Tony Arcieri: > On Thu, Jan 23, 2014 at 11:52 AM, carlo von lynX < > [email protected]> wrote: > >>> say it not secure. WebRTC is compatible with ZRTP key-authentication >> which >>> builds in a video-based auth scheme and should stop MITM attacks (last >> time >> >> You can't diffie-hellman yourself out of a MITM. If the fundamental link >> is unsafe, you can make all the ephemeral keys you like - the observer can >> trace them all. >> > > You should take a look at how ZRTP actually works, particularly Matt > Green's analysis: > > http://blog.cryptographyengineering.com/2012/11/lets-talk-about-zrtp.html > > ZRTP authentication works by negotiating what's called a "short > authentication string" between peers. If there's no MitM, both sides will > see the same string. > > To authenticate, you start a voice/video call. You will see the person > you're expecting, but at this point the link is insecure and may be MitMed. > > However, Alice can read off the Short Authentication String to Bob. Short > of fancy realtime video editing and voice impersonators, the string will be > incorrect if the connection is being MitMed. > > Once this has been done successfully once, ZRTP stores some "continuity > data" so the next time you authenticate to the same person, the previous > authentication will ensure future connections are secured.
The latter, the "continuity data" is implementation specific. I wonder how my voip clients actually support this. Last time I asked the PhonerLite developer, he told me, that PhonerLite does not support it. -- Liberationtech is public & archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at [email protected].
