login | register
Wed 01 of Aug, 2007 [09:22 UTC]

voip-info.org

Navigation
Today's Deals
Recently Visited Pages
Search with Google
Search this site with Google. Results may not include recent changes.

Web www.voip-info.org
Last Changes
Shoutbox
  • Aykut, Wed 01 of Aug, 2007 [07:53 UTC]: Hi all, does anybody know about Thomson ST2030 SIP phone. I have upgraded it to latest version (1.56) but "Hold" and "Conf" features are not working after the upgrade ?? Do you know any solution or do you have Ver. 1.52 ?? Where can I find it?
  • Edward J Brown, Tue 31 of Jul, 2007 [23:33 UTC]: Has anybody experienced Choppy voice quality when using a Linksys SPA942 in an Asterisk Conference bridge? It works fine with my polycom and Cisco, but sucks with my Linksys.
  • www.astawerks.com, Fri 27 of Jul, 2007 [18:00 UTC]: does anyone use asterisk on top of clark connect? does it work good?
  • simon, Fri 27 of Jul, 2007 [14:16 UTC]: Hi All, Has anyone here managed to get the Cisco79x1 to successfully fail over to the backup proxy. I have 2 asterisk servers , handsets all register and function, except that backup proxy function doesn't work. Any working example would be very apprecia
  • Matthew Richmond, Thu 26 of Jul, 2007 [03:40 UTC]: using the page() application to page across our building...often the meetme conferences don't disconnect after the caller hangs up. Anyone else having this problem. (using Polycom phones)
  • Matthew Richmond, Wed 25 of Jul, 2007 [02:58 UTC]: thanks Nicholas Blasgen! I haven't worked with AGI before, but there's always a first! Thanks again!
  • Nicholas Blasgen, Tue 24 of Jul, 2007 [19:18 UTC]: Matthew Richmond, AGI will handle all that for you.
  • sam, Mon 23 of Jul, 2007 [16:39 UTC]: need help - certain voicemail extension will stop working and recording voicemail on asterisk - anyone know why and how to fix it? Thanks
  • john haji, Mon 23 of Jul, 2007 [14:55 UTC]: free calls to pakistan
  • bong, Sat 21 of Jul, 2007 [19:09 UTC]: hi good day to all can anyone help me how to configured the nortel sip to the signaling server and how to activate in mobile w/ sip compatible without mcs
Server Stats
  • Execution time: 0.21s
  • Memory usage: 2.23MB
  • Database queries: 33
  • GZIP: Disabled
  • Server load: 2.33

Asterisk encryption

Asterisk encryption

As of now (Oct. 2005) Asterisk does not come with support for voice encryption. There appears to be basic (unfinished?) encryption support for IAX, but it is unclear to what degree that is usable. (Regrettably, a message that raised some issues about the security of the session key derivation method has not yet received any reply). Therefore the typical method for media path encryption is to use a VPN. Note that SSH tunneling is not a viable method for VoIP media path encryption.

The BSI (German national office for IT security) clearly recommends to a) separate voice and data IP networks and b) has a preference for TLS and SRTP over IPsec. Covert use of built-in microphones of hard- or softphones presents one of the many dangers.

Question: With the missing TLS support in Asterisk could we work around by using OpenSER with TLS in front of Asterisk, and then let Asterisk handle SRTP? Will that influence SIP clients behind NAT that need either the SER NAT helper or nat=yes in Asterisk?

Asterisk channel configuration


VoIP hard- and software with encryption features

Phones

Hardware

  • Grandstream phones: SRTP and TLS (not on all products/firmware releases); key exchange method is sdescription at least for GXP-2000 (no TLS support in this ones' firmware as of 2007-05-09); for the BT-200 Grandstream now lists ZRTP as a future feature (but don't hold your breath, it might still takes months or years).
  • Snom phones and Asterisk phone snom: SRTP, TLS (SIPS), AES - see posting in TLS phone configuration (in German). snom190 and snom3XX use different incompatible encryption methods. snom190: RFC3261, k header; snom360: RFC3711 SRTP ecncryption algorithm AES. AES is implemeted via sDescriptions as described in this document. The SNOM Wiki also has a few SIP traces. The SNOM 370 is supposed to get OpenVPN support, which is currently in beta (June 2007).
  • Zultys phones: SRTP, AES, VPN client
  • Sipura phones: See also this posting: "If you have access to their support web site, there were some documents that explain how to generate a certificate. However, once the certificate is generated (which I did on a FC3 stock box), one needed to send the certificate to Sipura for signing. When I asked where to send it, I was told to contact sales. I have not done that yet, but apparently there must be a charge to have that done since the support folks were referring me to sales." ... "Sipura uses a public key method. To enable a secure call, both devices need to be configured with a certificate signed by the same 'miniCA', and the key negotiation is sent in proprietary SIP INFO messages." ... "The mini certificate contains a 512-bit RSA modulus (n) as the Public Key, and a 1024-bit RSA modulus (n) is appended as the Public Key of the signing "CA". Both have a public exponent (e) of 0x10001 (65537). The Signature is a SHA1 message digest of the User Name, User ID, Expiration Date and Public Key padded with PKCS1 padding and encrypted with the private key of the "CA"."
  • Innovaphone: H.323/ISDN phone IP202 with integrated VPN client (IP400 also with SIP, but VPN?)
  • Azatel: details not specified
  • AVM Fritz!Box WLAN 7170 now has an experimental firmware with SRTP and TLS support (March 2007)

Software

  • minisip: With SRTP and MIKEY (but no sdescriptions); developed at KTH university, Stockholm; Linux only
  • WengoPhone 2.1: Comes with SRTP support (AES128 encryption algorithm)
  • Phoner lite softphone (using libSRTP and osip, but so far no TLS for securing the key exchange)
  • Snom softphone: Freely available for download, good for testing, simulates the SNOM 360; requires Win 2k/XP
  • Zultys softphone (Linux): Does the LIPZ4 support voice encryption? Not on the free version. Zultys will soon offer a paid license for enabling encryption that uses Secure RTP and AES encryption to transport voice traffic in a secure manner. You will be able to engage this function before or during a call by pressing the Encrypt button on the phone.

