[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Linphone-developers] Question About Security Feature

From: Werner Dittmann
Subject: Re: [Linphone-developers] Question About Security Feature
Date: Sat, 02 Feb 2013 08:11:35 +0100
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/17.0 Thunderbird/17.0

Am 01.02.2013 21:39, schrieb Mohamad Mansouri:
> hello dears
> i confused about security feature in linphone APP:
> ZRTP is key management and agreement protocol and SRTP is security profile 
> for RTP protocol. SRTP get it's needed security parameters form another 
> protocol such
> as ZRTP or MIKEYor SDES, ok?

Yes, correct.

> now when we choice SRTP in encryption menu not ZRTP, where SRTP found it's 
> needed security parameters such as key for AES algorithm? or in another 
> situation,
> using ZRTP alone how could secure my call While the SRTP not actived?

ZRTP activates and uses SRTP implicitly if you enable ZRTP

Without knowing the Linphone implementation in detail my guess is that if just 
only enable
SRTP then Linphone uses SDES to exchange the crypto information. In this case 
it is mandatory
that you use an ecrypted SIP connection (SIPS) and a trustworthy SIP server/SIP 
proxy. SDES
exhanges the crypto data (keys for example) in clear text in the SIP/SDP data. 
not using encryptd SIP moots security. Also keep in mind: the encrypted SIP 
(SIPS) only
encrypts the data between the client and the SIP server/proxy, thus the SIP 
knows about all the keys!

ZRTP uses the media channel, end-to-end, directly between clients to negotiate 
the keys etc
and it's much more secure in that regard.


> _______________________________________________
> Linphone-developers mailing list
> address@hidden

Werner Dittmann    address@hidden
Tel +49 173 44 37 659
PGP key: 82EF5E8B

reply via email to

[Prev in Thread] Current Thread [Next in Thread]