Zfone Makes Its Debut

With voice-over-IP (VoIP) becoming ever more popular, security of conversations is of course a primary concern. Phil Zimmerman, inventor of the well-known PGP software, aims to help protect VoIP user's privacy with his latest encryption product, Zfone, which was released into public beta this week.

In its current rendition of Zfone acts like as a go-between for VoIP clients. The tool negotiates and manages end-to-end encryption to protect data as it travels between end points. The current Zfone beta runs on Linux and Mac OS X, and plans are in the works to release a version for Windows by mid-April.

Zimmerman said he expects to see Zfone technology integrated directly into VoIP client hardware and software. A software developers kit (SDK), written in C, is available for those who want to explore direct integration.

What makes Zfone unique is that it decentralizes control over encryption keys. Zimmerman said that, "Although it uses a public key algorithm \[...\] it does not use persistant public keys.  \[Zfone works\] without reliance on a PKI, key certification, trust models, certificate authorities, or key management complexity that bedevils the email encryption world. It also does not rely on SIP signaling for the key management, and in fact does not rely on any servers at all. It performs its key agreements and key management in a purely peer-to-peer manner over the RTP packet stream."

The Zfone protocol, ZRTP, has also been submitted to the Internet Engineering Task Force (IETF) as a draft proposal.  The proposal was authored by Zimmerman, Alan Johnston, and Jon Callass. Johnston co-authored the SIP standard (RFC 3261) and Callass is chief technology officer at PGP Corp.

Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.