Phil Zimmermann defends his VoIP crypto

Phil Zimmermann defends his VoIP crypto

Summary: In response to my last blog "Does Phil Zimmermann need a clue on VoIP?", Phil Zimmermann writes this letter defending his recent VoIP demonstration.

SHARE:
TOPICS: Networking
17

In response to my last blog "Does Phil Zimmermann need a clue on VoIP?", Phil Zimmermann writes this letter defending his recent VoIP demonstration.

[Editor's note:  This paragraph was re-inserted 11 hours after initial post and should not have been cut out, my apologies to Phil Zimmermann.  Detailed explaination hereSkype's NAT/firewall traversal prowess has nothing to do with its use of a PKI. In fact, it has nothing to do with any aspect of cryptography or key management in any form. To attribute their NAT/ firewall traversal features with the use of a PKI is like attributing their codec voice quality or echo cancellation with a PKI. They did a great job with those features, but a PKI had nothing to do with it.

The reason why they (Skype) can make a PKI work so seamlessly is because they have a proprietary closed system, where they control everything-- the servers, the clients, the service provider (namely, Skype), the protocol, everything.  If I had that luxury, I could make a PKI work too.  Where PKI runs into trouble is when you try to make it work in a heterogeneous environment with different service providers with competing interests.  The trust model becomes unwieldy.  That's what killed PKI based email encryption schemes like PEM and MOSS.  And it has effectively paralyzed S/MIME too, because no one uses S/MIME to encrypt their email, despite S/MIME's massive deployment advantage owing to its inclusion in Microsoft products.  S/MIME requires a PKI to be up and running before you can use it, which means the "activation energy" is too high.  That's why essentially all the encrypted email in the world today is encrypted with PGP, or other OpenPGP products, which require little activation energy.

My secure VoIP protocol also requires almost no activation energy, so I expect it to do well.  The other VoIP client features that make Skype so adaptable to NAT/firewall environments can be implemented in any VoIP client, even one that uses my crypto protocol.  The VoIP client I used in my prototype was not even mine, it was an open source VoIP client I found on the Internet.  I just added my crypto protocol to it for prototyping.  For a real product, I plan to license a mature full-featured commercial VoIP client and add my crypto to that.  I'll make sure it has all the NAT/firewall traversal features it needs before I license it.

I'm surprised you built your case on Skype's non-PKI features, and then used that to suggest I haven't a clue.  I don't claim my core competency is building the best VoIP client, which is why I'll use someone else's VoIP client as a starting point. But I've been thinking about trust models, key management, and PKI since before there were any PKIs.  I've picked up at least one or two clues along the way.  Maybe more than the makers of PKI-based email encryption standards that have been so easily swept aside by PGP.

Regards,
Phil

Topic: Networking

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

17 comments
Log in or register to join the discussion
  • Skype's Achilles heel

    Any proprietary communications system that is totally controlled by
    a single entity like Skype will eventually be forced to include a
    backdoor for the Feds - if it isn't already built in.

    Like the National Security Agency has said on many occasions, if
    you can't see the code, you cannot trust the program.
    Otto_Delete
    • Closed source is used everyday

      Most people use closed source software everyday. I would venture to guess you use some yourself.

      As for back doors, you're speculating. I believe there is a federal law that prohibits any back doors from Government without it being known to the public. If the feds want to enforce one, we would know about it, and they would need a court order to use it if they ever got one approved. Right now, you?re just spreading FUD.
      george_ou
    • Open Source and FIPS are almost mutually exclusive

      FIPS 140 certification is one of the top crypto certifications and cost a significant amount of money to achieve. There is no incentive for a company to spend that kind of money unless they can lock in their competitive advantage, i.e. source code. I'm not aware of any Open Source products with FIPS certification. I think OpenSSL was looking to attempt it. Also, remember, using FIPS approved algorithms is in no way the same as a FPIS certified system.

      Are you saying that the NSA doesn?t trust any of the crypto products that they are mandated to use?

      Following your logic, no one should ever trust any SSL connection because the HSM that protects the Root CA is a closed source device?

      I'm not actually saying that a piece of software is or isn't good based on its FIPS status or code review etc., just that code review is by no means a useful ruler to measure a product by.
      markgamache
      • open source fips certification

        i sugggest you google the four words in teh subjet
        pegdashfab
        • Subject Googled... what was your point?

          Of 562 FIPS 140-1 and 140-2 certified modules, only 4 are open source.

          http://csrc.nist.gov/cryptval/140-1/140val-all.htm
          markgamache
          • my point

            i guess you forgot writing "I'm not aware of any Open Source
            products with FIPS certification. I think OpenSSL was looking to
            attempt it."

            now you know: openssl has fips certification.
            pegdashfab
  • Just as I said before

    I totally agree with Phil. Deploying a PKI infrastructure in a large corporation is essentially impossible. When Globus toolkit went with PKI instead of Kerberos, they essentially destroyed any chance of Grid being deployed in large corporations (deploying Kerberos is hard enough). The barrier to entry with PKI is just too high - either EVERYONE uses it, or forget it.
    Roger Ramjet
    • How would you know?

