[Demexp-dev] zPhone of Philip Zimmermann

demexp-dev

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Demexp-dev] zPhone of Philip Zimmermann

From:	David MENTRE
Subject:	[Demexp-dev] zPhone of Philip Zimmermann
Date:	Fri, 3 Feb 2006 10:04:10 +0100

Hello,

Philip Zimmermann, author of PGP, works on secure VoIP (Voice over IP)
and is starting to make some noise about his zPhone (temporary name):
  http://www.philzimmermann.com/EN/zfone/
  http://www.voip-magazine.com/content/view/1674

No much precise information right now, however :
  - it should be "OpenSource" (but Free Software???) ;

  - it uses an new approach (to my knowledge) to authentication and
confidentiality:

   1. generate a session key with Diffie Hellman protocol,

   2. generate a fingerprint that users see on their screen and that
they can check by voice over the phone,

   3. this fingerprint is reused from one session to the other one
between 2 people, so that confidentiality and authentication from
session 1 to n is guaranteed by checking the fingerprint at session n;

 - no key server, neither centralised (PKI) or distributed (Web of Trust);

 - works within RTP protocol (UDP voice data stream) and an IETF draft
is prepared.

I find this approach very interesting, especially regarding end user
aspects (no key to generate, very simple, should work with NATs,
etc.).

Of course, one should know more details (patents?) to make one precise
idea of it.

Best wishes,
d.

[Prev in Thread]

Current Thread

[Next in Thread]

[Demexp-dev] zPhone of Philip Zimmermann, David MENTRE <=
- Re: [Demexp-dev] zPhone of Philip Zimmermann, William D. Neumann, 2006/02/03
  - Re: [Demexp-dev] zPhone of Philip Zimmermann, David MENTRE, 2006/02/03

Next by Date: Re: [Demexp-dev] zPhone of Philip Zimmermann
Next by thread: Re: [Demexp-dev] zPhone of Philip Zimmermann
Index(es):
- Date
- Thread