[Asterisk-Dev] Re: AES voice encryption for IAX2

James H. Cloos Jr. cloos at jhcloos.com
Fri Apr 16 14:44:59 MST 2004


>>>>> "Olle" == Olle E Johansson <oej at edvina.net> writes:

Olle> I can't believe [legal problems] are impossible to overcome,
Olle> since there's open source code out for SRTP ...

It is not the gpl release that is (should be?) the problem.
That just takes an email to resolve.

It is the commercial licensing that requires effort and probably cash
to deal with.  It even may still require a DoC audit of the code.

And some thoughts on how it ought to work:

In iax.conf there should be a option to specify whether encryption is
mandatory, prohibited or opportunistic.  Versions that do not support
encryption should be treated as an opportunistic node by a nodes that
do support encryption.  If one side is mandatory and the other either
refuses or is unable to encrypt then the link should fail w/ an error
to that effect.

At the protocol level, on any link where encryption is supported each
side should specify that they want to encrypt in the initial packet &
then negotiate an algorithm and key.  Algorithm negotiation should be
done just like codec negotiation is currently done.  The session keys
should be exchanged via EDH or RSA.  Keys also should be renegotiated
on regular intervals; how often can be a config option.  Once the key
and algorithm are negotiated the entire session should be encrypted.

Encrypting just the voice packets is not enough.

Trunks should use a single tuple for the entire link, not per session
w/in the trunk.  Regular key renegotiation is, of course, more urgent
on long lived trunks.

It is important that the protocol not be designed to only support one
crypto algorithm, even if the implementations only support aes at the
start.  Some users may be forced to use triple-des for administrative 
reasons; others may prefer something less resource-intensive on lower
powered boards.

-JimC
-- 
James H. Cloos, Jr. <cloos at jhcloos.com> <http://jhcloos.com>




More information about the asterisk-dev mailing list