Slashdot Mirror
Zimmermann, Encrypted VoIP, and Uncle Sam
An anonymous reader noted that Phillip Zimmermann and his VoIP encryption software are the subject of a NY Times article today. The article touches on the FCC, privacy, and related issues. Given all the suspicious behavior of the Bush Administration relating to wiretaps and phone records, this sort of thing is all the more important to be very aware of.
It's also available from Cryptome:
http://cryptome.org/zfone-agree.htm
Really, I mean why do people wear clothes for that matter? I mean we are all made of meat covered in skin. We all know what human bodies look like. Everyone should just go naked from now on. Who needs privacy when you have nothing to hide?
Phil took an open source VOIP client and added encryption to it. By his own admission, he doesn't know much about how to make VOIP work well, codecs and all that. But his encryption is very clever. It uses Diffie-Helman to generate a per-session key, which is stored in a completely volitile way. i.e. it is destroyed after the call terminates and cannot be retrieved (stored in memory which is then overwritten). So, even if a man (or government) in the middle records the RTP stream and then gets a search warrant to get the key to decrypt the call, it won't be there.
Look for his techniques for peer to peer key setup, which again is very clever and well thought out, to be used in a variety of new ways. I expect you will see a bit-t client soon that can also generate this one time session key between peers. It will be much more computationally intense than what you see bit-t clients like Azureus do to the CPU now, but no more than using S/FTP. Well, maybe more, because of the number of keys being setup and destroyed and the memory allocation needed in a swarm situation. But for peer to peer calls, it's strong and I expect that Phil, who was nearly bankrupted by Uncle Sam, trying to defend himself, will again be the NSA crosshairs. The guy is just a warrior, what can you say? Guys like him and Klein who blew the whistle on AT&T are the ones fighting for privacy and against a police state. And they will not be treated kindly by this administration.
This is an excellent article that rebuts your argument that is both concise and eloquent: http://wired.com/news/columns/0,70886-0.html?tw=wn _index_23
"Man in the middle" attacks are generally mitigated against by using a large initial key (such as the host key used by SSH, or the x.509 cert used by SSL) to guard an exchange of a smaller temporary session key as a shared secret, which is time-sensitive and is regenerated periodicly. You'd have to break the 1024-bit key or whatnot very rapidly, in the matter of a few hours, or else you'd be too late to do a replay or MitM attack.
. htm
This has a reasonable set of diagrams which describe the process:
http://www.netip.com/articles/keith/diffie-helman
It helps to have a registry or Certifying Authority available which has a list of published public keys...
"The human race's favorite method for being in control of the facts is to ignore them." -Celia Green
Republicans control all the branches of the government. What you see now is the best they have.
Sorry, sir, but you are completely wrong. ANY VoIP-capable computer can encrypt a 12kbps stream with a 1024-bit key. And -- unless the whole academia is wrong and all the current off-the-shelf crypto algorithms have crypto flaws, no, not every supercomputer in the face of the earth could break the encryption. One would have to get the keys in another fashion to listen to the talks.
It's better to be the foot on the boot than the face on the pavement. ~~ tkx Kadin2048
Its time for the encryption phones to start appearing on the market.
That is exactly what my company is offering: IAX2/SIP (Asterisk) over VPN (FreeS/WAN, OpenVPN). It's getting easier to convince businesses to use encrypted communication channels nowadays.
"I'm not going to defend the indefensible. ... I'm prepared to defend a very aggressive anti-terrorist campaign, and I'm prepared to defend the idea that the government ought to know who's making the calls, as long as that information is only used against terrorists, and as long as the Congress knows that it's underway. But I don't think the way they've handled this can be defended by reasonable people. It is sloppy." -- Newt Gingrich
e wt-Phones.wmv
http://movies.crooksandliars.com/Hannity-Colmes-N
Why does Newt Gingrich, the former Republican speaker of the House, hate America...?
You say things that offend me and I can deal with it. Can you?
See Phil Zimmermann's FAQ about Zphone.
