311579 – RFE: Option to encrypt protocols with ZRTP

Bug 311579 - RFE: Option to encrypt protocols with ZRTP

Summary: RFE: Option to encrypt protocols with ZRTP

Status:	RESOLVED UPSTREAM

Alias:	None

Product:	telepathy
Classification:	Unmaintained
Component:	call-ui (show other bugs)
Version:	0.5.1
Platform:	unspecified Linux

Importance:	NOR wishlist
Target Milestone:	Future
Assignee:	Telepathy Bugs

URL:
Keywords:

Depends on:
Blocks:

Reported:	2012-12-12 16:52 UTC by David Alston
Modified:	2012-12-12 21:21 UTC (History)
CC List:	0 users

See Also:
Latest Commit:
Version Fixed In:
Sentry Crash Report:

Attachments
Add an attachment

Note You need to log in before you can comment on or make changes to this bug.

Description David Alston 2012-12-12 16:52:01 UTC

ZRTP provides a way to encrypt messages that is more secure against man-in-the-middle attacks.  It can work with any protocol, but I'm especially interested in SIP/Video/XMPP

When the connection is being encrypted a key is generated that is then confirmed by both parties.  If each party sees a different key then a man-in-the-middle attack is taking place.

For clients that support ZRTP (Twinkle, Jitsi, et al) this would provide an encryption method that is easy to use and trust.

Reproducible: Always



Expected Results:  
1. Dial a SIP contact
2. SIP contact accepts connection
3. Click a padlock icon to initiate ZRTP encryption
4. Both you and your SIP contact see a verification string
5. If both verification strings match then the call is secure

ZRTP Protocol information..
http://en.wikipedia.org/wiki/ZRTP
http://www.voip-info.org/wiki/view/ZRTP

Other ZRTP Clients..
http://www.twinklephone.com/
https://jitsi.org/

Some ZRTP libraries..
http://www.gnutelephony.org/index.php/GNU_ZRTP
http://www.icall.com/developers/open-zrtp

Comment 1 George Kiagiadakis 2012-12-12 21:21:25 UTC

This feature belongs in farstream. See also https://bugs.freedesktop.org/show_bug.cgi?id=52481