Title :
A formal security proof for the ZRTP Protocol
Author :
Bresciani, R. ; Butterfield, A.
Author_Institution :
FMG, Trinity Coll. Dublin, Dublin, Ireland
Abstract :
When some agents want to communicate through a media stream (for example voice or video), the real time protocol (RTP) is used. This protocol does not provide encryption, so it is necessary to use secure RTP (SRTP) to secure the communication. In order for this to work, the agents need to agree on key material and ZRTP provides them with a procedure to perform this task: it is a key agreement protocol, which relies on a Diffie-Hellman exchange to generate SRTP session parameters, providing confidentiality and protecting against Man-in-the-Middle attacks even without a public key infrastructure or endpoint certificates. This is an analysis of the protocol performed with ProVerif, which tests security properties of ZRTP; in order to perform the analysis, the protocol has been modeled in the applied ??-calculus.
Keywords :
protocols; security of data; ??-calculus; Diffie-Hellman exchange; Man-in-the-Middle attacks; ProVerif; ZRTP protocol; endpoint certificates; formal security proof; key agreement protocol; public key infrastructure; real time protocol; Computational modeling; Cryptography; Educational institutions; Performance analysis; Performance evaluation; Protection; Protocols; Security; Streaming media; Testing;
Conference_Titel :
Internet Technology and Secured Transactions, 2009. ICITST 2009. International Conference for
Conference_Location :
London
Print_ISBN :
978-1-4244-5647-5
DOI :
10.1109/ICITST.2009.5402595