      "Deploying a PKI infrastructure in a large corporation is essentially impossible"

      How would you know Roger? I've done this for many large corporations.
      george_ou
      • Which corporations?

        Please tell us which corporations you have made PKIs for. How
        many is many? Two? Three? One?
        adu
        • I can't divulge client information

          I can't divulge client information, but I've done it for four corporations. I can assure you it's very simple.

          Skype is the biggest private certificate PKI implementation of all with millions of active users daily. They did it seamlessly and hid everything under the hood.
          george_ou
    • What??

      Wow... this is 3 year old thinking and its just plain fallacious.
      First of all, PKI, like any IT discipline, requires a solid understanding or proper design and implementation. There is a reason that there are people who specialize in nothing but high availability storage or directory services. Doing anything well on an enterprise scale requires solid design and well thought out operational principals. PKI is no different.
      Second, on the backend (CA), front-end (PKI enabled apps) and provisioning, vendors are getting better and better every day. A well planned PKI deployment can now be so seamless that users may not even realize they have the additional protections that PKI provides.
      Three years ago I might have agreed that enterprise PKI was full of challenges that were too costly, in time and money, to overcome, but now that is just an argument based on FUD.
      markgamache
  • Clarification in paragraph removal

    Some of you might be wondering why this paragraph wasn't included in the original post.

    "Skype's NAT/firewall traversal prowess has nothing to do with its use of a PKI. In fact, it has nothing to do with any aspect of cryptography or key management in any form. To attribute their NAT/ firewall traversal features with the use of a PKI is like attributing their codec voice quality or echo cancellation with a PKI. They did a great job with those features, but a PKI had nothing to do with it."

    I left this out because I never correlated Skype's NAT/Firewall traversal capability with its PKI capability. I was clear that these were TWO distinct benefits of Skype over Zimmermann's works-in-progress. I put PKI and NAT-traversal in two separate paragraphs and I thought that was very clear. I don't know how it can a correlation can be seen.

    I requested that this not be included in Mr. Zimmermann's response because I felt it would be pointless for me to defend something I never said. But Mr. Zimmermann is insisting that it be included so I have added it. I still feel that it only distracts from the debate and shouldn't be included, but I am abiding by Mr. Zimmermann's wishes.
    george_ou
  • Edit without permission?

    I am not sure, but I think I have these events correct.

    M. Ou writes an article that says that Phil Zimmermann has no
    clues. Then when M. Zimmermann writes a rebuttal, there is a
    paragraph that is removed. 11 hours later, that paragraph is
    restored.

    I have but one question and that is which paragraph was the one
    that was removed. If we know that, then we know what M. Ou,
    who insults heroes and edits the response is afraid of.

    I ask ZDNet to be honest with us and show us what was
    removed. I want to know what Phil Zimmermann said that was
    worthy of removing.
    adu
    • The first one

      The editor's note indicates that it was the first paragraph, and in his TalkBack post George explains why. Is that not clear enough?

      Stephen Howard-Sarin
      VP, Business Technology Portfolio
      CNET Networks
      Stephen Howard-Sarin
    • What part of "this" do you not understand

      It's obvious that the first paragraph was left out. "[Editor's note: This paragraph was re-inserted 11 hours after initial post and should not have been cut out, my apologies to Phil Zimmermann]"

      Additional clarification posted here in this forum. I did not post this clarification in the blog because I didn't want to crowd Mr. Zimmermann's response. I was being courteous.

      http://www.zdnet.com/5208-10533-0.html?forumID=1&threadID=12370&messageID=247816&start=-1

      Stop trying to turn this in to some scandal when there is none. I asked Mr. Zimmermann to leave out that paragraph and assumed it would be ok because he said I could "do with the text as I please". He didn't want that so I put it back in. I still feel it should have been excluded because it accused me of saying something I didn't and I felt that Mr. Zimmermann should have retracted it. Since he insisted on putting it back in, I put it in as a courtesy even though it accuses me of saying something I didn't. I think the whole thing is rather petty to insist on putting in a false statement and for you to try to turn this in to some kind of scandal.
      george_ou
    • I didn't say "Zimmermann has no clues"

      I posed the question "Does Phil Zimmermann need a clue on VoIP?" Note the question mark on the end. This is obviously a question and not an accusation. Whether or not Mr. Zimmermann or if Mr. Ou has a clue or not is for you the reader to decide.

      If you want to say you think George Ou doesn't have a clue, you're free to do so. But please don't put words in my mouth.
      george_ou
    • phil zimmerman is a hero

      like i am mother teresa, altho i am usualy goood for spare change
      so i'm not puting phil down.
      pegdashfab