[VOIPSEC] zFone

Randell Jesup rjesup at wgate.com
Wed Sep 14 18:07:39 BST 2005 

Alexander Philipp Lintenhofer <lintenhofer at aon.at> writes:
>DH-Negotiation with additional voice recognition/key verification preventing
>replay or man-in-the-middle attacks is a really good idea. In my opinion even
>more secure than PSTN-communication in circuit switched networks.

        So zfone is really just an updated version of PGPhone - users read
words derived from the keys and verify what they're hearing is what their
phone is telling them is in the incoming key.  Secure - yes, absolutely, so
long as you can tell the difference between the voice of the other party
and the voice of someone trying a (tough) MiTM attack, and so long as the
MITM can't select a DH key which maps to the same words as the caller's DH
key, and I imagine it's set to make that virtually impossible (or at least
as hard as finding hash collisions in realtime).  In theory, if you knew
the two people who were communicating and had good voice
actors/impressionists to replace just the verification words, or had enough
clips of them saying the words in the zfone/pgphone vocabulary, you could
at least try a MiTM attack with a non-0 chance of success.  Or perhaps use
someone who's the equivalent of a realtime translator to repeat everything
said (except for editing the verification words).  (Ok, a pair of them).
That would work (again, expensively and with major risk of discovery) with
people who have not talked before.

        So, technically, it's possible.  Practically, though - unless
you're paranoid or know you're likely to be attacked, who is going to do
this at the start of each conversation?  "Hi sweetheart - moose jumper cow
- was that correct?  Good, now we can really talk safely."  Right.  But of
course the target market for this type of security are people who really
are worried about MiTM attacks and have a significantly non-0 chance of
them happening.

        And of course this assumes that the only way you're being attacked
is via MiTM.  There are lots of other ways to subvert this from either end,
starting with MITMing the download of zFOne...

-- 
Randell Jesup, Worldgate (developers of the Ojo videophone), ex-Amiga OS team
rjesup at wgate.com
"The fetters imposed on liberty at home have ever been forged out of the weapons
provided for defence against real, pretended, or imaginary dangers from abroad."
		- James Madison, 4th US president (1751-1836)

More information about the Voipsec mailing list