{"id":"https://openalex.org/W2734823437","doi":"https://doi.org/10.1515/popets-2017-0025","title":"Wiretapping End-to-End Encrypted VoIP Calls: Real-World Attacks on ZRTP","display_name":"Wiretapping End-to-End Encrypted VoIP Calls: Real-World Attacks on ZRTP","publication_year":2017,"publication_date":"2017-07-01","ids":{"openalex":"https://openalex.org/W2734823437","doi":"https://doi.org/10.1515/popets-2017-0025","mag":"2734823437"},"language":"en","primary_location":{"id":"doi:10.1515/popets-2017-0025","is_oa":true,"landing_page_url":"https://doi.org/10.1515/popets-2017-0025","pdf_url":"https://content.sciendo.com/downloadpdf/journals/popets/2017/3/article-p4.pdf","source":{"id":"https://openalex.org/S4210183172","display_name":"Proceedings on Privacy Enhancing Technologies","issn_l":"2299-0984","issn":["2299-0984"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320322","host_organization_name":"De Gruyter Open","host_organization_lineage":["https://openalex.org/P4310320322","https://openalex.org/P4310313990"],"host_organization_lineage_names":["De Gruyter Open","De Gruyter"],"type":"journal"},"license":"cc-by-nc-nd","license_id":"https://openalex.org/licenses/cc-by-nc-nd","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings on Privacy Enhancing Technologies","raw_type":"journal-article"},"type":"article","indexed_in":["crossref","doaj"],"open_access":{"is_oa":true,"oa_status":"hybrid","oa_url":"https://content.sciendo.com/downloadpdf/journals/popets/2017/3/article-p4.pdf","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5079214602","display_name":"Dominik Sch\u00fcrmann","orcid":"https://orcid.org/0000-0002-6840-5683"},"institutions":[{"id":"https://openalex.org/I94509681","display_name":"Technische Universit\u00e4t Braunschweig","ror":"https://ror.org/010nsgg66","country_code":"DE","type":"education","lineage":["https://openalex.org/I94509681"]}],"countries":["DE"],"is_corresponding":true,"raw_author_name":"Dominik Sch\u00fcrmann","raw_affiliation_strings":["TU Braunschweig"],"affiliations":[{"raw_affiliation_string":"TU Braunschweig","institution_ids":["https://openalex.org/I94509681"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5022072667","display_name":"Fabian Kabus","orcid":null},"institutions":[{"id":"https://openalex.org/I94509681","display_name":"Technische Universit\u00e4t Braunschweig","ror":"https://ror.org/010nsgg66","country_code":"DE","type":"education","lineage":["https://openalex.org/I94509681"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Fabian Kabus","raw_affiliation_strings":["TU Braunschweig"],"affiliations":[{"raw_affiliation_string":"TU Braunschweig","institution_ids":["https://openalex.org/I94509681"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5054600087","display_name":"Gregor Hildermeier","orcid":null},"institutions":[{"id":"https://openalex.org/I94509681","display_name":"Technische Universit\u00e4t Braunschweig","ror":"https://ror.org/010nsgg66","country_code":"DE","type":"education","lineage":["https://openalex.org/I94509681"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Gregor Hildermeier","raw_affiliation_strings":["TU Braunschweig"],"affiliations":[{"raw_affiliation_string":"TU Braunschweig","institution_ids":["https://openalex.org/I94509681"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5070428847","display_name":"Lars Wolf","orcid":"https://orcid.org/0000-0001-9782-7765"},"institutions":[{"id":"https://openalex.org/I94509681","display_name":"Technische Universit\u00e4t Braunschweig","ror":"https://ror.org/010nsgg66","country_code":"DE","type":"education","lineage":["https://openalex.org/I94509681"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Lars Wolf","raw_affiliation_strings":["TU Braunschweig"],"affiliations":[{"raw_affiliation_string":"TU