[VOIPSEC] zFone

[Brian Kim]

On 9/12/05, Alexander Ph. Lintenhofer <lintenhofer at aon.at> wrote:
> I just read about Phil Zimmermanns new invention zFone and would like to
> ask you about your opinion. What do you think about the
> authentication/identification scheme without a PKI?

I had the good fortune to be able to attend his briefing at Black Hat
and get a first hand look at Zimmerman's demo. I must say that it
looks like it has reasonably strong security, if for no other reason,
because of the nature of the media being transmitted. I'm not sure how
much you've read about it, but my understanding is that the phone uses
Diffie-Hellman key exchange to agree on cipher keys, then expects its
users to voice verify keys.

Ultimately, the security of this system relies on the difficulty of
successfully accomplishing a man-in-the-middle attack (or breaking the
AES encryption algorithm). This can range from a more trivial audio
substitution of the key during voice verification (which will likely
be subject to just plain sounding different during key verification)
to having a person (or more than one person) sit in the middle and
speak the two parts. Of course, the latter strategy would almost
certainly introduce errors as well as additional delay, which will
likely push it into the realm of unacceptability.

I think it's a good solution which is adequate for typical privacy
needs. However, all Zimmerman has managed to do is find a niche in
which PKI probably isn't necessary in the general case.

Brian

(of course, this is all my opinion and strictly my opinion --
especially not that of my employer(s), the government, god or my cat)