|
|
Ninja Pro (CTI) with Type 1 Encryption
|
Existing encryption schemes for VoIP audio/video telephone conversations are only secure under the assumption that the employed lightweight encryption algorithms are secure, that the telephony server is not manipulated and that no Man-in-the-Middle Attack is mounted on any endpoint.
Ninja Pro (CTI) with Type 1 Encryption entirely overcomes the shortcomings of existing encryption schemes like SRTP. The implemented encryption scheme is based on proven technology that has received plenty of peer review and that provides for real security even if financially powerful Intelligence Agencies fully control the entire route between the two endpoints of a highly secure telephony session.
Click here to read full article.. 
Standard VoIP encryption is based on TLS/SRTP. TLS (Transport Layer Security) performs a Diffie-Hellman key exchange with the telephony server. If this server is under control by an attacker, all secure telephony conversations are (frankly speaking) less secure than any unencrypted telephone call.
Security hole #1: The Man-in-the-Middle Attack
TLS provides no mechanism that enables users to determine if their telephones are negotiating session keys with the server or a “middleman”. This attack is widely known as Man-in-the-Middle Attack (MitM). During the phone conversation will the middleman simply re-encrypt all user data and pass it on to the respective end points. This attack has previously been mounted successfully on SSL-encrypted homebanking sessions. TLS is equally vulnerable to this attack.
Security hole #2: Who is listening?
Another, probably even more critical imperfection associated with TLS/SRTP is the ability of the SIP service provider to re-encrypt the entire telephone conversation or to decrypt voice data and to route the phone conversation via plain old analog telephone lines to one of the participants and/or to a third party. In many countries it is mandatory that the government can tap each and every telephone line. TLS/SRTP complies perfectly with such laws.
Attackers act on the assumption that somebody who uses encryption technology has something to hide and that this information is potentially valuable. Does it really make sense from the perspective of a user to employ suboptimal encryption technology with lots of built-in security issues?
Well, probably not.
Truely secure VoIP communication: The Ninja Pro (CTI) SIP Softclient with Type 1 encryption
Type 1 encryption is the highest grade of data encryption that is in general solely available to Government Agencies. Through our partner PMC Ciphers, Inc. we have access to one of the latest developments in Type 1 encryption: the Polymorphic Cipher. The underlying idea has been state secret of Germany. In contrast to conventional ciphers where it is implicitly assumed that the cipher machine is not reprogrammable, Polymorphic Ciphers utilize the key to change the parameters of their operations.
Users who rely on AES can of course alternatively configure Ninja to employ AES encryption.
Ninja with Type 1 encryption makes sure that the entire route between all participants of a highly secure telephone conversation is off-limits to anybody, including in-house network administrators, well-funded and highly skilled Intelligence Agencies. Ninja with Type 1 encryption utilizes Peer-to-Peer encryption, which means that only the end points are able to decipher audio and video data and that everybody who taps the line has absolutely no chance to listen to the communication.
Similar to SSL and TLS, ephemeral Diffie-Hellman keys are generated on each session establishment. This allows to avoid the cost and complexity of a public key infrastructure (PKI). The decisive difference to SSL and TLS is that the DH key exchange employed by the Ninja SIP softclient is executed by the endpoints only – by the telephones themselves. Any proxy or any other middleman actively taking part in the key exchange is not tolerated by the protocol.
To ensure that no attacker is present when the session key is negotiated between two end points, the “Short Authentication String” method is employed: The two users at the end points of an encrypted telephone line acknowledge a shared value displayed by the user interfaces of the two Ninja softclients. If these two values differ, a Man-in-the-middle Attack has been mounted successfully and it is indicated to stop the conversation.
This is how it works:
Ninja with Type 1 encryption features perfect forward secrecy. Keying material is destroyed at the end of each session, which deprives an attacker of the possibility to try and get hold of the key to retroactively decrypt the recorded call.
Key continuity can additionally be implemented. If a portion of the key used for a previous session is used in the next call, key continuity in analogy to SSH is provided.
As the encryption module is integrated in the telephone itself, the solution is consistent. This avoids the decisive disadvantage of “glue solutions” like ZRTP. Users can be sure that all data packets of an encrypted VoIP call are actually encrypted and only ciphertext is exchanged between the telephones of the participants of an encrypted telephone conversation.
Further information about data encryption technology is available at www.pmc-ciphers.com.
