Authentication Keywords

Matching SAS displayed on the devices of two communicating Silent Phone users means that the ZRTP negotiated encryption keys in use are the same. A MiTM (Man in The Middle) attack has not occurred and the conversation is secure. The authentication keywords change with each call and are destroyed after a call is completed.

A MiTM attack is when an attacker sits between two communicating end points, intercepting and forwarding data passed between the two as if he was not present. In doing so the attacker is able to eaves drop on communication between the two endpoints.

In the case of encrypted communications, the attacker will establish a secure connection with each end point acting as the other to each side. It is important to understand that two completely different encrypted communication legs are established during this attack. Both sides believe they have negotiated encrypted communications with the other, when in fact they are negotiated to the attacker. The attacker decrypts received information by one side, eavesdrops, re-encrypts the data, forwards it to the other side and the end points are none the wiser.

Silent Phone uses a Short Authentication String (SAS) to verify and confirm encryption key integrity as well as the user on the other side. They are the 2 randomly generated words you see on your screen when you call another subscriber for the first time.

The SAS is a hash of the session key derived from the ZRTP key negotiation between two users. If the user has the same SAS displayed on their device as the other user, then their client is using the same exact key as the other user, confirming a MiTM attack has not occurred. The conversation is secure.