Braunschweig","institution_ids":["https://openalex.org/I94509681"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5079214602"],"corresponding_institution_ids":["https://openalex.org/I94509681"],"apc_list":null,"apc_paid":null,"fwci":0.2867,"has_fulltext":false,"cited_by_count":3,"citation_normalized_percentile":{"value":0.58579688,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":96},"biblio":{"volume":"2017","issue":"3","first_page":"4","last_page":"20"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10651","display_name":"IPv6, Mobility, Handover, Networks, Security","score":0.9990000128746033,"subfield":{"id":"https://openalex.org/subfields/2208","display_name":"Electrical and Electronic Engineering"},"field":{"id":"https://openalex.org/fields/22","display_name":"Engineering"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10651","display_name":"IPv6, Mobility, Handover, Networks, Security","score":0.9990000128746033,"subfield":{"id":"https://openalex.org/subfields/2208","display_name":"Electrical and Electronic Engineering"},"field":{"id":"https://openalex.org/fields/22","display_name":"Engineering"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11504","display_name":"Advanced Authentication Protocols Security","score":0.9973999857902527,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11800","display_name":"User Authentication and Security Systems","score":0.996999979019165,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/voice-over-ip","display_name":"Voice over IP","score":0.9386001825332642},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.7713211178779602},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7173020243644714},{"id":"https://openalex.org/keywords/vulnerability","display_name":"Vulnerability (computing)","score":0.6628870368003845},{"id":"https://openalex.org/keywords/authentication","display_name":"Authentication (law)","score":0.6278177499771118},{"id":"https://openalex.org/keywords/encryption","display_name":"Encryption","score":0.5882482528686523},{"id":"https://openalex.org/keywords/protocol","display_name":"Protocol (science)","score":0.5422923564910889},{"id":"https://openalex.org/keywords/computer-network","display_name":"Computer network","score":0.5375070571899414},{"id":"https://openalex.org/keywords/confidentiality","display_name":"Confidentiality","score":0.46846315264701843},{"id":"https://openalex.org/keywords/end-to-end-principle","display_name":"End-to-end principle","score":0.45477601885795593},{"id":"https://openalex.org/keywords/man-in-the-middle-attack","display_name":"Man-in-the-middle attack","score":0.4249551296234131},{"id":"https://openalex.org/keywords/key","display_name":"Key (lock)","score":0.4149817228317261},{"id":"https://openalex.org/keywords/internet-privacy","display_name":"Internet privacy","score":0.3657780885696411},{"id":"https://openalex.org/keywords/the-internet","display_name":"The Internet","score":0.1709674894809723},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.12831661105155945}],"concepts":[{"id":"https://openalex.org/C171246234","wikidata":"https://www.wikidata.org/wiki/Q81945","display_name":"Voice over IP","level":3,"score":0.9386001825332642},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.7713211178779602},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7173020243644714},{"id":"https://openalex.org/C95713431","wikidata":"https://www.wikidata.org/wiki/Q631425","display_name":"Vulnerability (computing)","level":2,"score":0.6628870368003845},{"id":"https://openalex.org/C148417208","wikidata":"https://www.wikidata.org/wiki/Q4825882","display_name":"Authentication (law)","level":2,"score":0.6278177499771118},{"id":"https://openalex.org/C148730421","wikidata":"https://www.wikidata.org/wiki/Q141090","display_name":"Encryption","level":2,"score":0.5882482528686523},{"id":"https://openalex.org/C2780385302","wikidata":"https://www.wikidata.org/wiki/Q367158","display_name":"Protocol (science)","level":3,"score":0.5422923564910889},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.5375070571899414},{"id":"https://openalex.org/C71745522","wikidata":"https://www.wikidata.org/wiki/Q2476929","display_name":"Confidentiality","level":2,"score":0.46846315264701843},{"id":"https://openalex.org/C74296488","wikidata":"https://www.wikidata.org/wiki/Q2527392","display_name":"End-to-end principle","level":2,"score":0.45477601885795593},{"id":"https://openalex.org/C196491621","wikidata":"https://www.wikidata.org/wiki/Q554830","display_name":"Man-in-the-middle attack","level":3,"score":0.4249551296234131},{"id":"https://openalex.org/C26517878","wikidata":"https://www.wikidata.org/wiki/Q228039","display_name":"Key (lock)","level":2,"score":0.4149817228317261},{"id":"https://openalex.org/C108827166","wikidata":"https://www.wikidata.org/wiki/Q175975","display_name":"Internet privacy","level":1,"score":0.3657780885696411},{"id":"https://openalex.org/C110875604","wikidata":"https://www.wikidata.org/wiki/Q75","display_name":"The Internet","level":2,"score":0.1709674894809723},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.12831661105155945},{"id":"https://openalex.org/C142724271","wikidata":"https://www.wikidata.org/wiki/Q7208","display_name":"Pathology","level":1,"score":0.0},{"id":"https://openalex.org/C71924100","wikidata":"https://www.wikidata.org/wiki/Q11190","display_name":"Medicine","level":0,"score":0.0},{"id":"https://openalex.org/C204787440","wikidata":"https://www.wikidata.org/wiki/Q188504","display_name":"Alternative medicine","level":2,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1515/popets-2017-0025","is_oa":true,"landing_page_url":"https://doi.org/10.1515/popets-2017-0025","pdf_url":"https://content.sciendo.com/downloadpdf/journals/popets/2017/3/article-p4.pdf","source":{"id":"https://openalex.org/S4210183172","display_name":"Proceedings on Privacy Enhancing Technologies","issn_l":"2299-0984","issn":["2299-0984"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320322","host_organization_name":"De Gruyter Open","host_organization_lineage":["https://openalex.org/P4310320322","https://openalex.org/P4310313990"],"host_organization_lineage_names":["De Gruyter Open","De Gruyter"],"type":"journal"},"license":"cc-by-nc-nd","license_id":"https://openalex.org/licenses/cc-by-nc-nd","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings on Privacy Enhancing Technologies","raw_type":"journal-article"},{"id":"pmh:oai:doaj.org/article:b72c8492152f46f4b8d879b7ceaee3fe","is_oa":true,"landing_page_url":"https://doaj.org/article/b72c8492152f46f4b8d879b7ceaee3fe","pdf_url":null,"source":{"id":"https://openalex.org/S112646816","display_name":"SHILAP Revista de lepidopterolog\u00eda","issn_l":"0300-5267","issn":["0300-5267","2340-4078"],"is_oa":true,"is_in_doaj":true,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"journal"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Proceedings on Privacy Enhancing Technologies, Vol 2017, Iss 3, Pp 4-20 (2017)","raw_type":"article"}],"best_oa_location":{"id":"doi:10.1515/popets-2017-0025","is_oa":true,"landing_page_url":"https://doi.org/10.1515/popets-2017-0025","pdf_url":"https://content.sciendo.com/downloadpdf/journals/popets/2017/3/article-p4.pdf","source":{"id":"https://openalex.org/S4210183172","display_name":"Proceedings on Privacy Enhancing Technologies","issn_l":"2299-0984","issn":["2299-0984"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320322","host_organization_name":"De Gruyter Open","host_organization_lineage":["https://openalex.org/P4310320322","https://openalex.org/P4310313990"],"host_organization_lineage_names":["De Gruyter Open","De