Security Projects
This folder holds some information about security related projects I'm involved in.
GNU ZRTP4J
I used the C++ implementation of GNU ZRTP to create its Java equivalent named GNU ZRTP4J. It implements the same set of protocol features as the C++ version.
Twinkle - the first SIP user agent with full featured ZRTP support
Thanks to Michel de Boer, who did a wonderful job implementing twinkle, we now have a secure twinkle - it supports SRTP and ZRTP to encrypt your media sessions. Phil Zimmermann specified ZRTP to perform key negotiation, key derivation, and authentication on top of RTP. Secure RTP (SRTP) uses these keys to encrypt and authenticate media data sent via RTP. ZRTP is a well defined protocol that received high attention. Reviewers say this protocol is the best, easiest to use way to encrypt RTP communication. You may get more information about ZRTP on Phil's site.
The GNU ccRTP project provides the infrastructure as it implements RTP, SRTP, and ZRTP. See here.
GNU ccRTP - now available with SRTP and ZRTP support
Recently I joined the GNU ccRTP development to enhance ccRTP with SRTP and ZRTP functionality. I used minisip's SRTP implementation and integrated it with GNU ccRTP. On top of this I used my own ZRTP implementation to enhance GNU ccRTP with ZRTP.
JuiCE - an implementation of a JCE provider based on OpenSSL.
Cryptographic algorithms make heavy use of bit operations and manipulation as well as computations with large numbers. Java has some drawbacks in this areas which often result in poor performance of pure Java JCE implmenetations.
The Apache JuiCE project offers a Java JCE that uses the well known openSSL library as it cryptographic backend. This is transparent to the user of the Java JCE - except for the fact of much better runtime performance.
Web Service Security for Java - WSS4J
This was my first project for Apache. It started during 2003 and the goal was to implement mechanisms for Axis to create SOAP requests that contain signed and encrypted parts.
The underlying specification is the OASIS Web Service Security specification.
