Bug 311579

Summary: RFE: Option to encrypt protocols with ZRTP
Product: [Frameworks and Libraries] telepathy Reporter: David Alston <david.alston>
Component: call-uiAssignee: Telepathy Bugs <kde-telepathy-bugs>
Status: RESOLVED UPSTREAM    
Severity: wishlist    
Priority: NOR    
Version: 0.5.1   
Target Milestone: Future   
Platform: unspecified   
OS: Linux   
Latest Commit: Version Fixed In:

Description David Alston 2012-12-12 16:52:01 UTC 
ZRTP provides a way to encrypt messages that is more secure against man-in-the-middle attacks.  It can work with any protocol, but I'm especially interested in SIP/Video/XMPP

When the connection is being encrypted a key is generated that is then confirmed by both parties.  If each party sees a different key then a man-in-the-middle attack is taking place.

For clients that support ZRTP (Twinkle, Jitsi, et al) this would provide an encryption method that is easy to use and trust.

Reproducible: Always



Expected Results:  
1. Dial a SIP contact
2. SIP contact accepts connection
3. Click a padlock icon to initiate ZRTP encryption
4. Both you and your SIP contact see a verification string
5. If both verification strings match then the call is secure

ZRTP Protocol information..
http://en.wikipedia.org/wiki/ZRTP
http://www.voip-info.org/wiki/view/ZRTP

Other ZRTP Clients..
http://www.twinklephone.com/
https://jitsi.org/

Some ZRTP libraries..
http://www.gnutelephony.org/index.php/GNU_ZRTP
http://www.icall.com/developers/open-zrtp
Comment 1 George Kiagiadakis 2012-12-12 21:21:25 UTC 
This feature belongs in farstream. See also https://bugs.freedesktop.org/show_bug.cgi?id=52481