[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Linphone-developers] Linphone ZRTP insecure

From: Juraj Šarinay
Subject: [Linphone-developers] Linphone ZRTP insecure
Date: Thu, 09 Mar 2023 15:52:52 +0100


The way Linphone implements parts of SIP makes ZRTP rather useless. I
first reported the vulnerability back in 2018 and also when revisiting
the issue four years later.

After Alice and Bob set up ZRTP and call each other, a malicious server
in between can downgrade a running ZRTP call to plain RTP and listen

If ZRTP is configured as mandatory on both endpoints, instead of
downgrading to plain RTP, the attacker starts fresh separate ZRTP
sessions with the participants to replace the original direct ZRTP

I shall spare you the details and provide a demonstration of the
attacks (on the latest versions of Linphone) on video.

The security of ZRTP within Linphone boils down to the question of how
likely Alice or Bob are to notice the attack in the middle of a call.

Belledone have been rolling their own crypto for years. Perhaps other
people's crypto might be worth getting right too.


reply via email to

[Prev in Thread] Current Thread [Next in Thread]