What is ZRTP?
ZRTP is a mechanism based on SRTP (Secure Real-time Transport Protocol) that facilitates shared secret agreement and key exchange between two endpoints. ZRTP employs "forward secrecy," which means that the RTP stream does not have to worry about security concerns but leaves them to ZRTP. When an RTP connection is established between two or more endpoints, ZRTP automatically detects if the other endpoint supports ZRTP and securely fortifies the channel to the program handling the RTP stream. Unlike SRTP, ZRTP exchanges encryption keys within the media stream, making the encryption process more secure and transparent to servers that do not support the protocol. This makes ZRTP more flexible than SRTP and provides end-to-end control for handling encryption requirements at all levels, without the risk of man-in-the-middle attacks.
What is SRTP?
The Secure Real-Time Transport Protocol. SRTP is a security profile for RTP that adds confidentiality, message authentication, and replay protection to that protocol.
SRTP Key negotiation process
DINSTAR UC Series IP PBX all support ZRTP.
ZRTP Key Exchange Process
The ZRTP protocol consists of two processes: the parameter negotiation process and the session key exchange process, which are executed sequentially. Through parameter negotiation, the communicating parties determine the algorithms to be used for the session key exchange process and the SRTP protocol. The start of the session key exchange process is marked by a Commit-type message, in which the communicating parties negotiate the keys based on the session key exchange method specified in the Commit-type message.
IP PBX Configuration for ZRTP
How to enable the ZRTP, please go to Profile → SIP → Edit.