1024 dit harddisk encryption from PMC Ciphers, Inc: www.turbocrypt.com.
|
|
|
only 99,95 € starting at 100 licenses |
- Includes all features of Ninja Pro (CTI)
- Diffie Hellman key exchange with Short Authentication String
- Polymorphic Type 1 encryption and alternatively AES encryption of payload data
- Outlook Integration with the best ease of use for Outlook/Exchange/Business Contact Manager (BCM)
- Reverse Lookup of Outlook contacts for incoming calls
- Telephone handling directly from MS Outlook, e.g. Accept call, Hold, Conference, etc.
- Includes Outlook CTI, TAPI, PHandler CTI features for SNOM 300,320,360 and Aastra 57i
- TSP (TAPI) support for 32 Bit operating systems
- Very realible program architecture
- WIN2000, WIN XP, WIN2003, VISTA 32/74 and Windows7 32/64 compatible
- Outlook 2000, 2002, XP, 2003, 2007, 2010 (ready) compatible
- Exchange folder, Business Contact Manager folder compatible
- Diffie Hellman key exchange with Short Authentication String
- Polymorphic Type 1 encryption and alternatively AES encryption of payload data
- TAPI Support [Global IP Tel TSP driver]
- Outlook CTI AddIn (Outlook 2000,2002,XP,2003,2007, 2010 (ready)
- Exchange, Business Contact Manager compatible
- SNOM & Aastra CTI Interface (Supported features are depending on specific hardware device)
- PHandler CTI
- Encrypted telephony [SRTP/TLS/AES encrypted]
- Touch-tones [DTMF]
- 6 Lines
- separately adjustable Ringtone, Speaker and Microfon
- Line Hold
- Line Transfer
- Further inquiry with Line Transfer
- Blind Transfer of a call
- Do Not Disturb
- Inbound Call "Ignore"
- Inbound Call forwarding to an internet voicebox
- Inbound Call forwarding to a local voicebox
- 7 Party Conferencing
- Auto-conference
- Multiple SIP Proxy Registration
- [10 Proxies]
- Dial/ Redial/Hangup
- Auto-answer
- Dynamic CODEC Selection
- Caller ID [SIP ID]
- Call Timer
- Silence Threshold
- Backspace/Clear/Delete
- Mute
- Microphone & Speakers Levels
- Microphone & Speakers Meters
- Anonymous calls
|
- Audio recording
- Redial
- Recent Calls Dialed, Received, missed
- Individual Ringtones
- Individual Voicebox messages
- Contact manager
- Changeable Skins
- 6 lines for simultaneous calls
- Intuitive user input interface & menu. Easy to to navigate and manage
- G.711a/G711u/PCM/G726 16 to 40 / GSM/Speex/iLBC included. [G.729 or G723 available on inquires with a co brand or private lable]
- NAT/Firewall support
- Adjustable and fixed SIP and RTP ports for better firewall support
- Supports Windows 98/NT4/ME/2000/Win2003/XP/VISTA32-64/Windows7
- TAPI (32Bit) Support for: Windows 2000/Win2003/XP/VISTA/Windows7
- DNS SRV configuration property supported
Video Support
- Video Codec H263
- Video format: SubQCIF, QCIF, CIF, 4CIF, 16CIF
- Choosable Frames per seconds (FPS - 5,10,15,20,25)
- 5 Quality levels for Videostream transfer (low, middle, high, excellent, LAN)
- Broadband wizard for automatical adjustment of FPS and best video quality
- Bandwidth wizard for automatic adjustment of video quality
|
|
 |
English |
 |
German |
|
 |
French |
 |
Spanish |
|
 |
Italian |
 |
Russian |
|
 |
Turkish |
 |
Arabic |
|
 |
Chinese |
 |
Swedish |
|
 |
Norwegian |
 |
Danish |
| Processor |
Minimum: Intel Pentium III 800 MHz or equivalent
Optimal: Pentium 4 2.4 GHz or better |
| Memory |
256 MB RAM |
| Hard disk space |
30 MB |
| Operating system |
Windows 2000
Windows XP Home
Windows XP Professional
Windows 2003
Windows Vista 32 Bit
Windows Vista 64 Bit
Windows 7 - 32 Bit
Windows 7 - 64 Bit |
| Connection |
IP network connection (broadband, LAN, wireless) |
| Sound board |
commercially available sound board |
| Webcam |
commercially available Webcam, e.g. recommended Logitech QuickCam Pro 9000 |
|
|
|
|