Talk:ZRTP

From Wikipedia, the free encyclopedia

[edit] Guarantee of no MITM is too strong

The article says

    If the values on both ends match, it is guaranteed that there is no man-in-middle.

I think that's too strong a statement. For example:

• Alice calls Bob, but unbeknownst to either of them, Mallory is the man in the middle
• Mallory negotiates separate ZRTP sessions with both Alice and Bob
• Mallory algorithmically impairs the quality of the voice channels so that it is difficult to distinguish his voice from anyone else's
• Alice reads her SAS to Mallory, and Mallory reads his SAS to Alice
• Bob reads his SAS to Mallory, and Mallory reads his SAS to Bob
• Mallory connects the audio of the two ZRTP sessions together (with the quality impairment)
• Once Alice and Bob are satisifed with the SAS' they've received, they start their conversation.
• The quality impairment can be blamed on a poor internet connection and the use of a low-rate CODEC.

If Mallory has samples of Alice's and Bob's speech ahead of time, rather than voice quality impairment, he can use more sophisticated software to modify his voice to sound similar to Alice's or Bob's. This is much more difficult but not impossible. --Brouhaha 19:43, 17 June 2006 (UTC)

The statement has been modified to remove the guarantee (Zimmermann never used the word guarantee). However, I think an attack that involves voice imitation incurs a high risk of detection, and thus is adequately deterred. The attacker cannot predict or control exactly how Alice and Bob will conduct the SAS comparison. -PRZ