Cards

PBX with voice encryption

  • Sirrix PBX
  • pbxnsip: The PBX supports security by using sips/tls and srtp (via SDES). Was part of SNOM until 2005.
  • All Zultys voice systems
  • Mitel
  • Cisco
  • Avaya

Firewalls & Gateways

  • The OpenSER SIP proxy comes with TLS support
  • AudioCodes gateways (or just ATA?)
  • Ingate firewall
  • IAX_OpenVPN IAX2 over OpenVPN
  • Intertex is just about to release a new product revision with SRTP support (March 2007)

Ingate

Ingate Systems have recently implemented support in their SIP-aware firewalls for transcoding SIP calls between SRTP (negotiated via sdescriptions) and plain RTP, and they would like to do some interop testing:
"We have now concluded successful interop testing between a Snom 360 phone and an Ingate Firewall 1400. We ran SRTP over the internet. The Ingate Firewall transcoded it to unencrypted RTP and sent it to a Cisco 7960 phone (that, to my knowledge, don't support SRTP)."
The 1400 comes standard with a SIP proxy and a SIP registrar, support for NAT and PAT and TLS support for encrypted SIP signalling; for 10 - 1000 SIP users.

SIP providers & carriers

  • dus.net offers SRTP since Feb. 2007 (Germany, Duesseldorf)

Admin & attacker tools


Background

As of today (April 2007) almost everything is there and standardized for secure SIP calls, except for a - widely adopted - key exchange mechanism. MiKey is quite secure (end-to-end capable) but complicated due to the need for certificates, whereas sDescriptions (plain text key exchange via SIP Session Description) is probably the most wide-spread implementation, yet it is less insecure and requires TLS for enhanced security.

ZRTP has the potential to address all this and solve the situation, however hardware vendors would need to purchase ZRTP licenses and might be afraid of the relatively high burdens on their not-so-strong CPUs. ZRTP makes use of the Diffie-Hellmann mechanism that allows for a secure key exchange over insecure channels. At the IETF meeting in March 2007 ZRTP was intensively discussed, see also RTPSEC mailing list, with the result being that DTLS (TLS over UDP) was slightly favoured over ZRTP, whereas MIKEYv2 received very little support. As of now only Zfone and Twinkle implement ZRTP: Twinkle is a SIP client for Linux, whereas the open sourced Zfone (available for Windows, Linux, Mac) can add ZRTP encryption in front of any existing SIP softphone. Note that Counterpath, the makers of eyebeam and x-lite, have agreed to include ZRTP in their products.

One needs to clearly distinguish between endpoint-to-endpoint encryption and server-to-server encryption (aka hop-by-hop encryption). The ''sDescriptions", method, even if coupled with TLS, allows any SIP server that is in the signalling path to see the master key in plain text (but not the session key). However, using that master key to deduct the session key is not a simple undertaking, which means that SRTP does come with a lot of added value even if not coupled with TLS (which in turn requires SIP-over-TCP support, yet very few SIP clients have that).

In addtion to the media stream (RTP, voice) also the signalling itself (SIP) can/should be encrypted because it carries valuable information like "who talked to whom, and for how long". TLS and SIPS are the established means for signalling encryption.

SRTP without TLS/SIPS:
Taken from the SNOM FAQ: "Technically speaking SRTP doesn't make sense without having a TLS based signalling connection. However, the media is still secure even if SRTP is used without TLS. The master key sent in the INVITE is not used as such but is instead used to generate the actual SRTP encryption keys via AES. These keys are then used to encrypt the RTP. For a completely secure call, SRTP can be used in conjunction with a TLS signalling connection."

Question: So does SRTP without TLS or SIPS prevent the successfull use of e.g. 'vomit'?

Tentative answer: it depends on how smart the eavesdropping application is. If the master key is successfully eavesdropped, obtaining session keys is trivial; but if only the SRTP flow is sniffed, then the communication is secure.
Secure key management methods that don't use TLS do exist, but they may not be supported by the SIP standard. Unfortunately, being SIP the extensible monster it has become, it's hard to track just what is supported... The section 23 of RFC3261 suggests the use of S/MIME (eek!), and RFC3830 a method called MIKEY based on one of the three classic techniques: preshared secret, public-key encryption or Diffie-Hellman.
The adoption of such methods is not widespread, but Minisip contains a GPL'd MIKEY library.


Articles


See also


Go back to Asterisk

Created by JustRumours, Last modification by JustRumours on Wed 11 of Jul, 2007 [12:09 UTC]

Comments

Please update this page with new information, just login and click on the "Edit" or "Add Comment" button above. Get a free login here: Register Thanks! - support@voip-info.org

Page Changes | Comments

Sponsored by:
Terms of Service Privacy Policy
© 2003-2007 Arte Marketing, Inc.

Powered by bitweaver