[VOIPSEC] A different view on the nature of Phil Zimmermann's new work... (Was Re: Phil Zimmerman to release VoIP Encryption Software(c.March))

dan_york at Mitel.com dan_york at Mitel.com
Fri Feb 3 11:20:51 CST 2006 

Christian & others,

It's been interesting to read this discussion and I'm pleased to see
the note about Phil Zimmermann's work entering the RFP process.  I 
thought,
though, that I'd just comment on what I took away from his talk. It
seemed to me that he is not necessarily looking for this to be adopted
by companies/vendors/etc. but rather that he's focused on *individual*
security.  I go back to his quote that I pulled out on the podcast blog:

   I would like to do for VoIP what I did for e-mail... I'd like to 
   make it possible for you to whisper in someone's ear - even if 
   their ear is thousands of miles away. 

The point I took away is that if I have zFone installed as a shim on my 
system and you have it on your system, we can establish a secure 
encrypted VoIP call using our softphones *regardless* of what systems
we may be using.  No PKI involved.  No central authority.  Probably with
no knowledge of the usage by the phone systems involved.

Very much like PGP and e-mail.  I can just PGP-encrypt a message to you
and send it off using my e-mail client and my e-mail system here.  It
will traverse the world of SMTP and whatever other protocols and servers
are there and will get to you where you, and you alone[1], will be able 
to decrypt it. 

The fact that we used PGP to encrypt that e-mail was most likely 
completely
unknown to the vendors and system administrators of the e-mail systems 
to which we are connected.  The only time it might be noticed would be 
when a sysadmin was scanning reports about mail system usage and might, 
perhaps, find some notation of messages that were unable to be examined.

We chose to use PGP as private individuals.  We somehow originally 
verified our PGP key fingerprints (perhaps, ironically, by reading a key
fingerprint over the phone).  But it was our choice and something done 
outside of the control of any of the systems we use or employers or 
others.

This was what I understood of the nature of zFone.  Putting the control
of the encryption down into the hands of the *individual* users so that
they could have encrypted conversations regardless of what type of VoIP
system they were connected to.

If I have that view correctly, then it wouldn't matter whether any of the
IP-PBX vendors or ITSPs or other providers supported zFone or not[2].  As 
long as there was a way for the SRTP stream from my softphone to get to 
yours (without modification) - and as long as both of our softphones had 
the zFone shim - we could have a secure conversation.

That is what I understood his proposal to be. Obviously until we see 
the specifications that Alan Johnston mentioned are in the works, all of
this (how he would do it, who would support it, what softphones it would
work with, how successful it would be, etc., etc.) is all mere 
speculation.

My 2 cents,
Dan


[1] Subject to your belief, of course, in the security of PGP and whether
or not various gov't entities can decrypt PGP, but that's a topic for a
different e-mail thread and not one for this mailing list.

[2] In fact, I can think of issues like CALEA and "lawful intercept"
and such that might prevent a carrier from even being able to support
this, even if they wanted to.  There would be no central repository of 
keys and such and therefore no way to decrypt the call. (like PGP, again)

-- 
Dan York, CISSP
Dir of IP Technology, Office of the CTO
Mitel Corp.     http://www.mitel.com
dan_york at mitel.com +1-613-592-2122
PGP key (F7E3C3B4) available for 
secure communication

More information about the Voipsec mailing list