According to him, there are no ATA devices or any other hardware-based Voip phones that support ZRTP (the zfone encryption protocol). I doubt that Vonage or any other large VoIP service provider will ever offer a phone with ZRTP support due to pressure from the US government.
According to my understanding, Zfone will intercept any SIP call made from your PC and encrypt it on the fly. This means that you should be able to use any software based SIP phone with Zfone.
Just as an addition, the "Off-the-Record (OTR) Messaging" plugin for Gaim offers a similar setup for instant messaging. (You can use it with other IM clients as well; it works with stock AIM as an HTTP proxy and is built in to Adium for Mac.)
In my opinion, it's a much better system than some of the other IM encryption setups, which give you authentication but not any forward secrecy or deniability. Basically it forces you to authenticate the other party via a side-channel, rather than using a trust framework a la PGP, but in return the authentication can't be turned around and used against you after the fact.
It does this via an unauthenticated Diffie-Hellman key exchange, and then creating and exchanging a per-session symmetric key within that channel, which is destroyed at the end of the conversation. More technical information is available here.
In short it provides more authentication than Trillian's setup, more deniability than gaim-encryption, and doesn't require any of the infrastructure required by SILC. The only difficulty in using it is getting other people to use a supported client program and to install the plugin / generate a key.
I think there's room for both types of encrypted communications: ones that provide a trust framework and robust authentication, and ones that provide for more deniability (and allow the computerized century equivalents of a face-to-face meeting, where if both people desire it, they can deny the contents of the communication later).
"Ladies and gentlemen, my killbot features Lotus Notes and a machine gun. It is the finest available."
So if you run it 3 times for triple des, that's approx 6000 instructions for every 8 bytes, or about 750 instruction cycles per byte. At 8000 bytes/sec for voice quality audio, my fast DES code would only need 6 MIPS on an 8 bit microcontroller. A slower version in C is readily available for free, which runs about 5X slower than my hand optimized assembly, requiring 30 MIPS.
Certainly strong encryption is feasible in real time for voice audio, even on very inexpensive 8-bit chips.
PJRC: Electronic Projects, 8051 Microcontroller Tools
s/b http://law.richmond.edu/jolt/v2i1/sergienko.html
As always, all IMO. Insert "I think" everywhere grammatically possible.
Yeah they pretty much hand you the lists
/ delimit/index.shtml
http://www.treas.gov/offices/enforcement/ofac/sdn
Of course some of the entries are obviously from gathered inteliigence. I recall having to block anyone called "The Chess Player" from signing up. Unfortunately most websites don't gather date of birth, and when you do name only matching you catch a lot of innocent people - who are usually mightily pissed off about having to call EVERY SINGLE SITE that they try to sign up for.
The other big caveat is what you're supposed to do when you find a match - it's virtually impossible to stop them just changing their details and signing up again.
>Mr. Zimmermann, the registration page that is being refered to only asks for you email >address, thus your argument is invalid in this case. So why do you require registration? I told you why already. The wording of your posting implies you don't believe me. If you need more convincing, go to my Zfone FAQ page (http://philzimmermann.com/EN/zfone/index-faq.html ) where I address this particular question in great detail. If you still don't believe me after reading that, you are welcome to not use the product, and apply for a full refund. --prz
If I understand this software correctly, the keys are generated and discarded on the fly. Asking for the keys in that context is akin to asking for the contents of the A register last Tuesday. What do you say when you are legally required to turn over information that you have never seen, no longer have and never even knew that you had?
The Scarfo case. An accused mobster was using PGP, the FBI got a warrant, and tapped his computer with what sounds like a hardware keylogger.
...inherently distrust government no matter who is in power. Libertarians always view the government as untrustworthy, expansive, over-reaching, and inefficient by it's very nature. Thus the idea is to limit the government to its most basic and fundamental operations as set forth in the Constitution by our founding fathers.
The lines between the Dems and the Reps here in the US have blurred to the point that distinction is negligible.
Libertas in infinitum
You should never trust closed-source and purposefully undocumented crypto, and not be surprised when it gets cracked.
"Oppression and harassment is a small price to pay to live in the land of the free." -- Montgomery Burns.