[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Linphone-developers] zrtp + lime default on
|
From: |
Andrey Gursky |
|
Subject: |
Re: [Linphone-developers] zrtp + lime default on |
|
Date: |
Mon, 12 Jun 2017 20:42:25 +0200 |
On Mon, 12 Jun 2017 14:21:43 -0300 william anderson wrote:
> Hi andrey,
>
> Explanation for the NON-crypto experts is listed on:
> https://tools.ietf.org/html/rfc6188
> "While AES-128 is widely regarded as more than adequately secure, some
> users may be motivated to adopt AES-192 or AES-256 due to a perceived need
> to pursue a highly conservative security strategy."
Thanks for the reference. So AES-128 is still not weak even now,
6 years later after the RFC has been posted.
BTW, if you insist on using AES-256 instead of AES-128, then maybe also
switching to HMAC-SHA256 instead of HMAC-SHA1, that is used in the RFC?
> Linphone has the possibility to use AES256 as default , but somehow (maybe
> ON PURPOSE) , they launch opensource version with the WEAK option.....
>
> Linphone has hidden and non public configurations, that only by request
> they told you. Thats not good :)
I saw these options in the GUI:
media_encryption=ZRTP
lime=mandatory
or you mean any others?
Andrey
> On Mon, Jun 12, 2017 at 1:57 PM, Andrey Gursky <address@hidden>
> wrote:
>
> > Hi Willy,
> >
> > On Mon, 12 Jun 2017 09:41:56 -0300 william anderson wrote:
> >
> > > Hi,
> > >
> > > Keep in mind that Linphone uses a WEAK implementation of zrtp by default.
> > > It uses AES-128 , instead of standard AES-256
> > > I think they do it on purpose to reduce the security. (AES128 are less
> > > rounds and easy to decrypt nowadays)
> >
> > Who has declared AES-128 as weak? The differences between AES-128 and
> > 256 are not so obvious as the name suggests.
> >
> > > Hope Linphone coders also improve the chat file transfer, only photos
> > now,
> > > but the code could be expand to any file if they want.
> > >
> > > It is strange why most features are hidden or top secret for an
> > opensource
> > > code..... strange :)
> >
> > Regards,
> > Andrey
> >
> >
> > > On Mon, Jun 12, 2017 at 6:13 AM, Benjamin Reis <
> > > address@hidden> wrote:
> > >
> > > > Okay then try to add media_encryption=ZRTP and lime=mandatory in your
> > > > linphonerc_factory
> > > >
> > > > REIS Benjamin
> > > > address@hidden
> > > > Software engineer at Belledonne Communications
> > > > http://belledonne-communications.com
> > > >
> > > > Le 12 juin 2017 à 11:03, A.Žukovič <address@hidden> a écrit :
> > > >
> > > > Hi Benjamin,
> > > >
> > > > I’m changed this before mailing, but not effects and i'dont know why.
> > > >
> > > > I’m find in internet, that maybe help me line in the linphonerc. I’m
> > try,
> > > > and ask if this working, or no.<Snímek obrazovky 2017-06-12 v
> > > > 11.01.17.png><Snímek obrazovky 2017-06-12 v 10.57.38.png><Snímek
> > > > obrazovky 2017-06-12 v 10.57.20.png>
> > > > ,
> > > >
> > > > 12. 6. 2017 v 10:53, Benjamin Reis <address@hidden
> > > > communications.com>:
> > > >
> > > > Hi Alex,
> > > >
> > > > You can change the default value from None to ZRTP in the Network.plist
> > > > file for the encryption preferences and from 0 to 1 in Chat.plist for
> > the
> > > > LIME preferences.
> > > >
> > > > REIS Benjamin
> > > > address@hidden
> > > > Software engineer at Belledonne Communications
> > > > http://belledonne-communications.com
> > > >
> > > > Le 12 juin 2017 à 10:21, A.Žukovič <address@hidden> a écrit :
> > > >
> > > > Hello all,
> > > >
> > > > can everybody say, how to in linphone (git version for iOS and android
> > > > too) for default on zrtp and lime. When app first launch or client run
> > > > assistant, after registration will on zrtp and lime for default ?
> > > >
> > > > please help…
> > > >
> > > > Best regards Alex.
> > > > _______________________________________________
> > > > Linphone-developers mailing list
> > > > address@hidden
> > > > https://lists.nongnu.org/mailman/listinfo/linphone-developers
> > > >
> > > >
> > > > _______________________________________________
> > > > Linphone-developers mailing list
> > > > address@hidden
> > > > https://lists.nongnu.org/mailman/listinfo/linphone-developers
> > > >
> > > >
> > > > _______________________________________________
> > > > Linphone-developers mailing list
> > > > address@hidden
> > > > https://lists.nongnu.org/mailman/listinfo/linphone-developers
> > > >
> > > >
> > > >
> > > > _______________________________________________
> > > > Linphone-developers mailing list
> > > > address@hidden
> > > > https://lists.nongnu.org/mailman/listinfo/linphone-developers
> > > >
> >
--
Regards,
Andrey
- [Linphone-developers] [linphone-mobile] Remote Provisioning for linphonerc.xml not working properly (both ios and android), Sviluppo - SouthEngineering, 2017/06/10
- [Linphone-developers] zrtp + lime default on, A.Žukovič, 2017/06/12
- Re: [Linphone-developers] zrtp + lime default on, Benjamin Reis, 2017/06/12
- Re: [Linphone-developers] zrtp + lime default on, A.Žukovič, 2017/06/12
- Re: [Linphone-developers] zrtp + lime default on, Benjamin Reis, 2017/06/12
- Re: [Linphone-developers] zrtp + lime default on, william anderson, 2017/06/12
- Re: [Linphone-developers] zrtp + lime default on, scrap, 2017/06/12
- Re: [Linphone-developers] zrtp + lime default on, Andrey Gursky, 2017/06/12
- Re: [Linphone-developers] zrtp + lime default on, william anderson, 2017/06/12
- Re: [Linphone-developers] zrtp + lime default on,
Andrey Gursky <=
Re: [Linphone-developers] [linphone-mobile] Remote Provisioning for linphonerc.xml not working properly (both ios and android), Sviluppo - SouthEngineering, 2017/06/12