[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Linphone-users] Are Linphone chat communications encrypted?
|
From: |
Greg Troxel |
|
Subject: |
Re: [Linphone-users] Are Linphone chat communications encrypted? |
|
Date: |
Tue, 04 May 2021 09:50:55 -0400 |
|
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/26.3 (berkeley-unix) |
Sylvain Berfini <sylvain.berfini@belledonne-communications.com> writes:
> Indeed you can use Linphone for E2E encrypted chat if both
> participants are using Linphone and if you are using our
> sip.linphone.org proxy server.
>
> In the app, simply toggle the green shield on to enable E2E encrypted chat.
>
> Check our website for more infos: https://linphone.org/secure-communications
I am not following this explanation and data flow.
If you mean that clicking on shield turns on ZRTP, that makes sense. As
I understand it, that not only applies to the media stream but the key
negotiation is inband within RTP so the intermediate SIP entities do not
have to have any support for ZRTP, just the two endpoints.
As I understand it, chat is carried in the signaling channel, and thus
two people each of whom is using Linphone as client and sip.linphone.ort
as proxy server will each have a TLS connection to the proxy, but the
chat will exist in cleartext within the proxy. This is analogous to
XMPP where each person connects over TLS (to the same server).
(I'm ignoring VPN approaches, because while they have a lot of merit,
"Run app X over host-based VPN and now X is e2e encrypted" isn't about
app X,. Also, it isn't really on point for people that don't want to or
can't pivot their entire world -- and the worlds of everyone they talk
to -- to always-p2-VPN. In the real world, I find getting others to
install Signal instead of using SMS to be difficult.)
For SIP chat, the only methods I am aware of for e2e encryption are OTR
an OMEMO, both of which perform key negotiation within the chat channel
and send ciphertext using that channel.
So Sylvain: can you clarify: Do you really mean chat being end-to-end
encrypted, with no plaintext appearing at any intermediate node, for
chat? If so, do you mean that the chat is somehow encrypted with ZRTP,
or uses some other protocol?
https://linphone.org/secure-communications
It would be nice to update this page to have a nerd-facing accurate
discussion of the crypto situation, specifically addressing ZRTP and the
scope of what it covers. Perhaps the only point of confusion in my mind
is about how chat is handled.
Greg
signature.asc
Description: PGP signature
- [Linphone-users] Are Linphone chat communications encrypted?, Gabby, 2021/05/03
- Re: [Linphone-users] Are Linphone chat communications encrypted?, Trent Creekmore, 2021/05/03
- Re: [Linphone-users] Are Linphone chat communications encrypted?, Maciej Morycinski, 2021/05/03
- Re: [Linphone-users] Are Linphone chat communications encrypted?, Greg Troxel, 2021/05/03
- Re: [Linphone-users] Are Linphone chat communications encrypted?, Stuart D Gathman, 2021/05/03
- Re: [Linphone-users] Are Linphone chat communications encrypted?, Eric Shields | #MassTransitHonchkrow, 2021/05/03
- Re: [Linphone-users] Are Linphone chat communications encrypted?, Stuart D Gathman, 2021/05/03
- Re: [Linphone-users] Are Linphone chat communications encrypted?, Sylvain Berfini, 2021/05/04
- Re: [Linphone-users] Are Linphone chat communications encrypted?,
Greg Troxel <=
- Re: [Linphone-users] Are Linphone chat communications encrypted?, Sylvain Berfini, 2021/05/05
- Re: [Linphone-users] Are Linphone chat communications encrypted?, Greg Troxel, 2021/05/05