> It's also too bad that once your phone call heads to the PSTN, any form
> of encryption becomes functionally worthless. It's INCREDIBLY easy to
> tap into, trace, and catalogue a PSTN phone call.
>
there is nothing that can be done about that, unless the answering end
supports crypto too. I still think its easier to monitor VoIP calls
since that can be done from almost anywhere on the intarweb (although do
it in the wrong spot and it becomes quite noticable). PSTN *generally*
requires physical access limiting the ones who can do this somewhat.
> Still... is very nice to see someone providing ZRTP services. Would like
> to see more of that in the future.
yeah, and to be crypto agnostic like that, both SRTP/TLS and ZRTP is a
nice bonus. Ensures that more people can use it, although the way that
ZRTP works, it becomes harder to validate the cipher since you cant
compare the codes each end provides. If you use a mechanical voice or a
sip im it becomes trivial to spoof the challenge/response codes, it
relies on humans speaking and listening to share the codes to validate.
Because you cant validate the cipher I cannot say that you can trust
ZRTP in this implementation, but then it was not designed to be on a
server side, this is where TLS can be handy. However SRTP/TLS is
designed to be server side but not as dynamic nor forget everything
about the session making key recovery impossible (the cert is still
there), something ZRTP is designed for.
ZRTP is more of an end to end human to human implementation, so for
things where the server has to be in the middle SRTP/TLS is certainly
superior.
--
Trixter http://www.0xdecafbad.com Bret McDanel
pgp key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x8AE5C721
_______________________________________________
--Bandwidth and Colocation Provided by http://www.api-digital.com--
asterisk-biz mailing list
To UNSUBSCRIBE or update options visit:
http://lists.digium.com/mailman/listinfo/asterisk-biz
Posts
1 comment:
We've been using ZRTP and DTLS-SRTP for some time and we've had major issues with DTLS. Our issues with DTLS are:
1) Self signed certificates. There is no standard or even pseudo-standard way of doing self signed certificates such as those used in DTLS.
2) Requirement for a PKI. If you don't see this self signed certificate nonsense as reasonable, you'll have to implement a PKI. If you don't want a PKI or want a reasonable fallback to your PKI infrastructure being unavailable, etc. DTLS leaves you with no option.
3) MiTM... The MiTM prevention in DTLS is easily forged.
Some benefits we found with ZRTP:
1) PKI or No PKI - Implement it with a PKI but have very good key gen and exchange as a fallback or use it as your primary. Very cool!
2) MiTM... We thought the use of code words or SAS was a little clunky at first but the reality is that we tried the attacks that most people speculated on... It's all BS. If you try to fake an accent and read a code word at some random point during the call, you'll be pretty sorely disappointed.
I think that DTLS has done a great marketing job. God knows, we bought it at first also. Implementation is a whole 'nother subject.
Post a Comment