Wed Sep 14 11:01:47 CDT 2005 

Phil's approach is very interesting.  

The thing I like the most about it is the opportunistic nature - if both
UAs support it, they will negotiate a secure VoIP session.  If not, the
call proceeds normally.  With the current uncertainty for signaling
based key management (MIKEY - which mode?, or SDP Security Descriptions)
and how to make it backwards compatible (multipart alternative or
multiple m= lines), this approach has definite advantages.

Thanks,
Alan Johnston

> -----Original Message-----
> From: Voipsec-bounces at voipsa.org 
> [mailto:Voipsec-bounces at voipsa.org] On Behalf Of Alexander 
> Philipp Lintenhofer
> Sent: Wednesday, September 14, 2005 5:07 AM
> To: bmhkim at gmail.com
> Cc: Voipsec at voipsa.org
> Subject: Re: [VOIPSEC] zFone
> 
> 
> Thank you for your answer, Brian.
> DH-Negotiation with additional voice recognition/key 
> verification preventing replay or man-in-the-middle attacks 
> is a really good idea. In my opinion even more secure than 
> PSTN-communication in circuit switched networks.
> 
> regards,
> Philipp
> 
> Quoting Brian Kim <bmhkim at gmail.com>:
> 
> > On 9/12/05, Alexander Ph. Lintenhofer <lintenhofer at aon.at> wrote:
> >> I just read about Phil Zimmermanns new invention zFone and 
> would like 
> >> to ask you about your opinion. What do you think about the 
> >> authentication/identification scheme without a PKI?
> >
> > I had the good fortune to be able to attend his briefing at 
> Black Hat 
> > and get a first hand look at Zimmerman's demo. I must say that it 
> > looks like it has reasonably strong security, if for no 
> other reason, 
> > because of the nature of the media being transmitted. I'm 
> not sure how 
> > much you've read about it, but my understanding is that the 
> phone uses 
> > Diffie-Hellman key exchange to agree on cipher keys, then 
> expects its 
> > users to voice verify keys.
> >
> > Ultimately, the security of this system relies on the difficulty of 
> > successfully accomplishing a man-in-the-middle attack (or 
> breaking the 
> > AES encryption algorithm). This can range from a more trivial audio 
> > substitution of the key during voice verification (which 
> will likely 
> > be subject to just plain sounding different during key 
> verification) 
> > to having a person (or more than one person) sit in the middle and 
> > speak the two parts. Of course, the latter strategy would almost 
> > certainly introduce errors as well as additional delay, which will 
> > likely push it into the realm of unacceptability.
> >
> > I think it's a good solution which is adequate for typical privacy 
> > needs. However, all Zimmerman has managed to do is find a niche in 
> > which PKI probably isn't necessary in the general case.
> >
> > Brian
> >
> > (of course, this is all my opinion and strictly my opinion -- 
> > especially not that of my employer(s), the government, god 
> or my cat)
> >
> >
> 
> 
> 
> 
> _______________________________________________
> Voipsec mailing list
> Voipsec at voipsa.org 
> http://voipsa.org/mailman/listinfo/voipsec_voi> psa.org
>

More information about the Voipsec mailing list