[liberationtech] WebRTC - The next big surveillance machine
Patrick Schleizer
adrelanos at riseup.net
Fri Jan 24 08:10:06 PST 2014
Tony Arcieri:
> On Thu, Jan 23, 2014 at 11:52 AM, carlo von lynX <
> lynX at time.to.get.psyced.org> wrote:
>
>>> say it not secure. WebRTC is compatible with ZRTP key-authentication
>> which
>>> builds in a video-based auth scheme and should stop MITM attacks (last
>> time
>>
>> You can't diffie-hellman yourself out of a MITM. If the fundamental link
>> is unsafe, you can make all the ephemeral keys you like - the observer can
>> trace them all.
>>
>
> You should take a look at how ZRTP actually works, particularly Matt
> Green's analysis:
>
> http://blog.cryptographyengineering.com/2012/11/lets-talk-about-zrtp.html
>
> ZRTP authentication works by negotiating what's called a "short
> authentication string" between peers. If there's no MitM, both sides will
> see the same string.
>
> To authenticate, you start a voice/video call. You will see the person
> you're expecting, but at this point the link is insecure and may be MitMed.
>
> However, Alice can read off the Short Authentication String to Bob. Short
> of fancy realtime video editing and voice impersonators, the string will be
> incorrect if the connection is being MitMed.
>
> Once this has been done successfully once, ZRTP stores some "continuity
> data" so the next time you authenticate to the same person, the previous
> authentication will ensure future connections are secured.
The latter, the "continuity data" is implementation specific.
I wonder how my voip clients actually support this.
Last time I asked the PhonerLite developer, he told me, that PhonerLite
does not support it.
More information about the liberationtech
mailing list