Close

Does this project spark your interest?

Become a member to follow this project and don't miss any updates

ZRTP Hardphone

A ZRTP Hardphone for secure voice communications

1.8k 5 26 15

This project was created on 06/07/2014 and last updated 2 months ago.

Description
ZRTP is a cryptographic key-agreement protocol to negotiate the keys for encryption between two end points in a VoIP phone telephony call. It was developed by Phil Zimmermann, with help from Bryce Wilcox-O'Hearn, Colin Plumb, Jon Callas and Alan Johnston and was submitted to the Internet Engineering Task Force (IETF) by Phil Zimmermann, Jon Callas and Alan Johnston on March 5, 2006 and published on April 11, 2011 as RFC 6189

And today, 3 years later, there are no wired phone with ZRTP support as far as I know.

I want to build a open source wired phone with high quality sound (no radio -> no interference -> no packet loss)

== More info about ZRTP ==
https://es.wikipedia.org/wiki/ZRTP
http://tools.ietf.org/html/rfc6189 (ZRTP: Media Path Key Agreement for Unicast Secure RTP)
Details

Would love to start with open hardware, but what I got on hand is a Raspberry Pi and 2 cheap usb soundcards. It should be easily replicated using only open hardware. See all architectures supported by Debian.

It will have at least the same basic UI features as the USA Western Electric Model 2500 telephone but with some extras needed for ZRTP: more keys and a screen to show the SAS code.

Components
  • 1 × Raspberry Pi Model A or B
  • 2 × USB soundcard cheap one from ebay
  • 1 × Amplifier cheap one from ebay
  • 1 × Speaker Broken, bad sound. Perfect for the RING
  • 1 × i2c LCD driver
  • 1 × Hitachi HD44780 LCD
  • 1 × Green LED
  • 1 × Yellow LED
  • 1 × Red LED
  • 1 × PCF8574 (i2c I/O expander) Microprocessors, Microcontrollers, DSPs / Microprocessors (MPUs)

See all components

Project logs
  • Noise

    5 months ago • 3 comments

    Made a new box, put everything inside and wired it. 

    So cool, I thought.

    Then, plugged it to the power and find out that you can listen the radio on the ring speaker. And some other noises too.

    After reading the Ganssle article about analog noise made a few tests to isolate the source. I thought that the problem comes from the mains power supply and the nearby powerful AM stations. Can hear the radio even with the input cable disconnected.

    Also there is no protective earthing on my house (or neighborhood).

    Installed the amp inside a metal box and moved the power supply further, but the noise is still there.

  • Plaintext auth is a bad idea

    5 months ago • 0 comments

    Just discovered that twinkle does not support TLS for the SIP auth.

    Fortunately, there is another project called SFLphone with TLS and ZRTP support :)

    So the plan now is to use the SFLphone core. I'll have to write the software to interact between the UI and the core.

  • A provisional case

    5 months ago • 0 comments

    A cardboard box

    is free and easy to work with.

    The box is turned the inside out, so it is possible to write things on it.

    All the human interfaces are in place now. That was easy and fun to mess with. 

    Hook made with cork stopper and aluminum foil. All glued with cyanoacrylate.

View all 5 project logs

Build instructions
  • 1

    ### [ WRITE IMAGE TO SD ]

    wget "http://93.174.101.10/bt/09bc05ab03780f279390e9cf6a15c7c249f712e1/data/2014-01-07-wheezy-raspbian.zip"
    7z x 2014-01-07-wheezy-raspbian.zip
    SD_CARD=/dev/sdX # Change it to your SD card device name

    md5sum 2014-01-07-wheezy-raspbian.img ; "It should be 6d8e5a48ff7c6bdc0bc0983bc32f75b8"

    dd bs=1M if=2014-01-07-wheezy-raspbian.img of=$SD_CARD

  • 2

    ### [ OVERCLOCKING AND MEMORY CONFIG ]

    # Grow the partition
    # Set locales
    # Set hostname
    # Set Overclock to Turbo
    # Set Advanced Options > Memory Split to 16

    Reboot? yes

  • 3

    ### [ INITIAL SYSTEM CONFIG ]
    # Access the pi using keyboard+screen or ssh (root password is raspberry)

    passwd
    passwd pi

    # Regenerate OpenSSH Host Keys:
    # Connect some mouse and move it (I hope that it does something)
    rm /etc/ssh/ssh_host_# ; dpkg-reconfigure openssh-server

See all instructions

Discussions

Thebes wrote 4 months ago null point

This phone is only as secure as the internet connected Raspberry Pi.
Pwn the Pi and it does not matter what the encryption is.
There is probably some as-yet-unknown way to Pwn the Pi... actually I'd be surprised if there weren't quite a few unknown vulnerabilities. Will the NSA find them before we do?

Are you sure? [yes] / [no]

Yago wrote 4 months ago null point

Indeed.

At least it does not have any other services listening, no flash player or any other piece of closed source shit.

I know, it has a closed GPU code and who knows what the BCM2835 SoC really do. But this board is the one I have at hand and it should be easy to replicate on other platforms.

Are you sure? [yes] / [no]

Adam Fabio wrote 5 months ago null point

Nice project - You never know who is listening these days! An encrypted hardwired phone is a good way to ensure your privacy. Careful with those cheap USB sound cards - While the output sounds pretty good, I've found that the input often is horrible. Thanks for entering your project in The Hackaday Prize, and keep the documentation rolling in!

Are you sure? [yes] / [no]

Yago wrote 5 months ago null point

Thank you Adam,
I'll try those USB soundcards and report how bad/good the perceived quality is.

Are you sure? [yes] / [no]

Yago wrote 5 months ago null point

Recorded some tests with audacity using a USB soundcard and a external mic and the recording sound seems to be OK :)

Are you sure? [yes] / [no]

Similar projects

52 1 1
49-key mini keypad
Project Owner Contributor

Keypad

by alan_r_cam