privategsm - voice encryption technical overview
DESCRIPTION
>PrivateGSM Security Overview >PrivateGSM Voice Encryption Standards: - Signaling Encryption - Media Encryption - End-to-End key exchange - End-to-Site key exchangeTRANSCRIPT
An overview of PrivateGSM’s encryption technologies and security
PrivateGSM - Voice Encryption Technical Overview
14/04/2011Fabio Pietrosanti – CTO
http://www.privatewave.comTel: +39 340 180 1049E-mail: [email protected]
2
Agenda
• PrivateGSM Security Overview
• PrivateGSM Voice Encryption Standards
Signaling Encryption
Media Encryption
End-to-End key exchange
End-to-Site key exchange
3
Company Vision: Transparency, Usability and Security!
• PrivateWave promotes the value of total transparency in all the applications developed, using only open source and public technologies, with a security certified and monitored by the biggest worldwide experts in this sector.
• PrivateWave develops and produces encryption products with a focus on the usability. Any user, even with no technical background, is able to communicate in a safe and secure way without any difficulty.
The company vision
PrivateGSM Security Overview
• Software voice encryption product for smartphones
• Nokia S60 smartphones
• Blackberry Bold9700, Bold 9000, BB 8520
• iPhone 3GS, 4G
• Use VoIP (UMTS, GPRS, WIFI)
• Require installation at both parties
• Extremely easy to be used
• Ready for organization-wide distribution
• Increased user acceptance without Dedicated Hardware!
4
PrivateGSM Mobile Voice Encryption
PrivateGSM Security Overview
Differentiated Security Model
• Security model it’s highly relevant when defining policies for secure communications
• Specific information require specific security model
• PrivateGSM support two security model
Protecting from everyone
Protecting from third party
PrivateGSM Security Overview
Protect from everyone
• End To End Security
• The information is encrypted at the source and decrypted at the destination.
• Anyone except the caller and the called can acquire the communication.
PrivateGSM Security Overview
IP NetworkInternet
MNO 1
MNO 2
Communication protected by ZRTP
End To End Security
Protect from everyone
Secure Telephony
Infrastructure PBX
PrivateGSM Security Overview
Protect from third party
• End To Site Security
• The information is encrypted separately from the source to the server and from the server to the destination with two different operations.
• Anyone except the server, the caller and the called can acquire the communication.
• The organization has the authority to eavesdrop it’s own communication
PrivateGSM Security Overview
Protect from third party
IP NetworkInternet
MNO 1
IP Phone
Communication protected by SRTP/SDES
End To Site Security
Secure PBX
PrivateGSM Security Overview
PSTN
Corporate PBX
• Certified to be secure
• Multiple independent research/industry institutions certify it to be secure
• Open Source encryption codes
• Subject to public review ( www.zrtp.org )
• Every security sensitive piece of code can be inspected and reviewed
• Full Protection
• Protect from intelligence gathering trough phone call logs (signaling)
• Politically neutral
• Technology resistant against possible political pressure on manufacturer
10
Security Approach
PrivateGSM Security Overview
11
Voice Encryption Standards
• PrivateGSM Security Overview
• PrivateGSM Voice Encryption Standards
Signaling Encryption
Media Encryption
End-to-End key exchange
End-to-Site key exchange
Voice Encryption Standards
SIP/TLS Security Standard
• Signaling Encryption (like https but better than a browser)
• Server side digital certificates for use by SSL/TLS
• Strict TLS hardening for custom-CA configuration
• Strict TLS Policy Handshake for safety (only strong ciphers)
• Key Exchange (For example RSA or Diffie Hellman or Elliptic Curve DH or Ephemeral DH or ECC Ephemeral DH)
• Key Signing (For example RSA or ECC keys)
• Symmetric Encryption (For example DES, 3DES, RC4, AES128, AES256)
• Hashing Algorithm (For example MD5, SHA1, SHA256, SHA384)
Voice Encryption Standards – Signaling Encryption
12
SIP/TLS handshake
13Voice Encryption Standards – Signaling Encryption
SIP/TLS Encryption Tech Summary
• TLS Exchange Preferences:
• TLS_RSA_WITH_AES_256_CBC_SHA
• TLS_DHE_RSA_WITH_AES_256_CBC_SHA
• Symmetric algorithm: AES-128/256
• Asymmetric algorithm: DHE / RSA
• When negotiating DHE the SIP Signaling acquire Perfect Forward Secrecy (PFS) properties** Not all mobile platform support DHE for SIP/TLS
14Voice Encryption Standards – Signaling Encryption
15
Voice Encryption Standards
• PrivateGSM Security Overview
• PrivateGSM Voice Encryption Standards
Signaling Encryption
Media Encryption
End-to-End key exchange
End-to-Site key exchange
Voice Encryption Standards
SRTP Media Encryption Tech Summary
• SRTP describe how to encrypt and guarantee the integrity of RTP packets
