[VOIPSEC] ipsec vs. tls/srtp ?

Jon Callas jon at pgpeng.com
Wed Feb 22 17:44:40 CST 2006 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256


On 22 Feb 2006, at 2:42 PM, Dan Wing wrote:

> (I'm a different Dan, but I'll nevertheless take a stab at this.)
>
> For media encryption to make sense you need to provide integrity  
> protection
> and authentication of the signaling, and have some way to encrypt  
> the SRTP
> keys themselves.  The easiest way to accomplish this is to simply  
> encrypt
> the signaling (using, say, TLS).  Other techniques such as using  
> SIP Digest
> authentication provide authentication but pretty poor integrity  
> protection.
> S/MIME is hard.  Some of the MIKEY modes provide ways to authenticate,
> integrity protect, and encrypt the SRTP keys themselves but not other
> aspects of the signaling.

I'll chime in and say that ZRTP, Phil Zimmermann's SRTP extension, is  
a different way to do this. It uses Diffie-Hellman to exchange keys  
and a hash-chain of retained shared secrets for added protection  
against man-in-the-middle attacks.

The design is taken from previous things that PGPfone, Eric Blossom's  
phone, and the AT&T 3600 did with a short authentication string you  
can read off. Cleverly, even if you never do this authentication,  
there's still a level of protection because each phone knows it's  
talking to the same phone it talked to last time. So if there ever  
was a man in the middle, he's was there to start with and is still  
there. Note the similarity in philosophy to SSH.

	Jon

- -- 
Jon Callas
CTO, CSO
PGP Corporation         Tel: +1 (650) 319-9016
3460 West Bayshore      Fax: +1 (650) 319-9001
Palo Alto, CA 94303     PGP: ed15 5bdf cd41 adfc 00f3
USA                          28b6 52bf 5a46 bc98 e63d
	



-----BEGIN PGP SIGNATURE-----
Version: PGP Universal 2.0.5

iQEVAwUBQ/z3abveU3tlJIqaAQjZEgf/Xwrf9FGfM0DpVCwCA8HN1rz8a5TFMQOm
bhPCfZ5SspqVp7R9MBhYm+n1nKyknl6gw/XE28L/oZLKALrXN/WuTePPzkGXeFhQ
cX2yQOpk3aAyWA5eaZ6OopQFu3goRFYxfTBzFFKdBadb2Cxt6QImxirWpjnD2e6i
AUgvEL4EtjqwpjPLoQ0PmF7mwzJpAXMxkgBHo18W0fuluTm9tQhKPFO6UWz94mEU
2BZPNAIwDs4+PPZDnRfEQvyCynrVvBRXILfKd1srMhiFAU/FYtuvSQm2+iK6AfP2
fuK/hHJgKz5N60qL/ztv5XB2wds9b74LmwRxiyDWb3aqKyrvIV/E0Q==
=z6Gh
-----END PGP SIGNATURE-----

More information about the Voipsec mailing list