PGPfone
Encyclopedia
PGPfone was a secure voice
telephony system developed by Philip Zimmermann in 1995. The PGPfone protocol had little in common with Zimmermann's popular PGP
email encryption package, except for the use of the name. It used ephemeral Diffie-Hellman protocol to establish a session key, which was then used to encrypt the stream of voice packets. The two parties compared a short authentication string to detect a Man-in-the-middle attack
, which is the most common method of wiretapping secure phones of this type. PGPfone could be used point-to-point (with two modem
s) over the public switched telephone network, or over the Internet
as an early Voice over IP
system.
The Internet was not yet ready for PGPfone in 1996. There were no protocol standards for Voice over IP. A decade later, Zimmermann released the successor to PGPfone, Zfone
and ZRTP
, a newer and secure VoIP protocol based on modern VoIP standards. Zfone builds on the ideas of PGPfone.
According to the MIT PGPfone web page "MIT is no longer distributing PGPfone. Given that the software has not been maintained since 1997, we doubt it would run on most modern systems."
Secure voice
Secure voice is a term in cryptography for the encryption of voice communication over a range of communication types such as radio, telephone or IP.-History:...
telephony system developed by Philip Zimmermann in 1995. The PGPfone protocol had little in common with Zimmermann's popular PGP
Pretty Good Privacy
Pretty Good Privacy is a data encryption and decryption computer program that provides cryptographic privacy and authentication for data communication. PGP is often used for signing, encrypting and decrypting texts, E-mails, files, directories and whole disk partitions to increase the security...
email encryption package, except for the use of the name. It used ephemeral Diffie-Hellman protocol to establish a session key, which was then used to encrypt the stream of voice packets. The two parties compared a short authentication string to detect a Man-in-the-middle attack
Man-in-the-middle attack
In cryptography, the man-in-the-middle attack , bucket-brigade attack, or sometimes Janus attack, is a form of active eavesdropping in which the attacker makes independent connections with the victims and relays messages between them, making them believe that they are talking directly to each other...
, which is the most common method of wiretapping secure phones of this type. PGPfone could be used point-to-point (with two modem
Modem
A modem is a device that modulates an analog carrier signal to encode digital information, and also demodulates such a carrier signal to decode the transmitted information. The goal is to produce a signal that can be transmitted easily and decoded to reproduce the original digital data...
s) over the public switched telephone network, or over the Internet
Internet
The Internet is a global system of interconnected computer networks that use the standard Internet protocol suite to serve billions of users worldwide...
as an early Voice over IP
Voice over IP
Voice over Internet Protocol is a family of technologies, methodologies, communication protocols, and transmission techniques for the delivery of voice communications and multimedia sessions over Internet Protocol networks, such as the Internet...
system.
The Internet was not yet ready for PGPfone in 1996. There were no protocol standards for Voice over IP. A decade later, Zimmermann released the successor to PGPfone, Zfone
Zfone
Zfone is software for secure voice communication over the Internet , using the ZRTP protocol. It is created by Phil Zimmermann, the creator of the PGP encryption software. Zfone works on top of existing SIP- and RTP-programs, but should work with any SIP- and RTP-compliant VoIP-program.Zfone turns...
and ZRTP
ZRTP
ZRTP is a cryptographic key-agreement protocol to negotiate the keys for encryption between two end points in a Voice over Internet Protocol phone telephony call based on the Real-time Transport Protocol. It uses Diffie-Hellman key exchange and the Secure Real-time Transport Protocol for...
, a newer and secure VoIP protocol based on modern VoIP standards. Zfone builds on the ideas of PGPfone.
According to the MIT PGPfone web page "MIT is no longer distributing PGPfone. Given that the software has not been maintained since 1997, we doubt it would run on most modern systems."
See also
- ZfoneZfoneZfone is software for secure voice communication over the Internet , using the ZRTP protocol. It is created by Phil Zimmermann, the creator of the PGP encryption software. Zfone works on top of existing SIP- and RTP-programs, but should work with any SIP- and RTP-compliant VoIP-program.Zfone turns...
- ZRTPZRTPZRTP is a cryptographic key-agreement protocol to negotiate the keys for encryption between two end points in a Voice over Internet Protocol phone telephony call based on the Real-time Transport Protocol. It uses Diffie-Hellman key exchange and the Secure Real-time Transport Protocol for...
- Nautilus (secure telephone)Nautilus (secure telephone)Nautilus is a program which allows two parties to securely communicate using modems or TCP/IP. It runs from a command line and is available for the Linux and Windows operating systems...
- PGP word listPGP word listThe PGP Word List is a list of words for conveying data bytes in a clear unambiguous way via a voice channel...
- Secure telephoneSecure telephoneA secure telephone is a telephone that provides voice security in the form of end-to-end encryption for the telephone call, and in some cases also the mutual authentication of the call parties, protecting them against a man-in-the-middle attack...