1. GNU Telephony Telephony for a free world Communication Privacy For Free Societies David Sugar #0 Privacy is ultimately about liberty Surveillance is always about control http://www.gnutelephony.org/data/harvard2010.odp

2. GNU Telephony Mission Statement #1 SECURE CALLING PROJECT GOALS: To empower people, individually and collectively, to communicate and collaborate privately and securely in real- time worldwide To establish secure communications as the default communication infrastructure To enable secure anonymous communication worldwide and protect users who exercise their basic human freedom of privacy To provide secure communication services universally on all computing platforms http://www.gnutelephony.org/data/harvard2010.odp 3. GNU Telephony Why free software #2 Anyone can review what they receive; no hidden backdoors Anyone can modify the software for their specific needs or for specific platforms Anyone can redistribute the software and help make it widely available Everyone has universal and unrestricted access to the software worldwide Everyone can participate on an equal basis in it's development No-one can remove the software from availability once distributed http://www.gnutelephony.org/data/harvard2010.odp 4. GNU Telephony Challenges we face #3 Software Patents and Intellectual Monopolies Anti-privacy laws effecting communication services Service Blocking and Net Neutrality Private commercial data mining The need for Zero-Knowledge Systems to protect users, zero forward knowledge to protect past conversations, etc Peer review-able code and verifiable algorithms Verifiable end-user client software Trustworthy hardware and client operating systems http://www.gnutelephony.org/data/harvard2010.odp 5. GNU Telephony Why privacy matters #4 Everyone has secrets Some want to know your secrets to do you harm Freedom is responsibility, and when others become responsible for your privacy, you loose both The dilemma of false positives Securing your borders Casper is not the friendly ghost Universal encryption is asymmetric warfare against mass surveillance What protects freedom of speech in the Internet age is the munitions of encryption, as the first amendment merges with the 2nd http://www.gnutelephony.org/data/harvard2010.odp 6. GNU Telephony How we started #5 1949 George Orwell publishes 1984 1994 Calea Act introduced into law with promise never to be used for mass domestic surveillance 2001 (spring) Mass domestic communication intercept begins using Calea mandated backdoors 2004 CALEA proposed for VoIP, Internet Common Congress Held 2006 GNU ZRTP stack Introduced 2007 GNU Secure Calling Project started 2008 GNU SIP Witch Introduced as secure phone switch 2010 Secure Calling in Ubuntu 10.04 and Fedora F13 GNU/Linux http://www.gnutelephony.org/data/harvard2010.odp 7. GNU Telephony Classic Media Insecurity #6 User 1 User 2 Operator has knowledge of keys Netherlands United States Secure Audio Path Symmetric Encryption Realtime mitm uses intercepted keys, undetectable http://www.gnutelephony.org/data/harvard2010.odp 8. GNU Telephony SDES Media Insecurity #7 User 1 User 2 TCP Snooping SIP Exchange of Private Keys Netherlands United States UDP Realtime Audio Per Session Symetric Encryption Realtime mitm uses intercepted keys, undetectable http://www.gnutelephony.org/data/harvard2010.odp 9. GNU Telephony S-RTP & PKI Media Insecurity #8 User 1 User 2 Certificate Stolen or RIPA all Past & Present calls compromised United Kingdom Netherlands UDP Realtime Audio PKI Encryption Static Certificates Certificate Authority Poisoned/Weak Certificates or copied to third party outright. All Past & Present calls compromised Realtime mitm False identity or decrypting compromised certs http://www.gnutelephony.org/data/harvard2010.odp 10. GNU Telephony ZRTP and SAS #9 XX Sends Local Public Key XX Has Local Private Key for XX Gets Remote Public Key YY SAS Generated Hash XXYY SAS Matches, confirmed over voice YY Sends Local Public Key YY Has Local Private Key for YY Gets Remote Public Key XX SAS Generated Hash XXYY SAS Matches on voice Sending Public Key XX SendingPublicKeyYY XX Sends Local Public Key XX Has Local Private Key for XX Gets Remote Public Key ZZ SAS Generated Hash XXZZ SAS does not match when checked over voice! YY Sends Local Public Key YY Has Local Private Key for YY Gets Remote Public Key ZZ SAS Generated Hash ZZYY SAS does not match! MITM does not have private keys for XX or YY, so must create a new fake key ZZ Sending Key XX Sends Key ZZ SendKeyYYSendKeyZZ http://www.gnutelephony.org/data/harvard2010.odp 11. GNU Telephony ZRTP Media Security #10 User 1 User 2 Per session keys not static, no user keys for RIPA United Kingdom United States UDP Realtime Audio PKI Encryption & Key Exchange Certificate Authority Locally generated keys no authority to compromise Realtime mitm for key exchange vs SAS validation Locally user generated