Zfone

From Wikipedia, the free encyclopedia

Zfone is software for secure voice communication over the Internet (VoIP), using the ZRTP protocol. It is created by Phil Zimmermann, the creator of the PGP encryption software. Zfone works on top of existing SIP- and RTP-programs, like Gizmo, but should work with any SIP- and RTP-compliant VoIP-program.

Zfone turns many existing VoIP clients into secure phones. It runs in the Internet Protocol stack on any Windows XP, Mac OS X, or Linux PC, and intercepts and filters all the VoIP packets as they go in and out of the machine, and secures the call on the fly. A variety of different software VoIP clients can be used to make a VoIP call. The Zfone software detects when the call starts, and initiates a cryptographic key agreement between the two parties, and then proceeds to encrypt and decrypt the voice packets on the fly. It has its own separate GUI, telling the user if the call is secure. Zfone acts as if it were a "bump on the wire", sitting between the VoIP client and the Internet, but implemented in software in the protocol stack.

The ZRTP protocol used by Zfone has desirable cryptographic features lacking in many other approaches to VoIP encryption. Although it uses a public key algorithm, it does not rely on a public key infrastructure (PKI). It does not use persistant public keys at all. It uses ephemeral Diffie-Hellman with hash commitment, and allows the detection of man-in-the-middle (MiTM) attacks by displaying a short authentication string for the users to read and compare over the phone. It has perfect forward secrecy, meaning the keys are destroyed at the end of the call, which precludes retroactively compromising the call by future disclosures of key material. If the users fail to compare the short authentication string, a second layer of protection against MiTM attacks comes from a form of key continuity. It does this by cacheing some key material to use in the next call, to be mixed in with the next call's DH shared secret, giving it key continuity properties analogous to SSH. All this is done without reliance on a PKI, key certification, trust models, or certificate authorities. It also does not rely on SIP signaling for the key management, or on any servers at all. It performs its key agreements and key management in a purely peer-to-peer manner over the RTP packet stream. It supports opportunistic encryption by auto-sensing if the other VoIP client supports ZRTP.

[edit] Platforms and specification

Availability - Mac OS X, Linux, and Windows as compiled programs as well as an SDK.
Encryption standards - Based on ZRTP, which uses 128- or 256-bit AES together with a 3,000-bit key exchange system and voice based verification to prevent man in the middle attacks.
ZRTP Protocol - Published as an IETF draft: "ZRTP: Extensions to RTP for Diffie-Hellman Key Agreement for SRTP" [1]