[guardian-dev] A Network Analysis of Encrypted Voice over OSTN
Patrick B
patrickbx at gmail.com
Fri Jul 6 11:10:49 EDT 2012
I haven't been able to test this, but this is the assumption, yes.
ZRTP setup packets would be identifiable with application filtering
and could probably be selectively blocked without any user notice. The
discerning user might notice, but this would be a problem for accounts
like OSTN in which a user might just expect encryption to always work.
I would assume for now that ZRTP could be silently blocked. Since
right now opportunistic encryption is used, both clients use RTP until
they see ZRTP hello packets. All you need to do is block those hello
packets and it would appear that the other client has ZRTP off.
Adding a Force-ZRTP to the client would solve this problem. Blocking
ZRTP would just block the call then.
-Patrick
On Fri, Jul 6, 2012 at 8:56 AM, Tom Ritter <tom at ritter.vg> wrote:
> Good analysis.
>
> Would a man in the middle be able to swallow the ZRTP setup packets and
> prevent encryption without being detected*? I can't imagine RTP provides
> integrity...
>
> *Other than the parties knowing they don't have encryption, of course.
>
> -tom
>
>
> _______________________________________________
> Guardian-dev mailing list
>
> Post: Guardian-dev at lists.mayfirst.org
> List info: https://lists.mayfirst.org/mailman/listinfo/guardian-dev
>
> To Unsubscribe
> Send email to: Guardian-dev-unsubscribe at lists.mayfirst.org
> Or visit:
> https://lists.mayfirst.org/mailman/options/guardian-dev/patrickbx%40gmail.com
>
> You are subscribed as: patrickbx at gmail.com
>
More information about the Guardian-dev
mailing list