[Asterisk-Dev] AES voice encryption for IAX2

hwstar at rodgers.sdcoxmail.com hwstar at rodgers.sdcoxmail.com
Thu Apr 15 16:13:15 MST 2004 

I'm more interested in any information regarding the modification of the IAX2 protocol to allow encryption of
the media packets, call numbers, and the call state info.

Taking a look at the copy of the IAX2 protocol spec,
I see that it won't be trivial to modify the protocol
to protect the call numbers, call data and state information without significant structural change to the format of the headers.

IOTW: Time for IAX3?

One could protect the data by defining a special code (0xFFFF) for the call number field in IAX2 but this is a kludgy fix to an otherwise outstanding protocol. 

One could also re-direct encrypted traffic onto a new
source/destination port number pair ala HTTP/HTTPS, then
define a new header format which exposes minumal call information. 

Finally, we could define IAXS as a new and separate protocol
using a new known port number pair only used when encryption is necessary as encryption capable headers will make IAX less efficient.

Steve.






> 
> From: Jeremy McNamara <jj at nufone.net>
> Date: 2004/04/15 Thu PM 04:37:28 EDT
> To: asterisk-dev at lists.digium.com
> Subject: Re: [Asterisk-Dev] AES voice encryption for IAX2
> 
> hwstar at rodgers.sdcoxmail.com wrote:
> 
> >Is anyone working on getting the AES encryption code recently added to the Asterisk code base integrated into the IAX protocol. This came up as a question on the mailing lists a couple of months ago, and I was wondering if anything had changed since then. 
> >
> >Also a search on the buglist doesn't reveal anyone requesting encrypted IAX2 be added as a feature.
> >
> >  
> >
> 
> Digium and/or the author (i'm no lawyer) will have to motivate the 
> proper US Government paperwork before any high encryption (like AES) can 
> be legally distributed....Especially since Asterisk is such a globally 
> deployed piece of software.
> 
> 
> Jeremy McNamara
> 
> _______________________________________________
> Asterisk-Dev mailing list
> Asterisk-Dev at lists.digium.com
> http://lists.digium.com/mailman/listinfo/asterisk-dev
> To UNSUBSCRIBE or update options visit:
>    http://lists.digium.com/mailman/listinfo/asterisk-dev
>

More information about the asterisk-dev mailing list