NYSE: IDT
Products

Discover how our products can revolutionize the way you communicate and collaborate.

Voice

Explore our advanced voice solutions designed to optimize your communication workflows.

Diverse range of DID number solutions designed to enhance your communication capabilities.

Experience unparalleled communication efficiency with our advanced SIP Trunking Solutions.

Cutting-edge technology to proactively detect and neutralize spam flags on your DID Numbers.

Messaging

Wherever your audience is, our platform ensures seamless messaging across diverse channels.

Build customer journeys by fostering interactive conversations, all within the framework of your app. 

Connect with your audience in a simple and effective way through our cutting-edge SMS platform. 

BYOC

Harness the power of IDT as your chosen carrier while leveraging your platform’s advanced features and services.

Integrate Twilio with our robust carrier routing platform to achieve unparalleled Voice termination system.

Experience reliable and high-quality communication services while leveraging the advanced capabilities of Genesys. 

Integrate IDT with the collaborative strength of MS Teams, unlocking efficient and feature-rich communication. 

Experience the power of our carrier network seamlessly connected to Plivo through our cutting-edge BYOC solution. 

Tools

Experience the power of our online voice tools, designed to simplify communication management. 

Ensure the authenticity and integrity of outbound calls with our STIR/SHAKEN Verification Check tool. 

User-friendly tool to verify the reputation of your business number, ensuring that it remains trusted. 

Compare and gain insights into outbound call expenses, optimize budget, and make informed decisions. 

Easily estimate and compare the costs associated with different DID numbers providers. 

Compare inbound VoIP rates among top CPaaS providers and optimize your inbound call costs. 

Generate custom SMS templates. 

Learn

Empower yourself with the resources you need to thrive in the dynamic landscape of communication.

Articles covering a wide range of topics.

Get answers to common queries.

Find instructions to make the most of our products.

Discover telecom insights and trends.

Find definitions of popular telecom terms.

Explore how our solutions have helped businesses.

Latest telecom trends, innovations, and market insights.

Company

A global telecom partner built to meet your needs. 

Discover the story behind our commitment to delivering innovative solutions to connect people and businesses worldwide. 

Learn about our robust network infrastructure that spans across the globe, ensuring reliable and secure connectivity. 

Got a question, feedback, or need assistance? Our dedicated team is here to help!

Find partners or sign up for partnership programs.

NYSE: IDT
Learn / Blog

ZRTP Protect VoIP End-Points from Attacks

|
|  3 min
ZRTP
In this article

There are a number of routes by which cybercriminals and hackers can disrupt VoIP communications. One of the most insidious is the man-in-the-middle attack. This is where a hacker secretly intercepts, relays and perhaps even alters the communication between two parties that think they are communicating directly with one another. 

Encryption is the key

The best way to guard against this kind of attack and keep your communications secure is to use some form of encryption. ZRTP is a key exchange protocol that allows VoIP systems to negotiate secure keys between them. Unlike other protocols that use the signalling stream to do this – thus leaving the negotiation potentially visible to eavesdroppers – ZRTPuses the media stream, making interception much harder. 

ZRTP uses an algorithm called Diffie-Hellman which avoids the need for certificate management and its associated overheads. The keys agreed are temporary, used to encrypt the media stream and then get discarded at the end of each call, thereby adding security and doing away with the need for key management. 

Man-in-the-middle protection

There are also specific features aimed at guarding against man-in-the-middle attacks. MitM relies on attackers being able to intercept the communication between two parties and relay messages between them, so each believes they have a secure connection to the other. 

ZRTP guards against this by the use of short authentication strings (SAS) and key continuity. So how does this work? SAS exchanges a cryptographic hash of the Diffie-Hellman values as a word pair on the display of the user device – the words are selected from a PGP list. Users compare the strings by reading them out to each other. Because SAS has the potential to generate more than 65,000 different values, it’s almost impossible for MitM attackers to succeed because they would need to guess the correct key value in order to intercept the call. 

As if this wasn’t secure enough, key commitment adds extra reassurance by using some of the key in ensuing key agreements between the same callers. This makes it even harder for MitM attackers because an attack would require knowledge of the first call between the parties using voice termination providers such as IDT. 

Obviously, this requires a little work by the user, but simply by reading a word pair, they have the peace of mind that they are using a secure line and that their communication is encrypted. 

Implementation

Implementing ZRTP can be managed at various levels of the communication structure. It’s possible to implement it on some PBX systems, for example. It’s also available for many different makes of IP phone. There are also both open source and commercial implementations available for installation onto a communications gateway so that ZRTP calls can be made using SIP-based PBX and any ZRTP capable phone. 

ZRTP can be used on mobile networks too; implementations are available for Android, Blackberry, iOS and other mobile phone operating systems. Whatever your phone system, therefore, ZRTP can be used to protect your calls. 

Share this article

Leave a Reply

Your email address will not be published. Required fields are marked *

Tags

Meet our wholesale voice routing

Fulfill all your voice calling needs with our category leading wholesale A-Z Voice Termination.
Try IDT Express for a $25 Credit

Get $25 Free Trial Credit

Get IDT Express articles in your inbox

The best source of information in the telecom industry. Join us.

    Most Popular

    toll-free-forwarding-illustration
    |
    |  7 min
    Introduction to Toll-Free Forwarding In today’s fast-paced business landscape where...
    caller-id-thumbnail
    |
    |  7 min
    Introduction to Caller ID Reputation Caller ID reputation is a...
    sms-data-privacy-under-gdpr
    |
    |  6 min
    The European Union’s General Data Protection Regulation (GDPR) has permanently...