@SystemGroup: The ZRTP Protocol Security Considerations

Titolo Paper:

The ZRTP Protocol Security Considerations

Autore:

Riccardo Bresciani;

Categoria:

*Student*

Slides:

Scarica le slide dell'intervento

Abstract intervento:

ZRTP is draft of key agreement protocol by Phil Zimmermann, which relies on a Diffie-Hellman exchange to generate SRTP session parameters, providing confidentiality and protecting against Man-in-the-Middle attacks even without a public key infrastructure or endpoint certificates. This is an analysis of the protocol performed with AVISPA and ProVerif, which tests security properties of ZRTP; in order to perform the analysis, the protocol has been modeled in HLPSL (for AVISPA) and in the applied ?-calculus (for Proverif). An improvement to gather some extra resistance against Man-in-the-Middle attacks is also proposed.

Scarica le slide dell'intervento

Interventi correlati:

Hardening a VoIP infrastructure
Open Communication VoIP Security: Asterisk e dintorni
Voip security dalla teoria alla pratica. Case Study