----- Original Message -----
From: "John Todd" <[EMAIL PROTECTED]>
To: "Asterisk Security Discussion" <[email protected]>
Sent: Saturday, July 22, 2006 1:27 AM
Subject: Re: [Asterisk-Security] Opportunistic encryption
[...]
3) "Man in the Middle" mode, where Asterisk creates two separate ZRTP
legs to different ZRTP clients. While this sounds like a security risk,
it is actually a fairly desirable situation. Many calls need to be
recorded, or monitored for DTMF, or inserted into app_conference for group
discussion. Having each leg of the call encrypted to the Asterisk server
but not encrypted in an "end-to-end" fashion would be frequent, I suspect.
The users could still verify that their calls were encrypted to the core,
and interception would not be possible except on the Asterisk server
itself.
Why not? AFAIK, in ZRTP a man in the middle is detected through biometric
authentication (the two users at the endpoints compare a common hash while
recognizing each other's voice). Once you break this mechanism with a
(supposedly) trusted MiM, you can't exclude the existence on a _second_ MiM
in the chain.
Also, I wouldn't be so sure about the impregnability of the Asterisk box.
Incidentally, concerns of this type represented an important factor in the
failure of WTLS to be accepted for securing e-commerce transactions on
mobile phones: the WTLS<->SSL gateway was vulnerable to hacking, and
therefore untrusted.
Enzo
_______________________________________________
--Bandwidth and Colocation provided by Easynews.com --
Asterisk-Security mailing list
To UNSUBSCRIBE or update options visit:
http://lists.digium.com/mailman/listinfo/asterisk-security
