Forbes has an interview with Philip Zimmermann, the founder of ZRTP the VoIP encryption software available for free. In it, Zimmermann mentions why there is a need to encrypt VoIP more than with traditional telephony:
The traditional public telephone system that we’ve been using for the last hundred years is fairly well protected. It’s easy for the government to wiretap it by going to the phone company, but not easy for anyone else to wiretap it. If anyone else wanted to wiretap someone’s conversations, they’d have to find a place close to his or her office, get some alligator clips, and try to find the right wire out of thousands to clip them onto, and hope that nobody spots you doing it.
With traditional telephony, our threat model was mostly government wiretapping. With VoIP, anyone can wiretap us: the Russian mafia, foreign governments, hackers, disgruntled former employees. Anyone.
Historically, there’s been an asymmetry between government wiretapping and everyone else wiretapping that’s been in the government’s favor. As we migrate to VoIP, that differential collapses. The government itself is just as vulnerable. Wiretappers can reveal details of ongoing investigations, names and personal details of informants, conversations between officials and their wives about what time they pick up their kids at school.
Everyone thinks that VoIP is the future of telephony. It’s cheaper, more versatile, more feature-rich. So technological pressure herds us towards VoIP; we’ll have to encrypt it. Wiretapping will become so easy that the criminals–not just governments–will be able to do it routinely. There will be insider trading, blackmail, organized crime spying on judges and prosecutors, key witnesses killed before they can testify.
On his ZRTP and Zfone:
ZRTP is a protocol that defines how VoIP phones talk to each other in an encrypted way. Zfone is a program that we’ve developed for end users that employs ZTRP. They both use strong cryptographic algorithms to negotiate cryptographic keys between two parties without the participation of any phone company… They’re automatically created at the start of the call, and destroyed at the end. Only the two parties know the keys, and the phone company isn’t in a position where it can give the keys to a third party.
On why law enforcement agencies can still be doing their job:
From the point of view of law enforcement, traffic analysis can be quite useful. But for a criminal trying to get information for insider training, he’s only interested in the content. So encryption actually hits criminals harder than it hits law enforcement agencies.