Gruyter"],"type":"journal"},"license":"cc-by-nc-nd","license_id":"https://openalex.org/licenses/cc-by-nc-nd","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings on Privacy Enhancing Technologies","raw_type":"journal-article"},"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/16","display_name":"Peace, Justice and strong institutions","score":0.6700000166893005}],"awards":[],"funders":[],"has_content":{"pdf":true,"grobid_xml":true},"content_urls":{"pdf":"https://content.openalex.org/works/W2734823437.pdf","grobid_xml":"https://content.openalex.org/works/W2734823437.grobid-xml"},"referenced_works_count":22,"referenced_works":["https://openalex.org/W94530598","https://openalex.org/W841511836","https://openalex.org/W1511527793","https://openalex.org/W1528970400","https://openalex.org/W1544435806","https://openalex.org/W1550000763","https://openalex.org/W1590261923","https://openalex.org/W1618185284","https://openalex.org/W1909480331","https://openalex.org/W1975077087","https://openalex.org/W2058566445","https://openalex.org/W2092035184","https://openalex.org/W2098597420","https://openalex.org/W2106351828","https://openalex.org/W2126911504","https://openalex.org/W2128551894","https://openalex.org/W2200054775","https://openalex.org/W2395368405","https://openalex.org/W2410277931","https://openalex.org/W2487235368","https://openalex.org/W2510986846","https://openalex.org/W4300616995"],"related_works":["https://openalex.org/W2151675848","https://openalex.org/W2383950765","https://openalex.org/W2253962881","https://openalex.org/W4293497479","https://openalex.org/W2736591912","https://openalex.org/W1733128724","https://openalex.org/W1510376806","https://openalex.org/W3198877942","https://openalex.org/W2783999343","https://openalex.org/W2734823437"],"abstract_inverted_index":{"Abstract":[0],"Voice":[1],"calls":[2],"are":[3,135],"still":[4],"one":[5,69],"of":[6,33,53,113,148],"the":[7,40,62,72,100,105,114,142],"most":[8,115],"common":[9,116],"use":[10],"cases":[11],"for":[12],"smartphones.":[13],"Often,":[14],"sensitive":[15],"personal":[16],"information":[17,22],"but":[18],"also":[19],"confidential":[20],"business":[21],"is":[23,27,70,77],"shared.":[24],"End-to-end":[25],"security":[26,149],"required":[28],"to":[29,153],"protect":[30],"against":[31],"wiretapping":[32,71,129],"voice":[34],"calls.":[35],"For":[36],"such":[37],"real-time":[38],"communication,":[39],"ZRTP":[41,76,101],"key-agreement":[42],"protocol":[43,106],"has":[44],"been":[45],"proposed.":[46],"By":[47],"verbally":[48],"comparing":[49],"a":[50,124],"small":[51],"number":[52],"on-screen":[54],"characters":[55],"or":[56],"words,":[57],"called":[58],"Short":[59,132],"Authentication":[60,133],"Strings,":[61],"participants":[63],"can":[64],"be":[65],"sure":[66],"that":[67,127],"no":[68],"call.":[73],"Since":[74],"2011,":[75],"an":[78],"IETF":[79],"standard":[80],"implemented":[81],"in":[82,96,141],"several":[83],"VoIP":[84,94,118],"clients.":[85,119],"In":[86],"this":[87],"paper,":[88],"we":[89],"analyzed":[90],"attacks":[91],"on":[92],"real-world":[93],"systems,":[95],"particular":[97],"those":[98],"implementing":[99],"standard.":[102],"We":[103,138],"evaluate":[104],"compliance,":[107],"error":[108,144],"handling,":[109],"and":[110,146],"user":[111],"interfaces":[112],"ZRTP-capable":[117],"Our":[120],"extensive":[121],"analysis":[122],"uncovered":[123],"critical":[125],"vulnerability":[126],"allows":[128],"even":[130],"though":[131],"Strings":[134],"compared":[136],"correctly.":[137],"discuss":[139],"shortcomings":[140],"clients\u2019":[143],"handling":[145],"design":[147],"indicators":[150],"potentially":[151],"leading":[152],"insecure":[154],"connections.":[155]},"counts_by_year":[{"year":2021,"cited_by_count":1},{"year":2018,"cited_by_count":2}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}