Encryption guru returns with VOIP software

The man who almost single-handedly invented desktop encryption, Phil Zimmermann, is to announce a new telephony-oriented encryption venture at this week’s Black Hat security event in Las Vegas.

The new project is an encryption program to secure voice-over-IP (VOIP) traffic from being snooped on, especially across broadband links. It will reportedly be based on open-source Shtoom VOIP client software, with Zimmermann’s encryption integrated into the program.

The software has not yet been named and it is not clear what method of encryption it will use. The normal assumption is that it would use public key encryption — ideal for securing and authenticating data between multiple recipients — but unconfirmed reports suggest otherwise.

Zimmermann was not reachable for comment at the time of going to press, but it is likely that the sometimes complex administration of public key technology has pushed him to opt for a simpler scheme.

It is not the first time Zimmermann has used encryption with VOIP. A decade ago, he made available an application called PGPfone, though this achieved only modest success and is no longer current. Now, however, VOIP is booming, with the conversion of domestic voice calls to the medium looking to be only a matter time.

Zimmermann is also famous as the creator of Pretty Good Privacy (PGP), a desktop encryption program that was powerful enough that in the mid-1990s the U.S. authorities attempted to have its distribution stopped and Zimmermann imprisoned for writing it.

There is some disagreement about whether VOIP applications currently need encryption security, with a recent Gartner presentation pointing out that there were few known tools for eavesdropping with such traffic. However, history demonstrates conclusively that this will change as the application grows in popularity. It looks as if Zimmermann could have come up with a VOIP encryption application at just the right moment this time.