ZRTP is a draft of key agreement protocol proposed by Phil Zimmermann (the father of PGP),
which has been specifically designed with a specific setting in mind: voice communication.
The aim of this presentation is to discuss security issues related to the use of this protocol, starting
from an analysis of the protocol specification to conclude on discussing potential improvements to
the protocol or to the way of using it.

Regarding the first topic – probably the most technical part – in the past I have performed a rather
accurate analysis on draft 3 of the protocol by means of two different protocol verifiers (namely
AVISPA and Proverif), followed by an updated work on draft 4 (I gave a talk about this at the Net &
System Security meeting in November 2007). Nowadays the protocol has evolved to draft 11
(submitted on November 26th, 2008): it has not gone through substantial changes, but I am willing
to re-run the entire analysis to check this version, and I think P2P Conference 2009 would be a good
place to present the results to the community (at least at a high-level, eventually going deeper with
technicalities if the audience demands it).

Going further, there are some ways of improving the protocol or how it should be used: these
approaches essentially regard secure ways of verifying that the key exchange was successful, which
can be handled by the protocol itself with a slight modification, or by the software that implement
this protocol. I think that, after presenting these ideas, it would be interesting to discuss them with
people attending the conference.

Presentation and slides will be in English.