[Asterisk-Dev] AES voice encryption for IAX2
Adam Hart
adam at teragen.com.au
Mon Apr 19 17:40:16 MST 2004
Duane wrote:
> Adam Hart wrote:
>
>> And how exactly is asterisk meant to know which user it should
>> authenicating against? My model solves the problem of not using
>> public key cryptography by exploiting the fact that both parties
>> already have a secret.. the password. If you don't know the username,
>> you won't know the password.
>
>
> You can also skip the password bit and use ADH (I think that's the
> right acronym, way too many TLAs), it makes it possible to have
> encryption without PKI and without passwords, obviously increases the
> risk to MitM attacks but this is all a matter of perspectives. If you
> are calling your neighbour to come over for a BBQ, you don't care if
> someone listens in really but having the comms channel encrypted in
> this simplistic manner prevents passive packet sniffing.
>
Good idea, ADH is public key crypto but hopefully isn't too processor
intensive (anyone know about this?) But yes, it's a good half way
between RSA and just MD5 challenge and response. I think that's actually
a better way for a default encryption. Establish a ADH session then do
the normal call setup (eg MD5 challenge and response, then (obviously)
the call)
<snip>
-Adam
More information about the asterisk-dev
mailing list