We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,258 News Articles

Zfone encrypts VoIP for Windows users

But doesn't work with Skype

Zfone, a free piece of software that encrypts VoIP (voice over IP) calls in a way that may circumvent government eavesdropping laws in some countries, is now available to Windows users, its developer said on yesterday.

The software works in a P2P (peer-to-peer) manner, exchanging encryption keys directly between the two people making a voice call. Other approaches, such as the commonly used PKI (public key infrastructure), typically rely on a centralised database, usually hosted by a third party, to manage keys.

The distinction is important in some places, where the debate about the right of governments to eavesdrop on their citizens' phone calls is growing increasingly heated.

Zfone presents a challenge in the US, for example, where the government has ruled that VoIP providers will soon have to turn over call detail records, just like regular phone companies. But the law in the US applies to service providers, not end-users. That means that callers can use Zfone to encrypt calls and the government currently can't demand that the users share the encryption keys in order to understand the contents of the call.

Zfone could be less effective for privacy advocates this side of the Atlantic, however. Last week, the government signalled that it is working toward enacting regulations that would require companies and individual people to hand over encryption keys or face jail time. With the encryption key in hand, authorities could listen to conversations made over VoIP calls.

The software uses extensions to RTP (real-time transport protocol) for the key exchange. Zfone's developers have submitted the extensions, under the name ZRTP, to the IETF (Internet Engineering Task Force) for consideration as a standard.

Both participants of a VoIP call must be running Zfone for its encryption to work. For now, Zfone can only be used with software VoIP clients, like those used on computers, but developers can license it to integrate it into their hardware. Customers of service providers such as Vonage Holdings, for example, who use adapters that allow the use of existing analogue telephones, won't be able to use Zfone because the software isn't yet built into the adapter hardware.

Zfone also can't be used with Skype because Skype uses a proprietary protocol.

Customers can download the software here. Versions for Mac OS X and Linux are already available.

Philip Zimmermann, the creator of the email encryption tool PGP (Pretty Good Privacy), developed Zfone. The US government launched and later dropped a criminal investigation into Zimmermann as a result of PGP.


IDG UK Sites

Best Black Friday 2014 tech deals: Get bargains on smartphones, tablets, laptops and more

IDG UK Sites

What the Internet of Things will look like in 2015: homes will get smarter, people might get fitter

IDG UK Sites

See how Trunk's animated ad helped Ade Edmondson plug The Car Buying Service

IDG UK Sites

Yosemite tips: Complete Guide to OS X Yosemite