Zfone

Zfone is software for the encryption of VoIP calls.

application

In March 2006 presented Phil Zimmermann , the beta version of a newly developed software called Zfone prior to encrypt VoIP calls to the public. So far the program has been published for Linux , Mac OS and most recently on May 21, 2006 for Windows XP . As with his last program PGP , he has also disclosed the source code of the preview version for Zfone .

At the moment, however, the development of Zfone seems to be stagnating: the current version (0.92 build 218 Beta) was released on March 22nd, 2009. Furthermore, as of January 29, 2011, it is no longer possible to download Zfone from the developer's website because the download server is no longer online.

functionality

The software works like a transparent proxy server , so users can continue to use their preferred VoIP software and hardware. The installation of the Zfone technology in individual devices and routers by the respective hardware manufacturer is also planned and is already offered by the Vigor2820 router series from DrayTek . Other manufacturers will follow.

The associated protocol called ZRTP ("Z" stands for the inventor Phil Zimmermann; "RTP" for Real-Time Transport Protocol), specially developed by Zimmermann in collaboration with Alan Johnston and Jon Callas for this purpose, uses the Diffie-Hellman method to exchange keys . The encryption method used is AES-128 (but optionally also AES-256). ZRTP represents an extension of the already existing RTP protocol. In the Windows versions, Zfone installs an additional network driver called zrtp.sys, which recognizes data traffic on UDP port 5060 as a packet filter and then establishes an encrypted connection via the ZRTP Should produce the protocol. Zimmermann has already submitted the ZRTP specifications to the IETF for the purpose of standardization . The VoIP session is initiated via SIP . Then the normal unencrypted RTP protocol is used to negotiate a shared secret with ZRTP , which is then used to encrypt an SRTP (Secure RTP) connection to be established .

Zimmermann made a conscious decision against a PKI -based procedure because, in his opinion, it has various disadvantages. For example, he fears that government agencies will in the future successfully exert pressure on the relevant server operators to install back doors or duplicate keys . The assessment of the actual trustworthiness of the various PKI instances is also problematic for the user. In addition, every user would have to permanently remember a cryptographically secure password. A key obtained at a later point in time can also be used retrospectively to decrypt all recorded communications. The operation of a PKI infrastructure is also very complex and maintenance-intensive.

However, the Diffie-Hellman process selected by Zimmermann also has disadvantages. It is inherently susceptible to a man-in-the-middle attack . Zimmermann has therefore integrated some countermeasures that are supposed to prevent such an attack from being successful. For example, for your own safety, the interlocutors should read a four-digit code ( nonce ) to each other on one of their first joint calls , so that a compromised connection can be clearly identified. This is also important for the security of the follow-up calls. In addition, it is possible, for example, to agree a common password in advance. On subsequent calls between the same terminals of an already used SSH known method called Baby Duck through the use of a shared secret - cache to prevent man-in-the-middle attacks . The integrity of the connection is ensured with the help of key caches generated and stored in previous phone calls. An attacker must have successfully attacked all previous phone calls without exception in order to be able to decrypt the current phone call. The session keys required to decrypt the respective phone call are of course deleted immediately after the respective phone call has ended. Subsequent decryption of the communication through access to the hardware used by a call participant is thus excluded.

License model

While the Zfone software is still in the public beta stage, Zimmermann claims to have registered essential parts of the ZRTP protocol for software patents , even though he actually rejects software patents. Among other things, Zimmermann fears the secret storage of session keys and possible acoustic call recordings by VoIP telephone systems implemented in hardware or software. According to his own statement, Zimmermann intends to force the licensees to refrain from installing such back doors for third parties by means of the patenting move. Builds a provider nevertheless a Mithörmöglichkeit one, he is, according to License Agreement committed a Disclosure flag to transfer and thus its Mithörerfreundlichkeit publish.

The ZRTP license is free of charge, but expires if the above conditions are violated. Providers who secretly violate the license conditions would automatically violate the ZRTP patent rights, as they no longer have a valid license. The exact license model for the beta and final version is still largely unknown.

criticism

The acoustic authentication is sometimes criticized for the fact that in a conversation between two strangers, the other person's voice is not known. So the attacker could just as easily read out his or her key hash to the two interlocutors . Zimmermann counters this by saying that it is not absolutely necessary to recognize the voice of the other person. It is sufficient to determine whether the other party's voice is still the same during the rest of the conversation.

Voice imitation or voice synthesis during acoustic authentication would be conceivable. According to the currently known state of the art, this effort would be worthwhile in individual cases. Such an attack can be prevented by using a pre-shared key (PSK) at least once . This pre-shared key could, for example , be agreed at a personal meeting or with the help of a PGP key that has already been checked using the Web of Trust .

Web links

Official Zfone site (English)
Zfone product description on the Zfone Project website
Official website of Phil Zimmermann
Explanation of the ZRTP protocol (English)
- This text on the IETF website (English)
Article about Zfone on Heise online
Article on the security of VoIP on Heise online
Interview with Phil Zimmermann about Zfone auf Heise online
cnet article on Zfone
Live demonstration and lecture by Zimmermann at the Defcon IT security conference on YouTube

Footnotes

↑ Getting Started with Zfone . Retrieved October 5, 2011.
^ The Zfone Project - Problems with Our Download Server . Retrieved October 5, 2011.
^ Alan B. Johnston's Blog: ZRTP Published Today as RFC 6189 . Retrieved January 13, 2013
↑ c't Magazin für Computertechnik, issue 2/2007, page 22, "Patent encrypted" (in conversation with Phil Zimmermann) by Christiane Rütten, online

[1] Getting Started with Zfone . Retrieved October 5, 2011.

[2] The Zfone Project - Problems with Our Download Server . Retrieved October 5, 2011.

[3] Alan B. Johnston's Blog: ZRTP Published Today as RFC 6189 . Retrieved January 13, 2013

[4] 't Magazin für Computertechnik, issue 2/2007, page 22, "Patent encrypted" (in conversation with Phil Zimmermann) by Christiane Rütten, online