keys Keys generated per session User has zero knowledge of keys Users can validate each others keys Peer reviewable and verifiable http://www.gnutelephony.org/data/harvard2010.odp 12. GNU Telephony ZRTP & PBX enrollment #11 Ext 11 Remote United Kingdom United States Local IP-PBX uses pre-connect Remote IP-PBX uses pre-connect Ext 10 ?Appears secure Audio path decrypted in server Destination insecure! But also no SAS to confirm SAS relay valid if switch trusted Interconnect maybe insecure. SAS cannot relay cross-node ? Destination insecure! But no SAS to confirm Cannot call securely between nodes IP-PBX Server must be trusted http://www.gnutelephony.org/data/harvard2010.odp 13. GNU Telephony ZRTP & PBX Passthrough #12 Ext 11 Remote United Kingdom United States Local IP-PBX uses pre-connect Remote IP-PBX uses pre-connect Ext 10 ?Appears secure Audio path should remain encrypted in server, but what if config is falsified? Destination insecure! But also no SAS to confirm SAS relay valid if switch trusted Interconnect maybe insecure. SAS cannot relay cross-node ? Destination insecure! But no SAS to confirm ? Cannot call securely between nodes Enrollment is used, IP-PBX holds keys, can falsify encrypted path in switch http://www.gnutelephony.org/data/harvard2010.odp 14. GNU Telephony SIP Witch & Media Security #13 Ext 11 Remote Local SIP Witch Remote SIP Witch Ext 10 PSTN Gateway No uncertainty about end-to-end security in voip media path No audio to centrally decrypt PSTN gateway path may be secure but destination is not but clear boundaries between secure & insecure domains No audio to centrally decrypt, no media interconnect Secure with direct media path & zrtp Secure with direct media path & zrtp http://www.gnutelephony.org/data/harvard2010.odp 15. GNU Telephony NAT and Media Proxy #14 Remote Local SIP Witch Nat port fwd 5060 For SIP, rewrite fw rules for rtp media Ext 10 Local Network Behind NAT Remote Network Behind NAT Public Internet Remote SIP Witch Nat port fwd 5060 for SIP, rewrite fw rules for rtp media Rewrite of firewall rules to packet forward rtp media on the fly Integrated rewrite of SIP SDP based on public appearing addresses Clients have no need for NAT support; all done in one place in sipwitch! Low cpu overhead, minimal latency, and stateful; server dies but calls remain alive! http://www.gnutelephony.org/data/harvard2010.odp 16. GNU Telephony Traditional Roles #15 SIP Telephone Switch: * call forward and multi-nodal * multi-party ring & registration * multi-node and routing * class of service/profiles * reduced traffic on trusted nets * feature code dialing (todo) * hunting & acd (todo) * speed dialing (todo) SIP Embedded Gateway: * map subscriber to multi-party * arm, mips port proven * compilable for embedded * rtp media proxy * very low overhead * xmlrpc remote management Internet Hosted Service: * media peering possible * virtualizes well * can run as user w/o root Secure Call Domain adjunct: * cross-register with IP-PBX * fwd insecure to IP-PBX * clean domain division http://www.gnutelephony.org/data/harvard2010.odp 17. GNU Telephony SIP Witch on the Desktop #16 Use existing SIP softphone clients Use your system Login account as a SIP login Single sign-on for multiple remote accounts Single place to implement NAT correctly! Automatic self configuration! Simplified service provider provisioning Creative routing and redirection; a Gstreamer for VoIP! http://www.gnutelephony.org/data/harvard2010.odp 18. GNU Telephony Domain Calling #17 Ext 210 Local SIP Phone SIPWitch + RTP proxy User Agent Someone@somewhere Peer Service Providers me@mydomain Peer User Agent Ubuntu 10.04 GNU/Linux Fedora F13 GNU/Linux http://www.gnutelephony.org/data/harvard2010.odp 19. GNU Telephony The VoIP Desktop #18 Ext 200 Paired desktop sip phone Ofono/GW Devices (modem, cell) GNU SIP Witch NAT Media Proxy Automatic routing DBUS Messaging VoIP Indicator DBUS Applet OSD Notify events User Agent: Empathy SIP Comm. Twinkle etc Private Switch Service Providers Peer to Peer SIP Media Or Device http://www.gnutelephony.org/data/harvard2010.odp 20. GNU Telephony How you can help #19 How you can help Create domain calling networks bottom-up Test and use various deployment models Report bugs to sipwitch-devel@gnu.org Document using different GNU/Linux distros Help us document basic sipwitch use cases Test SIP clients and devices Contribute code to the community Communicate freely using free software http://www.gnutelephony.org/data/harvard2010.odp 21. GNU Telephony Contacting #20 GNU Telephony http://www.gnutelephony.org mailto:dyfet@gnutelephony.org mailto:sipwitch-devel@gnu.org Free World Dialup: 688841 sip:dyfet@sip.gnutelephony.org irc:#bayonne irc.freenode.net jabber:gnudyfet@gmail.com http://www.gnutelephony.org/data/harvard2010.odp 22. GNU Telephony Freedom to communicate #21 HAPPY Hacking http://www.gnutelephony.org/data/harvard2010.odp