[Full-disclosure] Skype chat encryption with OTR
Fabio Pietrosanti (naif)
lists at infosecurity.ch
Thu Jun 19 09:20:01 BST 2008
rawket wrote:
> There are voice encryption protocols already Fabio, you should get a
> STU-III Phone then call the Whitehouse.
> tell them to "go secure" lol.
>
mmm yes but respect STU-III (http://en.wikipedia.org/wiki/STU-III) to
talk to the Whitehouse would be better to use a SCIP compatible device
(http://en.wikipedia.org/wiki/SCIP).
In both case the keys are owned but NSA, better than skype? :)
Or we could use some terrorist-oriented technology like steganography
with RTP!
http://druid.caughq.org/presentations/Real-time-Steganography-with-RTP.pdf
Even if at the end of the story zrtp (zfoneproject.com) it's the best
choice cause Zimmermann have done a great work and he's a very hard
crypto guys with political motivation!
And be careful, do not trust the Cisco proposed DTLS-SRTP for voice
encryption, it's a crap standard plenty of vulnerability and
implementation complexity (http://zfoneproject.com/faq.html#ZRTP-vs-DTLS) .
We should all sustain ZRTP as a standard for voice encryption, it's like
the past fight between PGP-OpenPGP/MIME and X509- S/MIME !
Fabio/naif
Full-Disclosure is hosted and sponsored by Secunia.