Re: [Ekiga-list] Ekliga Encryption.



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 12/27/2010 8:56 AM, Sergei Steshenko wrote:

> I suggest to read http://en.wikipedia.org/wiki/ZRTP and pay special
> attention to:

> "
> To ensure that the attacker is indeed not present in the first session (when no shared secrets exist), the Short Authentication String method is used: the communicating parties verbally cross-check a shared value displayed at both endpoints. If the values don't match, a man-in-the-middle attack is indicated. (In late 2006, NSA developed an experimental voice analysis and synthesis system to defeat this protection.[2])

Sergei,

Thanks for pointing this out! I had not seen this as I'd not checked out
the Wikipedia entry for the protocol.

Anthony

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (MingW32)

iQIcBAEBAgAGBQJNGQKUAAoJEIeUq9QAeLbkQOkP/j2Od3McLIiFw087voAABI9O
jrLN/uirD9pciS5UCwPxuS+xw/jMLXDmh3qb1GhmtMmDA6W+e8U0Umi7jHwmXrLj
4jNu8vacB1dWTCMA6920X9YID5ATShqO6STiFtElNBa5k9+5muRimXod+XS2Y/a5
pCMcfjzo+2bP4OHChbO/DGR+wcPpnneodG/GpL4gf6FrJ3y3f7xNootEsY7Ypp2w
rRI7qWThGQz0HSAOJ64tm4lcjL6Osm4tsMCsNEHvNrBxGdbE3CP0A+Vyej7FK2sY
KofZHOzNjne3/J7fk5bmpj5B7f8MfVMyMrAUWINeucspO2RPN7GTx8AkqKlXPgFe
anW624Z/3/YpYEjC95Jt6IqopkJNttd2mOS55eIe/XC2miZ5s4R041KrW6KJTHqY
0z9L19sBoTPUZsWOdO2ytVcEJMiUuLMGTDui3+BwU8wrrkpUpUFB0PrHn+hNmykI
5qKDWHqIwwSRT52UtSWTl//yrbb/7mlM/Yrfeljb0ADBeWTg5tC8R2K8bw3CAEs+
27VxEQshb4XZU81uIrgmvM8T8h1/qJL+WYO9mAxvE3SXDx56wQ0wRmyPxLUAMyQE
iQLpYBMUQX64gSWgbF2z9YkMQtxL5Az+BAWLvM2BR2WT/Wvg5q18EMuj84xaAvgG
KprCgB/rteivIIdVnJg4
=+OLF
-----END PGP SIGNATURE-----


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]