Re: [Linphone-developers] ZRTP advance mode

linphone-developers

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Linphone-developers] ZRTP advance mode

From:	Werner Dittmann
Subject:	Re: [Linphone-developers] ZRTP advance mode
Date:	Sat, 27 Dec 2014 15:26:00 +0100
User-agent:	Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.2.0

I'm not familiar with the Linphone integration thus I cannot answer Linphone
specific questions. The display of the SAS is part of the UI, not the ZRTP
library. 

My ZRTP lib (which Linphone uses AFAIK) implements the 4-character SAS and the 
standard 2-word SAS which uses the PGP wordlists, i.e. 2 lists of 256 words 
each. 
Please do not use other wordlists. The PGP wordlist was designed by specialists 
(linguists) for the English language. For example one lists contains words with 
2
syllables, the other list words with 3 syllabes. For more information refer to
http://en.wikipedia.org/wiki/PGP_word_list

Thus, be careful when using own wordlists for other languages, also make sure 
that
each party uses the same wordlists.


Am 27.12.2014 um 14:43 schrieb javier falbo:
> Hi Werner,
> 
> Yes, this seems an easy solution, but you could implement a selectable 
> language dictionary on the zrtp setup and you also solve this problem. 
> Militar keycodes are sent in words format (Alpha, Bravo, Charlie, etc) as 
> single letters are complicate to handle during a voice contact. So the 2 
> letters words is more efficent on field operations that the 4 letters.
> 
Here you refer to the NATO alphabet or similar. I would be careful if you have 
users that
cannot read latin characters (words). For them APLHA, BRAVO, CHARLY etc is 
quite useless.

> What about the selectable AES? i dont see any option to configurate 128 or 
> the standard 256 AES on the zrtp.
> By default the software connects on 128 which is below average the 
> encryption. I would like to have default 256

Well, that's a common misunderstanding. AES 128 is save, actually there are 
more attacks on AES 192 and AES 256,
refer to http://en.wikipedia.org/wiki/Advanced_Encryption_Standard

The ZRTP lib in Github supports these algorithms, also Twofish and some other 
goodies. It mainly
depends on the integration of the ZRTP lib into the VoIP client and its UI 
which options the 
client uses and/or offers to the user.

Werner
> 
> regards.
> Javier
> 
> 
>> Date: Sat, 27 Dec 2014 09:42:11 +0100
>> From: address@hidden
>> To: address@hidden
>> Subject: Re: [Linphone-developers] ZRTP advance mode
>>
>> May I step in here regarding the SAS:
>>
>> If you use SAS dictionary (as you describe it) then *never* translate the 
>> words into
SNIP ---- SNAP

-- 
Werner Dittmann
email: address@hidden
cell:  +49 173 44 37 659
PGP key: 82EF5E8B

[Prev in Thread]

Current Thread

[Next in Thread]

[Linphone-developers] ZRTP advance mode, javier falbo, 2014/12/26
- Re: [Linphone-developers] ZRTP advance mode, Werner Dittmann, 2014/12/27
  - Re: [Linphone-developers] ZRTP advance mode, javier falbo, 2014/12/27
    - Re: [Linphone-developers] ZRTP advance mode, Werner Dittmann <=

Prev by Date: Re: [Linphone-developers] ZRTP advance mode
Next by Date: [Linphone-developers] [BUG] Linphone Android app crash on AVPF-enabled call
Previous by thread: Re: [Linphone-developers] ZRTP advance mode
Next by thread: [Linphone-developers] [BUG] Linphone Android app crash on AVPF-enabled call
Index(es):
- Date
- Thread