COMING FALL 2013
INTERESTED IN OUR ZRTP VOICE ENCRYPTION?
HOW IT WORKS
Encrypted Mobile’s voice encryption VoIP software enables you make encrypted phone calls over the Internet. ZRTP has a superior architecture over the previous and alternate approaches to secure VoIP. Its principal designer is Phil Zimmermann, the creator of PGP, the most widely used email encryption software in the world.
The ZRTP protocol has updated cryptographic features superseding the previous VoIP secure voice technologies. Although it uses a public key algorithm, it avoids the complexity of a public key infrastructure (PKI). In fact, it does not use persistent public keys at all. It uses ephemeral Diffie-Hellman with hash commitment, and allows the detection of man-in-the-middle (MiTM) attacks by displaying a short authentication string for the users to verbally compare over the phone. It has perfect forward secrecy, meaning the keys are destroyed at the end of the call, which precludes retroactively compromising the call by future disclosures of key material.
Even if the users are too lazy to bother with short authentication strings, we still get fairly decent authentication against a MiTM attack, based on a form of key continuity. It does this by caching some key material to use in the next call, to be mixed in with the next call’s DH shared secret, giving it key continuity properties analogous to SSH. All this is done without reliance on a PKI, key certification, trust models, certificate authorities, or key management complexity that bedevils the email encryption world.
ZRTP does not rely on SIP signaling for the key management, and in fact does not rely on any servers at all. It performs its key agreements and key management in a purely peer-to-peer manner over the RTP packet stream. And it supports opportunistic encryption by auto-sensing if the other VoIP client supports ZRTP.