Close
0%
0%

ZRTP Hardphone

A ZRTP Hardphone for secure voice communications

Similar projects worth following
ZRTP is a cryptographic key-agreement protocol to negotiate the keys for encryption between two end points in a VoIP phone telephony call. It was developed by Phil Zimmermann, with help from Bryce Wilcox-O'Hearn, Colin Plumb, Jon Callas and Alan Johnston and was submitted to the Internet Engineering Task Force (IETF) by Phil Zimmermann, Jon Callas and Alan Johnston on March 5, 2006 and published on April 11, 2011 as RFC 6189

And today, 3 years later, there are no wired phone with ZRTP support as far as I know.

I want to build a open source wired phone with high quality sound (no radio -> no interference -> no packet loss)

== More info about ZRTP ==
https://es.wikipedia.org/wiki/ZRTP
http://tools.ietf.org/html/rfc6189 (ZRTP: Media Path Key Agreement for Unicast Secure RTP)

Would love to start with open hardware, but what I got on hand is a Raspberry Pi and 2 cheap usb soundcards. It should be easily replicated using only open hardware. See all architectures supported by Debian.

It will have at least the same basic UI features as the USA Western Electric Model 2500 telephone but with some extras needed for ZRTP: more keys and a screen to show the SAS code.

  • 1 × Raspberry Pi Model A or B
  • 2 × USB soundcard cheap one from ebay
  • 1 × Amplifier cheap one from ebay
  • 1 × Speaker Broken, bad sound. Perfect for the RING
  • 1 × i2c LCD driver

View all 14 components

  • Noise

    Yago06/17/2014 at 08:58 4 comments

    Made a new box, put everything inside and wired it. 

    So cool, I thought.

    Then, plugged it to the power and find out that you can listen the radio on the ring speaker. And some other noises too.

    After reading the Ganssle article about analog noise made a few tests to isolate the source. I thought that the problem comes from the mains power supply and the nearby powerful AM stations. Can hear the radio even with the input cable disconnected.

    Also there is no protective earthing on my house (or neighborhood).

    Installed the amp inside a metal box and moved the power supply further, but the noise is still there.

  • Plaintext auth is a bad idea

    Yago06/12/2014 at 10:33 0 comments

    Just discovered that twinkle does not support TLS for the SIP auth.

    Fortunately, there is another project called SFLphone with TLS and ZRTP support :)

    So the plan now is to use the SFLphone core. I'll have to write the software to interact between the UI and the core.

  • A provisional case

    Yago06/08/2014 at 10:25 0 comments

    A cardboard box

    is free and easy to work with.

    The box is turned the inside out, so it is possible to write things on it.

    All the human interfaces are in place now. That was easy and fun to mess with. 

    Hook made with cork stopper and aluminum foil. All glued with cyanoacrylate.

  • An old phone

    Yago06/07/2014 at 16:38 0 comments

    Got this old phone for 3 €. Thinking about reusing the handset, keyboard and case.

  • ZRTP testing

    Yago06/07/2014 at 16:01 0 comments

    First thing is make a call with ZRTP to check if the raspberry pi is powerful enough.

    After installing and configuring Debian and twinkle, I am very pleased to announce that it works flawlessly!

    Next step: human interfaces.

View all 5 project logs

  • 1
    Step 1

    ### [ WRITE IMAGE TO SD ]

    wget "http://93.174.101.10/bt/09bc05ab03780f279390e9cf6a15c7c249f712e1/data/2014-01-07-wheezy-raspbian.zip"
    7z x 2014-01-07-wheezy-raspbian.zip
    SD_CARD=/dev/sdX # Change it to your SD card device name

    md5sum 2014-01-07-wheezy-raspbian.img ; "It should be 6d8e5a48ff7c6bdc0bc0983bc32f75b8"

    dd bs=1M if=2014-01-07-wheezy-raspbian.img of=$SD_CARD

  • 2
    Step 2

    ### [ OVERCLOCKING AND MEMORY CONFIG ]

    # Grow the partition
    # Set locales
    # Set hostname
    # Set Overclock to Turbo
    # Set Advanced Options > Memory Split to 16

    Reboot? yes

  • 3
    Step 3

    ### [ INITIAL SYSTEM CONFIG ]
    # Access the pi using keyboard+screen or ssh (root password is raspberry)

    passwd
    passwd pi

    # Regenerate OpenSSH Host Keys:
    # Connect some mouse and move it (I hope that it does something)
    rm /etc/ssh/ssh_host_# ; dpkg-reconfigure openssh-server

View all 10 instructions

Enjoy this project?

Share

Discussions

Brian wrote 03/16/2017 at 12:51 point

Awesome project! Unfortunately the link to download the raspbian img file is not working. Is there an alternative link or link for the full code to this project?

  Are you sure? yes | no

manu wrote 09/19/2016 at 10:23 point

Hi!

My name is Manu! I have zrtp phone from chineese.

http://www.ultrative.com/pro1.asp?id=210

I have testet and it works very well. 

On the mainboard there is a serial pinout. I have fully access to phone.

But the software on it is quick and dirty programmed, many errors on boot. So i would  create my own software.

I have not found any other hardware phone on the net.

I have also tested the tool zebedee. It can tunnel udp packets with encryptet tcp stream. The key management is also diffie helleman. It works very well with iax2 and sip.

So i have a Secure-Box with FreeBSD and Zibidee that can tunnel every data secure over the net. Also i have testet, IAX2 encyption and zebedee, so you can make double encryption, works also very well.

If you intrested on some projects, please contact me.

Best wishes, manu

Sorry, for my bad english

  Are you sure? yes | no

Thebes wrote 06/27/2014 at 01:57 point
This phone is only as secure as the internet connected Raspberry Pi.
Pwn the Pi and it does not matter what the encryption is.
There is probably some as-yet-unknown way to Pwn the Pi... actually I'd be surprised if there weren't quite a few unknown vulnerabilities. Will the NSA find them before we do?

  Are you sure? yes | no

Yago wrote 06/27/2014 at 10:14 point
Indeed.

At least it does not have any other services listening, no flash player or any other piece of closed source shit.

I know, it has a closed GPU code and who knows what the BCM2835 SoC really do. But this board is the one I have at hand and it should be easy to replicate on other platforms.

  Are you sure? yes | no

Adam Fabio wrote 06/17/2014 at 03:59 point
Nice project - You never know who is listening these days! An encrypted hardwired phone is a good way to ensure your privacy. Careful with those cheap USB sound cards - While the output sounds pretty good, I've found that the input often is horrible. Thanks for entering your project in The Hackaday Prize, and keep the documentation rolling in!

  Are you sure? yes | no

Yago wrote 06/17/2014 at 09:07 point
Thank you Adam,
I'll try those USB soundcards and report how bad/good the perceived quality is.

  Are you sure? yes | no

Yago wrote 06/17/2014 at 09:23 point
Recorded some tests with audacity using a USB soundcard and a external mic and the recording sound seems to be OK :)

  Are you sure? yes | no

Similar Projects

Does this project spark your interest?

Become a member to follow this project and never miss any updates