Security and Usability Aspects of Man-in-the-Middle Attacks on ZRTP
| dc.creator | Petraschek,Martin | |
| dc.creator | Hoeher,Thomas | |
| dc.creator | Jung,Oliver | |
| dc.creator | Hlavacs,Helmut | |
| dc.creator | Gansterer,Wilfried | |
| dc.date | 2008 | |
| dc.date.accessioned | 2024-02-06T12:56:18Z | |
| dc.date.available | 2024-02-06T12:56:18Z | |
| dc.description | ZRTP is a protocol designed to set up a shared secret between two communication parties which is subsequently used to secure the media stream (i.e. the audio data) of a VoIP connection. It uses Diffie-Hellman (DH) key exchange to agree upon a session key, which is inherently vulnerable to active Man-in-the-Middle (MitM) attacks. Therefore ZRTP introduces some proven methods to detect such attacks. The most important measure is a so called Short Authentication String (SAS). This is a set of characters that is derived essentially from the public values of the Diffie-Hellman key exchange and displayed to the end users for reading out and comparing over the phone. If the SAS on the caller's and the callee's side match, there is a high probability that no MitM attack is going on. Furthermore, ZRTP offers a form of key continuity by caching key material from previous sessions for use in the next call. In order to prevent that a MitM can manipulate the Diffie-Hellman key exchange in such a way that both partners get the same SAS although different shared keys were negotiated, ZRTP uses hash commitment for the public DH value. Despite these measures a Relay Attack (also known as Mafia Fraud Attack or Chess Grandmaster Attack) is still possible. We present a practical implementation of such an attack and discuss its characteristics and limitations, and show that the attack works only in certain scenarios. | |
| dc.format | text/html | |
| dc.identifier | https://doi.org/10.3217/jucs-014-05-0673 | |
| dc.identifier | https://lib.jucs.org/article/28996/ | |
| dc.identifier.uri | https://openrepository.mephi.ru/handle/123456789/9643 | |
| dc.language | en | |
| dc.publisher | Journal of Universal Computer Science | |
| dc.relation | info:eu-repo/semantics/altIdentifier/eissn/0948-6968 | |
| dc.relation | info:eu-repo/semantics/altIdentifier/pissn/0948-695X | |
| dc.rights | info:eu-repo/semantics/openAccess | |
| dc.rights | J.UCS License | |
| dc.source | JUCS - Journal of Universal Computer Science 14(5): 673-692 | |
| dc.subject | ZRTP | |
| dc.subject | Man-in-the-Middle-Attack | |
| dc.subject | security | |
| dc.title | Security and Usability Aspects of Man-in-the-Middle Attacks on ZRTP | |
| dc.type | Research Article |