PDA

View Full Version : ATA firmware support for ZRTP?



will
08-15-2012, 09:25 AM
I've been reading about encryption schemes for VOIP applications but I haven't had any luck finding any VIOP hardware that supports encryption, such as ZRTP. With more and more telephone traffic migrating from POTS to VOIP, encryption will become more and more important in future years. As Phil Zimmermann himself explains on the Zfone Project website, POTS is secure due to the fact that only the government has the ability to initiate a wiretap from the telco central office, while anyone else who wants to eavesdrop on a POTS line must have physical access to the wires carrying the signal somewhere between the wiretap target and the central office, which is a difficult obstacle to overcome without raising suspicion. VOIP telephone traffic, on the other hand, can be easily "wiretapped" by anyone with a packet sniffer and the knowhow to use it. Imagine your local police station or courthouse migrates from POTS to VOIP without using encryption. Before too long, organized crime may employ hackers to wiretap communications regarding ongoing investigations, or even personal calls revealing such things as what time the prosecuting attorney will be picking up the kids from daycare after work. With all the talk about "next generation 911" migrating emergency telecom traffic to VOIP, the thought of cyberterrorist attack on a strategically located PSAP (Public Safety Answering Point), coordinated with a bombing in the same area could easily become our future reality.

claganga
08-21-2012, 08:04 PM
Tapping a POTs is not as hard as you think. If I wanted to tap your phone the junction box is right on the side of your house with a screw driver, old phone or linemen's head set and cover of night I could be listening and making calls from your house. With a van, traffic cone and ladder, I'm sure I could be on pole without question. That said though I see your concern but the real concern is on a shared segment like cable. DSL is point to point to the C/O so there is less threat there. Once on the internet backbone while easy to sniff with physical access, obtaining said access is pretty hard.

Anyway SRTP is a pretty nice feature but I don't expect the VOIPO to support it anytime soon since all the partners would need to support it.