• Encryption has been brought to IETF standard in March 2004 with SRTP (RFC3711)
• Several Key Exchange methods has been standardized
• SRTP support for symmetric encryption
• AES128 / 256 Counter mode (CTR)
• SRTP for integrity checking HMAC-SHA1 (32bit used)
16Voice Encryption Standards – Media Encryption
SRTP Media Encryption packet format
17Voice Encryption Standards – Media Encryption
18
• PrivateGSM Security Overview
• PrivateGSM Voice Encryption Standards
Signaling Encryption
Media Encryption
End-to-Site key exchange
End-to-End key exchange
Voice Encryption Standards
Voice Encryption Standards – End-to-End Encryption
SRTP/SDES Security Standard
• End-to-site encryption with digital certificate verification
• Exactly same security architecture of HTTPS
• Based on Digital Certificates and PKI
• Standardized by Internet Engineering Task Force (IETF)
• Diffused among major business VoIP desk phones manufacturer
• Snom, Cisco, Asterisk, Avaya, etc
• De Facto Enterprise Secure Telephony Standard
Voice Encryption Standards – End-to-Site Encryption
20
SRTP/SDES end-to-site Example Architecture
Voice Encryption Standards – End-to-Site Encryption
SRTP/SDES Security Standard
IP NetworkInternet
MNO 1
IP Phone(Snom)
Communication protected by SRTP/SDES
End To Site Security
Secure Telephony
Infrastructure PBX
Voice Encryption Standards – End-to-Site Encryption
SRTP/SDES Security StandardINVITE sips:*[email protected];user=phone SIP/2.0Via: SIP/2.0/TLS 172.20.25.100:2049;branch=z9hG4bK-s5kcqq8jqjv3;rportFrom: "123" <sips:[email protected]>;tag=mogkxsrhm4To: <sips:*[email protected];user=phone>Call-ID: 3c269247a122-f0ee6wcrvkcq@snom360-000413230A07CSeq: 1 INVITEMax-Forwards: 70Contact: <sip:[email protected]:2049;transport=tls;line=gyhiepdm>;reg-id=1User-Agent: snom360/6.2.2Accept: application/sdpAllow: INVITE, ACK, CANCEL, BYE, REFER, OPTIONS, NOTIFY, SUBSCRIBE, PRACK, MESSAGE, INFOAllow-Events: talk, hold, referSupported: timer, 100rel, replaces, calleridSession-Expires: 3600;refresher=uasMin-SE: 90Content-Type: application/sdpContent-Length: 477
v=0o=root 2071608643 2071608643 IN IP4 172.20.25.100s=callc=IN IP4 172.20.25.100t=0 0m=audio 57676 RTP/AVP 0 8 9 2 3 18 4 101a=crypto:1 AES_CM_128_HMAC_SHA1_32 inline:WbTBosdVUZqEb6Htqhn+m3z7wUh4RJVR8nE15GbNa=rtpmap:18 g729/8000a=rtpmap:4 g723/8000a=rtpmap:101 telephone-event/8000a=fmtp:101 0-16a=ptime:20a=encryption:optionala=sendrecv
Voice Encryption Standards – End-to-Site Encryption
SRTP/SDES Encryption Tech Summary
• Symmetric algorithm: AES-128 (CTR)
• Asymmetric algorithm: TLS with x509v3
• Typical server key size: RSA 2048
• Open Source Secure Codes
Voice Encryption Standards – End-to-Site Encryption
24
Voice Encryption Standards
• PrivateGSM Security Overview
• PrivateGSM Voice Encryption Standards
Signaling Encryption
Media Encryption
End-to-End key exchange
End-to-Site key exchange
Voice Encryption Standards
ZRTP Security Standard
• End-to-end encryption with man-in-the-middle protection
• Invented by a group of famous international cryptographers leaded by Philip Zimmermann in 2006
• Standardized by Internet Engineering Task Force (IETF)
• Protocol with encryption algorithms recognized by most important international security bodies
• Human authentication –No Automatic authentication process
• Open source Release – http://www.zrtp.org ( ZORG Project )
Voice Encryption Standards – End-to-End Encryption
• PrivateGSM provide human based authentication with automatic key generation and agreement based on ZRTP
26
ZRTP Human Based Authentication
Voice Encryption Standards – End-to-End Encryption
ZRTP Security Standard
TODO – SLIDE SCHEMA ZRTP
27Voice Encryption Standards – End-to-End Encryption
ZRTP ECC Security Review
• ZRTP use ECC curves (P-384 / P-521) recognized by
ECC Brain pool - Germany
Standards for efficient cryptography group (SECG) – International
ECC Interoperability Forum – International
National Institute of Standard (NIST) – USA
• Runtime detection of weak ECC curves
• Implemented in secure open source code
• ZRTP use encryption algorithms certified for TOP SECRET within NSA and NATO environment
Voice Encryption Standards – End-to-End Encryption
ZRTP Encryption Tech Summary
• Symmetric algorithm: AES-256 (CTR)
• Asymmetric algorithm: ECDH-384/521 (P-384/521)
• Strength equivalence: RSA 7680 / 15360
• Perfect Forward Secrecy (PFS): In the unfortunate “loss” event of your phone, no one will be able to access your keys even if used in the past
• Open Source Secure Codes
Voice Encryption Standards – End-to-End Encryption
Voice Encryption Technology Summary
Tech Open Source
Public Specificatio
n
Standard
Peer Reviewe
d
Security Model
Level
ZRTP YES YES YES YES END-TO-END TOP-SECRET
SRTP/SDES
YES YES YES YES END-TO-SITE SECRET
Voice Encryption Standards
Fabio Pietrosanti – CTO
http://www.privatewave.com
Per info:Tel: +39 340 180 1049E-mail: [email protected]
PrivateGSM - Voice Encryption Technical Overview