[Freeswitch-dev] ZRTP

David Sugar dyfet at gnutelephony.org
Mon Jul 21 09:33:08 EDT 2008

In an IP-PBX that must operate as a b2bua (back-to-back user agent),
there are two possible arrangements for implimenting ZRTP.  The first is
through PBX enrollment, which makes the IP-PBX a fully trusted (and
hence insecure) man-in-the-middle.  The second method requires PBX
transparency, where the channel between ua's is not decrypted at the
server, and where this will still work when the call is routed to an
insecure destination (telephony card, non-zrtp extension, etc) where
decryption must occur.  This latter method requires a lot more work to
get correct....

In the GNU project, we have a zrtp stack as an extension to ccrtp (the
GNU RTP Stack) as noted here, libzrtpcpp.  There is an asterisk module
for zrtp available from Phil Zimmerman's site.  We also have been
working on a Java based stack which is in svn but not "released" yet,
and that works with SIP communicator.  Our own chosen solution was not
to use or extend an existing b2bua based IP-PBX architecture (like say
for example Bayonne), but rather to design a new call SIP call server
explicitly for handling secure calling, which is GNU SIP Witch.

Robert Clayton wrote:
> Is anyone attempting to implement the ZRTP cryptographic key-agreement
> protocol (a method of encrypting voice data using self-generated keys,
> rather than keys from certificate authorities).
> Some softphones such as X-Lite already implement it.
> There is apparently an open source library at
> ftp://ftp.gnu.org/gnu/ccrtp/libzrtpcpp-0.9.0.tar.gz
> ------------------------------------------------------------------------
> _______________________________________________
> Freeswitch-dev mailing list
> Freeswitch-dev at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-dev
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-dev
> http://www.freeswitch.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: dyfet.vcf
Type: text/x-vcard
Size: 177 bytes
Desc: not available
Url : http://lists.freeswitch.org/pipermail/freeswitch-dev/attachments/20080721/0d144693/attachment.vcf 

More information about the Freeswitch-dev mailing list