Encrypted Voice, Video, and Chat Server
Remember when Skype used to be an encrypted service? Yes, back before Microsoft bought it....
Back then, it used to be an encrypted and secure service. After Microsoft bought it, that encrypted and seemingly secure service died. It died because Microsoft isn't the least bit interested in protecting your privacy. Most of you probably don't remember Skype's early days when the original creators meant for it to be a safe service. IAPS remembers it very well.....
We, the delevopers at IAPS Security Services, L.L.C. never agreed with the way that Skype operates now. All your chats, conversations, and video sessions are saved on Skype servers in plain text. All the Skype administrators, employees, cyber criminals, and government officials can see them any time their heart desires. This means that Skype officials can see all your potential dirty laundry, private conversations, your childrens online chat and video sessions, and your business conversations. If you type or say certain keywords your conversation is immediately flagged by Skype servers for analysis either by Skype administrators or by government spooks. Microsoft, who owns Skype now, is very much in bed with the U.S. Government and that is not going to change.
You may be saying to yourself "I'm a normal person. I have nothing to hide."
While that may be true, do you really want your elected officials being able to listen in on your chat and video sessions? What about if you were discussing divorce with your spouse? Or talking about a new product that your company is secretly developing? Would you want those details out in the open and unprotected? What if you were discussing your financial status online? Would you want your details just left out in the open?
Cyber criminals and government spooks are always combing the internet and Skype users are a prime target, not only because Skype has an enormous amount of users, but because Microsoft left the door wide open and took away your right to privacy by removing the encryption option the moment they bought out Skype from the original creators. Microsoft does not believe in your right to privacy and safety.
IAPS has decided to do something about this ourselves. We wanted to show our commitment to privacy and security for our clients, both normal users and business users alike. So we've setup an Open Source solution. No hidden code, no proprietary platforms. What you see is what you get.
IAPS firmly believes in the use of encryption. It provides safety, privacy, and assurances of a secure conversation. Not only does the IAPS service provide encryption for chats, but it goes alot further and also provides real-time encryption for audio and video chats. And this is encryption you can actually see. Each chat, audio and voice call will show you on-screen the security status of your communication session. You can choose to encrypt all communications or not. Its highly recommended that you always encrypt them.
What type of encryption is used? Its called ZRTP. ZRTP (composed of Z and Real-time Transport Protocol) is a cryptographic key-agreement protocol to negotiate the keys for encryption between two end points in a Voice over Internet Protocol (VoIP) phone telephony call based on the Real-time Transport Protocol. It uses Diffie–Hellman key exchange and the Secure Real-time Transport Protocol (SRTP) for encryption. ZRTP was developed by Phil Zimmermann, with help from Bryce Wilcox-O'Hearn, Colin Plumb, Jon Callas and Alan Johnston.
ZRTP ("Z" is a reference to its inventor Phil Zimmermann; "RTP" stands for Real-time Transport Protocol) is described in the Internet Draft as a "key agreement protocol which performs Diffie–Hellman key exchange during call setup in-band in the Real-time Transport Protocol (RTP) media stream which has been established using some other signaling protocol such as Session Initiation Protocol (SIP). This generates a shared secret which is then used to generate keys and salt for a Secure RTP (SRTP) session." One of ZRTP's features is that it does not rely on SIP signaling for the key management, or on any servers at all. It supports opportunistic encryption by auto-sensing if the other VoIP client supports ZRTP.
This protocol does not require prior shared secrets or rely on a Public key infrastructure (PKI) or on certification authorities, in fact ephemeral Diffie–Hellman keys are generated on each session establishment, which allows the complexity of creating and maintaining a trusted third-party to be bypassed.
These keys contribute to the generation of the session secret, from which the session key and parameters for SRTP sessions are derived, along with previously shared secrets (if any) this gives protection against man-in-the-middle (MiTM) attacks, so long as the attacker was not present in the first session between the two endpoints.
ZRTP can be used with any signaling protocol, including SIP, H.323, Jingle, and distributed hash table systems. ZRTP is independent of the signaling layer, because all its key negotiations occur via the RTP media stream.
ZRTP/S, a ZRTP protocol extension, can run on any kind of legacy telephony networks including GSM, UMTS, ISDN, PSTN, SATCOM, UHF/VHF radio, because it is a narrow-band bitstream-oriented protocol and performs all key negotiations inside the bitstream between two endpoints.
ZRTP provides a second layer of authentication against a MitM attack, based on a form of key continuity. It does this by caching some hashed key information for use in the next call, to be mixed in with the next call's DH shared secret, giving it key continuity properties analogous to SSH. If the MitM is not present in the first call, he is locked out of subsequent calls. Thus, even if the SAS is never used, most MitM attacks are stopped because the MitM was not present in the first call.
Encryption keys are never stored at the server level. They are generated on client-side software. This way IAPS and our servers never have a copy of your keys and we are never in a position to be forced to hand over those keys, because we simply don't possess them.
The servers used for this service are based on open source Linux servers. The client side software is also based on open source code. This entire project uses nothing proprietary. All source codes are completely open to inspection.
Remember, when your online - go encrypted. Someone is always trying to listen in.