>PrivateGSM Security Overview >PrivateGSM Voice Encryption Standards: - Signaling Encryption - Media Encryption - End-to-End key exchange - End-to-Site key exchange

1. PrivateGSM - Voice EncryptionTechnicalOverview An overviewofPrivateGSM’sencryptiontechnologies and security 14/04/2011 Fabio Pietrosanti–CTO http://www.privatewave.com Tel: +39 340 180 1049 E-mail: fabio.pietrosanti@privatewave.com

3. PrivateGSM Voice Encryption Standards

4. Signaling Encryption

5. Media Encryption

6. End-to-End key exchange

9. Nokia S60 smartphones

10. Blackberry Bold9700, Bold 9000, BB 8520

11. iPhone 3GS, 4G

12. UseVoIP (UMTS, GPRS, WIFI)

13. Requireinstallation at bothparties

14. Extremely easy tobeused

15. Readyfororganization-widedistribution

16. IncreaseduseracceptancewithoutDedicated Hardware!PrivateGSM Security Overview 4

18. Specific information require specific security model

19. PrivateGSM support two security model

20. Protecting from everyone

21. Protecting from third partyPrivateGSM Security Overview

23. Anyone except the caller and the called can acquire the communication.PrivateGSM Security Overview

24. IP Network Internet End To End Security MNO 1 MNO 2 Communication protected by ZRTP Protect from everyone Secure Telephony Infrastructure PBX PrivateGSM Security Overview

26. Anyone except the server, the caller and the called can acquire the communication.

27. The organization has the authority to eavesdrop it’s own communicationPrivateGSM Security Overview

28. Protect from third party End To Site Security MNO 1 PSTN IP Network Internet Secure PBX Corporate PBX IP Phone Communication protected by SRTP/SDES PrivateGSM Security Overview

30. Multiple independentresearch/industryinstitutionscertifyittobesecure

31. Open Source encryptioncodes

32. Subjectto public review ( www.zrtp.org )

33. Every security sensitive pieceof code can beinspected and reviewed

34. Full Protection

35. Protectfrom intelligence gatheringtroughphonecalllogs (signaling)

36. Politicallyneutral

37. Technologyresistantagainstpossiblepoliticalpressure on manufacturerPrivateGSM Security Overview 10

38. Voice EncryptionStandards 11 PrivateGSM Security Overview PrivateGSM Voice Encryption Standards Signaling Encryption Media Encryption End-to-End key exchange End-to-Site key exchange Voice Encryption Standards

40. Server side digital certificates for use by SSL/TLS

41. Strict TLS hardening for custom-CA configuration

42. Strict TLS Policy Handshake for safety (only strong ciphers)

43. Key Exchange (For example RSA or Diffie Hellman or Elliptic Curve DH or Ephemeral DH or ECC Ephemeral DH)

44. Key Signing (For example RSA or ECC keys)

45. Symmetric Encryption (For example DES, 3DES, RC4, AES128, AES256)

46. Hashing Algorithm (For example MD5, SHA1, SHA256, SHA384)Voice EncryptionStandards–SignalingEncryption 12

47. SIP/TLS handshake Voice EncryptionStandards–SignalingEncryption 13

49. TLS_RSA_WITH_AES_256_CBC_SHA

50. TLS_DHE_RSA_WITH_AES_256_CBC_SHA

51. Symmetric algorithm: AES-128/256

52. Asymmetric algorithm:DHE / RSA

53. When negotiating DHE the SIP Signaling acquire Perfect Forward Secrecy (PFS) properties** Not all mobile platform support DHE for SIP/TLSVoice EncryptionStandards–SignalingEncryption 14

54. Voice EncryptionStandards 15 PrivateGSM Security Overview PrivateGSM Voice Encryption Standards Signaling Encryption Media Encryption End-to-End key exchange End-to-Site key exchange Voice Encryption Standards

56. Encryption has been brought to IETF standard in March 2004 with SRTP (RFC3711)

57. Several Key Exchange methods has been standardized

58. SRTP support for symmetric encryption

59. AES128 / 256 Counter mode (CTR)

60. SRTP for integrity checking HMAC-SHA1 (32bit used)Voice EncryptionStandards–Media Encryption 16

61. SRTP Media Encryption packet format Voice EncryptionStandards–Media Encryption 17

62. 18 PrivateGSM Security Overview PrivateGSM Voice Encryption Standards Signaling Encryption Media Encryption End-to-Site key exchange End-to-End key exchange Voice Encryption Standards Voice EncryptionStandards–End-to-EndEncryption

64. Exactly same security architecture of HTTPS

65. Based on Digital Certificates and PKI

66. Standardized by Internet Engineering Task Force (IETF)

67. Diffused among major business VoIP desk phones manufacturer

68. Snom, Cisco, Asterisk, Avaya, etc

69. De Facto Enterprise Secure Telephony StandardVoice EncryptionStandards–End-to-SiteEncryption

70. 20 SRTP/SDES end-to-site Example Architecture Voice EncryptionStandards–End-to-SiteEncryption

71. SRTP/SDES Security Standard End To Site Security MNO 1 Secure Telephony Infrastructure PBX IP Network Internet IP Phone (Snom) Communication protected by SRTP/SDES Voice EncryptionStandards–End-to-SiteEncryption

72. SRTP/SDES Security Standard Voice EncryptionStandards–End-to-SiteEncryption

74. Asymmetric algorithm: TLS with x509v3

75. Typical server key size: RSA 2048

76. Open Source Secure CodesVoice EncryptionStandards–End-to-SiteEncryption

77. Voice EncryptionStandards 24 PrivateGSM Security Overview PrivateGSM Voice Encryption Standards Signaling Encryption Media Encryption End-to-End key exchange End-to-Site key exchange Voice Encryption Standards

79. Invented by a group of famous international cryptographers leaded by Philip Zimmermann in 2006

80. Standardized by Internet Engineering Task Force (IETF)

81. Protocol with encryption algorithms recognized by most important international security bodies

82. Human authentication –No Automatic authentication process

83. Open source Release – http://www.zrtp.org ( ZORG Project )Voice EncryptionStandards–End-to-EndEncryption

85. ZRTP Security Standard TODO – SLIDE SCHEMA ZRTP Voice EncryptionStandards–End-to-EndEncryption 27

87. ECC Brain pool - Germany

88. Standards for efficient cryptography group (SECG) – International

89. ECC Interoperability Forum – International

90. National Institute of Standard (NIST) – USA

91. Runtime detection of weak ECC curves

92. Implemented in secure open source code

93. ZRTP use encryption algorithms certified for TOP SECRET within NSA and NATO environmentVoice EncryptionStandards–End-to-EndEncryption

95. Asymmetric algorithm: ECDH-384/521 (P-384/521)

96. Strength equivalence: RSA 7680 / 15360

97. Perfect Forward Secrecy (PFS): In the unfortunate “loss” event of your phone, no one will be able to access your keys even if used in the past

98. Open Source Secure CodesVoice EncryptionStandards–End-to-EndEncryption

99. Voice Encryption Technology Summary Voice EncryptionStandards

100. PrivateGSM - Voice EncryptionTechnicalOverview Fabio Pietrosanti– CTO http://www.privatewave.com Per info: Tel: +39 340 180 1049 E-mail:fabio.pietrosanti@privatewave.com