Title :
Using SIP identity to prevent man-in-the-middle attacks on ZRTP
Author :
Jung, Oliver ; Petraschek, Martin ; Hoeher, Thomas ; Gojmerac, Ivan
Author_Institution :
Telecommun. Res. Center Vienna, Vienna
Abstract :
In this paper we present an architecture and associated protocol extensions for securing the media stream of a VoIP session. We make use of ZRTP which is a key agreement protocol that allows two parties to agree upon a secret session key over the media path. Because ZRTP is based on the popular Diffie-Hellmann key exchange mechanism it is inherently vulnerable to man-in-the-middle (MITM) attacks. Although ZRTP offers a mechanism for the prevention of MITM attacks, a sophisticated attacker might be able to launch a successful attack in certain scenarios. We describe an approach that provides authentic cryptographic parameters for ZRTP without sacrificing the independence from a user-level Public Key Infrastructure (PKI). We propose to use the mechanisms provided by RFC 4474 (SIP Identity) to ensure the identity of the parties involved in an ZRTP key exchange.
Keywords :
Internet telephony; cryptographic protocols; public key cryptography; transport protocols; Diffie-Hellmann key exchange mechanism; SIP identity; VoIP; key agreement protocol; man-in-the-middle attacks; user-level public key infrastructure; Certification; Internet; Message authentication; Protection; Public key; Public key cryptography; Security; Streaming media; Transport protocols; Web server;
Conference_Titel :
Wireless Days, 2008. WD '08. 1st IFIP
Conference_Location :
Dubai
Print_ISBN :
978-1-4244-2828-1
Electronic_ISBN :
978-1-4244-2829-8
DOI :
10.1109/WD.2008.4812920
