Abstract

In this paper we present an architecture and associated protocol extensions for securing the media stream of a VoIP session. We make use of ZRTP which is a key agreement protocol that allows two parties to agree upon a secret session key over the media path. Because ZRTP is based on the popular Diffie-Hellmann key exchange mechanism it is inherently vulnerable to man-in-the-middle (MITM) attacks. Although ZRTP offers a mechanism for the prevention of MITM attacks, a sophisticated attacker might be able to launch a successful attack in certain scenarios. We describe an approach that provides authentic cryptographic parameters for ZRTP without sacrificing the independence from a user-level Public Key Infrastructure (PKI). We propose to use the mechanisms provided by RFC 4474 (SIP Identity) to ensure the identity of the parties involved in an ZRTP key exchange.