[VOIPSEC] Using SRTP for University project
Randell Jesup
rjesup at wgate.com
Tue Mar 28 00:06:31 CST 2006
"Hadriel Kaplan" <HKaplan at acmepacket.com> writes:
>> Also, ZRTP uses key continuity which forces an attacker to
>> perform an active DH MitM attack on every call or be detected.
>
>That's not hard. That could just be the local TLS proxy.
Someone inserting a transparent proxy modifying all SIP (and RTP) info
at all times would give the person who did this (service provider via their
transparent SBC) total access to all signalling and ability to MiTM any
call, unless ZRTP users did verbal authentication.
Transparent proxies can be detected by using a tunnel to somewhere outside
of the provider's network. Paranoid users might connect via SBC, and do a
verification connection/message over a tunnel link to check response
headers.
--
Randell Jesup, Worldgate (developers of the Ojo videophone), ex-Amiga OS team
rjesup at wgate.com
"The fetters imposed on liberty at home have ever been forged out of the weapons
provided for defence against real, pretended, or imaginary dangers from abroad."
- James Madison, 4th US president (1751-1836)
More information about the Voipsec
mailing list