[Asterisk-Dev] AES voice encryption for IAX2

Olle E. Johansson oej at edvina.net
Sun Apr 18 02:42:36 MST 2004


Tracy R Reed wrote:

> On Sun, Apr 18, 2004 at 02:33:24PM +1200, Derek Smithies spake thusly:
> 
>>Tracy,
>> I agree, tunnelling over ipsec/stunnel etc is better than reinventing the 
>>wheel by integrating encryption into IAX.
>> With one major exception.
>> The tunnelling mechanism must not send the udp packets as tcp.
>> The voice must be transmitted on the raw wire as UDP.
>> This is why CIPE is such a good mechanism for doing voip vpns.
> 
> 
> Indeed, you and hwstar are quite right on this one. I had forgotten about
> the udp issue. My clients have asked me on occasion what sort of security
> there is for voip conversations so I look forward to encryption in IAX.
> It's usually not a big deal though because they realize their normal
> analog voice conversations aren't encrypted either so it will be another
> point in favor of VOIP when encryption is standard.
> 
Encryption is a big deal, sometimes of the media, sometimes of the
signalling and sometimes of both.

Encryption of the SIP dialogue is important, considering users
with SIP INFO dtmf sending bank accounts and pin codes in clear text over the
internet...

/O



More information about the asterisk-dev mailing list