Encrypting instant messaging traffic

Encryption keeps others from intercepting and reading your instant message conversations. To encrypt instant messaging conversations, both parties must have ZoneAlarm Security Suite installed, have an account on the same IM service. Conversations will not be encrypted if the parties are not on each other's contact list, even if each has ZoneAlarm Security Suite installed.

When you initiate a conversation with another ZoneAlarm Security Suite user, and you both have encryption enabled for the IM service you're connected to, the word encryption appears in brackets after your contact's instant messaging ID. If you initiate a conversation with a contact who is not using ZoneAlarm Security Suite, or who does not have encryption enabled, you will see the word unencrypted after the contact's instant messaging ID.

Figure 11-5 shows an encrypted conversation.

Figure 11-5: Example of an encrypted conversation.

Here is the same conversation shown above, but in unencrypted mode this time.

Figure 11-6: Example of an unencrypted conversation

To enable or disable encryption for a particular IM service:

Select Security|Settings.


In the Encrypt column, click beside the service whose traffic you want to encrypt.


Select Allow or Block.

How instant messages are encrypted

ZoneAlarm Security Suite relies on the OpenSSL library for cryptographic services. The text of each message in a secure session is encrypted with the DES 56-bit cipher. ZoneAlarm Security Suite automatically and transparently creates a self-signed certificate for each of the user's IM accounts upon the first login. At the beginning of the first IM conversation between two ZoneAlarm Security Suite users after installing ZoneAlarm Security Suite, the certificates are transparently exchanged between the users and stored on their computers. The public key from one of the certificates is used to encrypt the session key to be used for the duration of the session.