|
|
|
M5T ZRTP SAFE component is the next evolution in M5T multimedia security technology. It is the most seamless way to integrate security at the media level. Together with the M5T RTP SAFE and M5T SRTP SAFE stacks, it provides a tailored and comprehensive solution to the secure transport of media. With M5T ZRTP SAFE, there is no longer a need for other alternative protocols that negotiate the SRTP keys at the signalling level, like MIKEY (rfc3830) and SDES (rfc4568).
ZRTP is a key agreement protocol which performs SRTP keys exchange during call setup into the media path using the same network connection used to exchange RTP packets. ZRTP does not depend on the signalling protocol. ZRTP does not depend on the signalling protocol. The design of ZRTP took into account many issues that afflict the other key exchange methods.
KEY FEATURES
- Key agreement methods:
Diffie-Hellman (DH3K and DH4K);
- No PKI require :
ZRTP does not rely on public key infrastructure (PKI) which is known to be very hard to securely deploy;
- Seamless integration:
Fully integrated with M5T RTP SAFE and M5T SRTP SAFE;
- Best effort encryptions:
SRTP is not always mandatory. If the peer does not support ZRTP, a user may still decide that a call should still proceed with plain RTP;
- Perfect Forward Secrecy :
The use of ephemeral Diffie-Hellman allows perfect forward secrecy with the creation of new keys for each call. The keys are then destroyed once the call ends. A key will never be reused for another call. This feature prevents the retroactive compromise of the call by future disclosures of the key;
As with all M5T Components, M5T ZRTP SAFE is based on the M5T Framework, which makes it available on a wide range of operating systems. Please see the M5T Framework for supported operating systems.
|
|
|
